Skip to main content

IP Management

Configuring IP Address Range Allocations

Scope

To control the IP address ranges used to build workspace clusters, you can configure network assignments that allow Wayfinder to allocate non-overlapping network address ranges to each cluster built.

This is required for any of these scenarios:

  • Your workspace's clusters may need to be peered directly with each other.
  • You may want to peer workspace clusters to shared management networks, including the network that hosts Wayfinder itself.
  • You may want to peer workspace clusters to VPNs or direct connections to on-premise networks.

CLI Quick Reference

InstructionCLI Command
List existing network assignmentswf get assignablenetwork -w admin
Apply an assignable network yaml filewf apply -f PATH-TO-FILE.yaml
Edit a network assignmentwf edit assignablenetwork -w admin NAME

CIDR notation

Wayfinder uses CIDR (Classless Inter-Domain Routing) notation to describe networks.

This uses the format w.x.y.z/a (e.g. 10.0.0.0/8) to describe a network and size, where w.x.y.z defines the start address of the network range, and a describes how many significant bits are in that address.

A few examples:

  • 10.0.0.0/8: 10.0.0.0 - 10.255.255.255 available IPs: 16,777,216
  • 10.1.0.0/16: 10.1.0.0 - 10.1.255.255 available IPs: 65,536
  • 10.1.2.0/23: 10.1.2.0 - 10.1.3.255 available IPs: 512
  • 10.1.2.0/24: 10.1.2.0 - 10.1.2.255 available IPs: 256
  • 10.1.2.0/25: 10.1.2.0 - 10.1.2.127 available IPs: 128
  • 10.1.2.128/25: 10.1.2.128 - 10.1.2.255 available IPs: 128

Deciding network range(s) to allocate

First, you should consider how large each cluster network should be—the smallest supported is /24. You should also consider how many workloads and how much auto-scaling is likely to be needed by your workspaces to determine if this size is large enough.

AWS example

On AWS, Wayfinder splits the allocated range for a cluster into subnets for each availability zone and into public and private ranges. So a /24 gives:

  • 3 x /28 public subnets (11 usable IP addresses per AZ)
  • 3 x /26 private subnets (59 usable IP addresses per AZ)

The next consideration is how many workspaces, and how many clusters you are likely to want. You should allocate a network size that allows for this growth. Remember, you can always add more network ranges to Wayfinder if an existing range is fully allocated.

A /16 network assignment allows for 256 /24 clusters or 128 /23 clusters so is a good starting point.

If you are likely to want to peer your Wayfinder-managed infrastructure with existing networks (on cloud or on premise), ensure that the range you select is compatible with those existing networks, i.e, it is a range delegated by your organization's network team for Wayfinder to use. This will ensure these networks can be peered in the future.


Add a network allocation

You can add network allocations to AWS, GKE, and Azure clouds. When you add these allocations for a cloud provider, any new cluster plan or cluster created for that cloud provider has the option to auto-assign network ranges.

CloudSupported network types
EKSNodes
AKSNodes, Services
GKENodes, Services, Pods

You can add a range using the CLI or using Wayfinder's web interface.


Add using the CLI

To add a range from the CLI:

  1. (Optional) List existing network assignments:

wf get assignablenetwork -w admin

  1. Prepare a .yaml file for an AssignableNetwork, such as the following:
apiVersion: networks.appvia.io/v2beta1
kind: AssignableNetwork
metadata:
  name: eks
  namespace: wf-admin
spec:
  provider: eks
  networks:
  - defaultMask: 21
    range: 10.20.0.0/16 # we should be able to fit 32 clusters in the range
    min: 21
    max: 24
    type: node
  provider: eks
  1. Apply the .yaml file using wf apply:

wf apply -f PATH-TO-FILE.yaml

  1. (Optional) To edit a network assignment, run:

wf edit assignablenetwork -w admin NAME

See wf edit.


Add using Wayfinder's web interface

To add a range using Wayfinder's web interface

  1. Click Admin, navigate to **Kubernetes > Cluster Networking **
  2. Click the cloud provider that you want to add a plan for, for example, Microsoft Azure.
  3. Click the + IP Range button to add an IP range.
  4. Enter the values as outlined in the Cluster Plan's Network properties section.

Options differ based on which cloud you selected.

Set up an ip range

Changing network allocations

Once a cluster is built, its network allocation is fixed. Changes made to network assignments only affect clusters built after the change is made.


Removing network allocations

If you remove all network allocations from a cloud provider, Wayfinder will not allocate networks when creating clusters. Therefore, any future clusters created will use the default IP ranges assigned in the cluster plan.

Last updated