relationship between subnet mask and kubernetes master ip mask

Question

I have a subnet mask for my subnet set to 10.0.0.0/9. When setting up kubernetes, google asks for a master ip range for kubernets. I set this to 10.0.0.0/28 but I have no idea if this is correct or how these two things are related? Is there any info on that?

Also, did I do that right? I assume the kubernetes has to be using the ips of the subnet.

thanks, Dean

Answer 1

"Master IP Range" is only relevant in GKE when you enable Private Network.

When creating a private cluster, the Master IP Range has the following information message:

Master IP range is a private RFC 1918 range for the master's VPC. The master range must not overlap with any subnet in your cluster's VPC. The master and your cluster use VPC peering to communicate privately. This setting is permanent.

• Since 10.0.0.0/28 is a range inside 10.0.0.0/9, it will not effectively isolate the cluster. I Created a vpc subnet with 10.0.0.0/9 and tried to create the cluster with Master IP Range 10.0.0.0/28, look at the message I get while creating it:

If you look at Creating a Private GKE Cluster you can find many configuration examples for different access types.

Example: If your subnet is 10.0.0.0/9 you must use a Master IP Range outside of that range.

• Since the first half of /9 ends in 10.127.255.255 you can set master network to be anything inside 10.128.0.0/9, 172.16.0.0/12 or 192.168.0.0/16 as long it does not overlaps any other vpc or subnet in your project.

Here you can learn more about GKE Networking.

If you have any doubts let me know in the comments.