In order to control the IP address ranges used to build team clusters, you can configure Network Assignments which allow Kore to allocate non-overlapping network address ranges to each cluster built.
This is required for any of the following scenarios:
- Your team's clusters may need to be peered directly with each other
- You may want to peer team clusters to shared management networks (including the network which hosts Kore itself)
- You may want to peer team clusters to VPNs or direct connections to on-premise networks.
Kore uses CIDR (Classless Inter-Domain Routing) notation to describe networks.
This uses the format
10.0.0.0/8) to describe a network and size, where
defines the start address of the network range, and
a describes how many significant bits are in
A few examples:
10.255.255.255available IPs: 16,777,216
10.1.255.255available IPs: 65,536
10.1.3.255available IPs: 512
10.1.2.255available IPs: 256
10.1.2.127available IPs: 128
10.1.2.255available IPs: 128
Firstly, you should consider how large each cluster network should be - the smallest supported is
/24, and you should consider how many workloads and how much auto-scaling is likely to be needed
by your teams to determine if this size is large enough.
AWS Worked Example
On AWS, Kore will split the allocated range for a cluster into subnets for each availability zone
and into public and private ranges, thus a
- 3 x
/28public subnets (11 usable IP addresses per AZ)
- 3 x
/26private subnets (59 usable IP addresses per AZ)
The next consideration is how many teams, and how many clusters you are likely to want. You should choose a network size to allocate which allows for this growth. Remember, you can always add further network ranges to Kore should an existing range be fully allocated.
/16 network assignment allows for 256
/24 clusters or 128
/23 clusters so is a good
If you are likely to want to peer your Kore-managed infrastructure with existing networks (on cloud or on premise), you should ensure that the range you select is compatible with those existing networks - i.e. delegated by your organization's network team for Kore to use. This will ensure these networks can be peered in future.
To add a range from the UI, choose Admin > Configure > Cloud > AWS, GCP or Azure > Network Assignments.
Here you can review any existing assignments, and add a new one. When adding a range, you specify the base address and size, as well as minimum, default and maximum network sizes which teams can request:
|Network||Start address of the network range|
|Size||Total size of the range to allocate from|
|Minimum||Smallest network size that can be chosen for a team cluster (counter-intuitively, this will have the highest number, e.g. |
|Default||Network size that team clusters will use unless they manually request a specific range, must be equal to or larger than the minimum, and equal to or smaller than the maximum, e.g. |
|Maximum||Largest network size that can be chosen for a team cluster (counter-intuitively, this will have the lowest number, e.g. |
To specify this through the CLI, you must prepare a YAML file for an AssignableNetwork such as the following:
This can then be applied using
kore apply -f. You can use
kore get assignablenetwork -t kore-admin to see existing network
kore edit assignablenetwork -t kore-admin [name] to
edit it inline.
Note that once a cluster has been built, its network allocation is fixed, so changes made in the Network Assignments section or by applying new network assignments via the CLI will only affect clusters built after the change is made.
If you remove all network allocations from a cloud provider, Kore will no longer allocate networks when creating clusters, thus any future clusters created will go back to using the default IP ranges assigned in the cluster plan.