search
HomeDiscordGitHubSponsor
githubEdit

Networking

A standard network resource layer that aligns with our Google Cloud landing zone platform design. A landing zone should be a prerequisite to deploying enterprise workloads in a cloud environment.

This layer provides platform teams with common networking resources like VPCs, VPNs, DNS, and NATs. It's a lower-level layer and, in most cases, isn't geared toward stream-aligned teams. Terraform manages it and provides a consistent experience for developers to consume common resources.

Providing several standard services across an organization is critical to enabling fast flow and eliminating low-level tasks for teams.

hashtag
CIDR Blocks

The following CIDR blocks are available:

Cover
CIDRs

10.0.0.0/10

VPC

standard-shared

Cover
CIDRs

10.64.0.0/10

VPC

free

Cover
CIDRs

10.128.0.0/10

VPC

free

Cover
CIDRs

10.192.0.0/10

VPC

free

hashtag
VPC Name: standard-shared

This VPC uses the same sandbox, non-production, and production ranges. Each environment has a project and operates independently from each other. It uses the default size for the subnet's primary IP range, the subnet's secondary IP range for Pods, and the subnet's secondary IP range for Services.

GKE IPAM calculatorarrow-up-right

We break up the 10.0.0.0/10 CIDR block with the above calculator using the following inputs:

{
 "network": "10.0.0.0",
 "netmask": 10,
 "nodeNetmask": 21,
 "clusterNetmask": 15,
 "serviceNetmask": 21,
 "nodePodNetmask": "24",
 "masterNetwork": "UNIQUE",
 "locationType": "REGIONAL",
 "extraZones": 1
}

A Kubernetes VPC-native clusterarrow-up-right uses secondary rangesarrow-up-right for Pods & Services.

circle-info

The size of the cluster's secondary ranges determines the maximum number of Pods and Services for a given GKE cluster. The maximum number of nodes in the cluster is limited by the size of the cluster's subnet's primary IP address range and the cluster's Pod address range.

This will give us up to 31 clusters (in each /10), and each cluster will support the following:

  • Up to 510 nodes per cluster

  • Up to 2048 services per cluster

  • Up to 110 pods per node

Cover
Cluster

services-us-east1-b

Primary CIDRs

10.62.0.0/21

Secondary PODs CIDRs

10.0.0.0/15

Secondary Services CIDRs

10.62.248.0/21

Master CIDRs

10.63.240.0/28

Cover
Cluster

services-us-east1-c

Primary CIDRs

10.62.8.0/21

Secondary PODs CIDRs

10.2.0.0/15

Secondary Services CIDRs

10.63.0.0/21

Master CIDRs

10.63.240.16/28

Cover
Cluster

services-us-east1-d

Primary CIDRs

10.62.16.0/21

Secondary PODs CIDRs

10.4.0.0/15

Secondary Services CIDRs

10.63.8.0/21

Master CIDRs

10.63.240.32/28

Cover
Cluster

services-us-east4-a

Primary CIDRs

10.62.24.0/21

Secondary PODs CIDRs

10.6.0.0/15

Secondary Services CIDRs

10.63.16.0/21

Master CIDRs

10.63.240.48/28

Cover
Cluster

services-us-east4-b

Primary CIDRs

10.62.32.0/21

Secondary PODs CIDRs

10.8.0.0/15

Secondary Services CIDRs

10.63.24.0/21

Master CIDRs

10.63.240.64/28

Cover
Cluster

services-us-east4-c

Primary CIDRs

10.62.40.0/21

Secondary PODs CIDRs

10.10.0.0/15

Secondary Services CIDRs

10.63.32.0/21

Master CIDRs

10.63.240.80/28

Last updated