Search code examples
google-cloud-platformgoogle-kubernetes-enginegke-networking

Is the Google managed service range (34.118.224.0/20) supported for standard, private, GKE clusters?


I asked a related question here: Can I have the Google managed service range on a standard gke cluster created with Terraform- non auto-pilot

This question is specific to standard (non-autopilot), private clusters. I cannot get GKE to provision a private cluster with the new managed 34.118.224.0/20.

Now it is a private cluster, but 34.118.224.0/20 is special and my expectation was that the cluster would not have to be public to use that special managed range because all Google customers can assign all their clusters this same range- does public/private really apply to this magic non rfc 1918 range?

When I create new private clusters through the UI and check off Automatically create secondary ranges I get ranges like this, not from the managed range:

enter image description here

Now I can choose it manually and I have to check another box if I do: enter image description here

I tried that and when creating the cluster it was on "configuring" for 30+ minutes then failed with the error:

Retry budget exhausted (80 attempts): Google Compute Engine: Invalid value for field 'resource.secondaryIpRanges[3].ipCidrRange': '34.118.224.0/20'. Invalid IP address range.

It would be nice to get a definitive answer here. The docs have nothing say about a GKE cluster that is standard, private, and using the Google managed service range configuration. I don't think this config is especially obscure, I want a private cluster and use this new fully managed service range.

Can someone confirm if this is supported?


Solution

  • The Google-managed services range 34.118.224.0/20 is currently only supported on Autopilot clusters. Hopefully support for Standard clusters will roll out later this year.