Understanding Kubernetes Network Subnets
Kubernetes automates the deployment of its management services and the pods associated with deployed capabilities to master and worker nodes. As part of this process, it allocates a unique IP address to each service and pod.
In order to do so, Kubernetes must be provided with a reserved range of private network IP addresses for its services (service-CIDR parameter, default is 172.17.17.0/24) and a separate reserved range of private network IP addresses for pods (pod-CIDR parameter, default is 172.16.0.0/16).
The two IP ranges must not overlap, must not be allocated to other systems in the network, and are provided to Kubernetes at install time by specifying a network subnet in Classless Inter-Domain Routing (CIDR) format. CIDR notation includes an IP address, a slash ('/') character, and a network prefix (a decimal number).
The minimum useful network prefix is /24 and the maximum useful network prefix is /8. The default value is 172.16.0.0/16. For example:
POD_CIDR=172.16.0.0/16
The pod-CIDR IP range must contain an adequate number of IP addresses to accommodate the functions of all of the pods deployed to the cluster. Each node in the cluster is allocated a segment of the pod-CIDR IP range for use by the pods that are deployed to that node as determined by the pod-CIDR-subnetlen parameter.
The default value for pod-cidr-subnetlen is automatically computed depending on the value of pod-CIDR, as described below. The default value of pod-CIDR-subnetlen is expected to be adequate. However, if for some unexpected reason you find that pods on nodes run out of available IP addresses, you can set the pod-CIDR-subnetlen parameter to a value that makes more IP addresses available to each node.
| POD_CIDR Prefix | POD_CIDR_SUBNETLEN defaults | POD_CIDR_SUBNETLEN allowed values |
| /8 to /21 | /24 | /(POD_CIDR prefix + 3) to /27 |
| /22 to /24 | /(POD_CIDR prefix + 3) | /(POD_CIDR prefix + 3) to /27 |
Smaller prefix values indicate a larger number of available addresses. The minimum useful network prefix is /27 and the maximum useful network prefix is /12. The default value is 172.17.17.0/24.