Networking

A standard network resource layer that aligns with our Google Cloud landing zone platform design. A landing zone should be a prerequisite to deploying enterprise workloads in a cloud environment.

This layer provides platform teams with common networking resources like VPCs, VPNs, DNS, and NATs. It's a lower-level layer and, in most cases, isn't geared toward stream-aligned teams. Terraform manages it and provides a consistent experience for developers to consume common resources.

Providing several standard services across an organization is critical to enabling fast flow and eliminating low-level tasks for teams.

CIDR Blocks

The following CIDR blocks are available:

VPC Name: `standard-shared`

This VPC uses the same sandbox, non-production, and production ranges. Each environment has a project and operates independently from each other. It uses the default size for the subnet's primary IP range, the subnet's secondary IP range for Pods, and the subnet's secondary IP range for Services.

GKE IPAM calculator

We break up the 10.0.0.0/10 CIDR block with the above calculator using the following inputs:

{
 "network": "10.0.0.0",
 "netmask": 10,
 "nodeNetmask": 21,
 "clusterNetmask": 15,
 "serviceNetmask": 21,
 "nodePodNetmask": "24",
 "masterNetwork": "UNIQUE",
 "locationType": "REGIONAL",
 "extraZones": 1
}

A Kubernetes VPC-native cluster uses secondary ranges for Pods & Services.

The size of the cluster's secondary ranges determines the maximum number of Pods and Services for a given GKE cluster. The maximum number of nodes in the cluster is limited by the size of the cluster's subnet's primary IP address range and the cluster's Pod address range.

This will give us up to 31 clusters (in each /10), and each cluster will support the following:

Up to 510 nodes per cluster
Up to 2048 services per cluster
Up to 110 pods per node

Last updated 1 month ago

CIDR Blocks

VPC Name: standard-shared

VPC Name: `standard-shared`