search
HomeDiscordGitHubSponsor
githubEdit

Networking

A standard network resource layer that aligns with our Google Cloud platform design. A landing zone should be a prerequisite to deploying enterprise workloads in a cloud environment.

This layer provides platform teams with common networking resources like VPCs, subnets, DNS, and NATs. It is managed as code in pt-corpusarrow-up-right and provides a consistent foundation for all workloads.

hashtag
CIDR Blocks

The following CIDR blocks are available:

Cover
CIDRs

10.0.0.0/10

VPC

standard-shared

Cover
CIDRs

10.64.0.0/10

VPC

free

Cover
CIDRs

10.128.0.0/10

VPC

free

Cover
CIDRs

10.192.0.0/10

VPC

free

hashtag
VPC Name: standard-shared

This VPC uses the same sandbox, non-production, and production ranges. Each environment has a project and operates independently from each other. It uses the default size for the subnet's primary IP range, the subnet's secondary IP range for Pods, and the subnet's secondary IP range for Services.

GKE IPAM calculatorarrow-up-right

We break up the 10.0.0.0/10 CIDR block with the above calculator using the following inputs:

{
  "network": "10.0.0.0",
  "netmask": 10,
  "nodeNetmask": 21,
  "clusterNetmask": 15,
  "serviceNetmask": 21,
  "nodePodNetmask": "24",
  "masterNetwork": "UNIQUE",
  "locationType": "REGIONAL",
  "extraZones": 1
}

A Kubernetes VPC-native clusterarrow-up-right uses secondary rangesarrow-up-right for Pods & Services.

circle-info

The size of the cluster's secondary ranges determines the maximum number of Pods and Services for a given GKE cluster. The maximum number of nodes in the cluster is limited by the size of the cluster's subnet's primary IP address range and the cluster's Pod address range.

This will give us up to 31 clusters (in each /10), and each cluster will support the following:

  • Up to 510 nodes per cluster

  • Up to 2048 services per cluster

  • Up to 110 pods per node

All subnet CIDRs — primary, pod, service, and master — are defined together in the google_subnets map in pt-logosarrow-up-right and flow through pt-corpusarrow-up-right to pt-pneumaarrow-up-right. This keeps all network addressing consolidated in one place.

Cover
Cluster

pt-pneuma-us-east1-b

Primary CIDRs

10.62.0.0/21

Secondary PODs CIDRs

10.0.0.0/15

Secondary Services CIDRs

10.62.248.0/21

Master CIDRs

10.63.240.0/28

Cover
Cluster

pt-pneuma-us-east1-c

Primary CIDRs

10.62.8.0/21

Secondary PODs CIDRs

10.2.0.0/15

Secondary Services CIDRs

10.63.0.0/21

Master CIDRs

10.63.240.16/28

Cover
Cluster

pt-pneuma-us-east1-d

Primary CIDRs

10.62.16.0/21

Secondary PODs CIDRs

10.4.0.0/15

Secondary Services CIDRs

10.63.8.0/21

Master CIDRs

10.63.240.32/28

Cover
Cluster

pt-pneuma-us-east4-a

Primary CIDRs

10.62.24.0/21

Secondary PODs CIDRs

10.6.0.0/15

Secondary Services CIDRs

10.63.16.0/21

Master CIDRs

10.63.240.48/28

Cover
Cluster

pt-pneuma-us-east4-b

Primary CIDRs

10.62.32.0/21

Secondary PODs CIDRs

10.8.0.0/15

Secondary Services CIDRs

10.63.24.0/21

Master CIDRs

10.63.240.64/28

Cover
Cluster

pt-pneuma-us-east4-c

Primary CIDRs

10.62.40.0/21

Secondary PODs CIDRs

10.10.0.0/15

Secondary Services CIDRs

10.63.32.0/21

Master CIDRs

10.63.240.80/28

Last updated