CIDR Blocks and Container Engine for Kubernetes

When configuring the VCN and the worker node and load balancer subnets for use with Container Engine for Kubernetes, you specify CIDR blocks to indicate the network addresses that can be allocated to the resources. See Network Resource Configuration for Cluster Creation and Deployment.

When creating a cluster with Container Engine for Kubernetes, you specify:

Note the following:

  • The CIDR block you specify for the VCN must not overlap with the CIDR block you specify for the Kubernetes services.
  • The CIDR blocks you specify for pods running in the cluster must not overlap with CIDR blocks you specify for worker node and load balancer subnets.
  • Each pod running on a worker node is assigned its own network address. Container Engine for Kubernetes allocates a /25 CIDR block of network addresses for each worker node in a cluster, to assign to pods running on that node. A /25 CIDR block equates to 128 distinct IP addresses, of which one is reserved. So a maximum of 127 network addresses are available to assign to pods running on each worker node (more than sufficient, given that the number of pods per node is capped at 110).
  • When you create a cluster, you specify a value for the cluster's Pods CIDR Block property, either implicitly in the case of a 'quick cluster' or explicitly in the case of a 'custom cluster'. You cannot change the cluster's Pods CIDR Block property after the cluster has been created. The cluster's Pods CIDR Block property constrains the maximum total number of network addresses available for allocation to pods running on all the nodes in the cluster, and therefore effectively limits the number of nodes in the cluster. By default, the cluster's Pods CIDR Block property is set to a /16 CIDR block, making 65,536 network addresses available for all the nodes in the cluster. Since 128 network addresses are allocated for each node, specifying a /16 CIDR block for the cluster's Pods CIDR Block property limits the number of nodes in the cluster to 512. This is generally sufficient. To support more than 512 nodes in a cluster, create a 'custom cluster' and specify a larger value for the cluster's Pods CIDR Block property when you create the cluster. For example, specify a /14 CIDR block for the cluster's Pods CIDR Block property to create a cluster with 262,144 network addresses available for the nodes in the cluster (more than sufficient, given that the number of nodes per cluster is capped at 1000).