Kubernetes networking model

The container network interface (CNI) is responsible for providing IP addresses to the pods that are running in Kubernetes and programming the worker nodes to route the packets according to the Kubernetes networking model Opens in a new tab .

The pod IPs are drawn from an IP pool that was created at installation time and usually must be selected from within the RFC1918 private network range. These IPs, also called the pod network CIDR, are confined to within the Kubernetes cluster, and are specified at IBM® Cloud Private installation time by using the network_cidr parameter in config.yaml in CIDR notation. The network_cidr size must be selected with the size appropriate to the number of pods that are expected to run across the cluster.

Note: The selected subnet must not conflict with any network resources outside of the cluster that containers might need to communicate with, including one or more subnets that cluster nodes are on.**

conflicting CIDRs

As shown in the example, the network_cidr(10.1.0.0/16, which is the default value in config.yaml) and service_cluster_ip_range(10.0.0.1/24, which is the default value in config.yaml) conflict with the infrastructure network CIDR 10.0.0.0/8. This can break the communication between the pods and the legacy non-cloud-native-workload. To avoid such situations, the attributes network_cidr and service_cluster_ip_range in cluster.yaml and config.yaml must be set so that they don't conflict with the infrastructure CIDR.