我们从哪里获取 GCP 中私有 GKE 集群的控制平面 IP 范围?
Where do we get the Control Plane IP Range for Private GKE cluster in GCP?
我正在尝试创建私有 GKE 集群。
我有一个子网有两个次要 IP 范围(一个用于 pods,一个用于服务)。
但是,私有 GKE 集群还需要控制平面的 IP 地址范围。
我看过创建私有 GKE 集群的文档,我在他们的示例中看到他们要求您使用 172.16.0.32/28 作为控制 plane/master IP 范围。
我想了解的是,如果区域集群的控制平面 IP 范围由 GCP 管理? (如果有怎么找?)
或者,
我是否需要为控制平面创建一个单独的 VPC 网络?
解决第一个问题:
What I want to understand is that, if the control plane IP range is managed by GCP for a zonal cluster? (if yes how to find it?)
您可以分配 GKE 集群的控制平面将拥有的 IP 范围(在创建过程中)。
根据文档:
The control plane in private clusters
Every GKE cluster has a Kubernetes API server that is managed by the control plane (master). The control plane runs on a VM that is in a VPC network in a Google-owned project. A regional cluster has multiple control planes, each of which runs on its own VM.
-- Cloud.google.com: Kubernetes Engine: ... : Control plane in private clusters
解决第二个问题:
Do I need to create a separate VPC network altogether for the control plane?
不,您不需要为您的控制平面创建 VPC。它将为您创建。您的网络与控制平面之间的连接将使用 VPC Network Peering.
对等互连
您可以通过以下路径查看详情:
Cloud Console (Web UI) -> VPC Network -> VPC Networks -> VPC_NAME -> VPC Network Peering
@DawidKruk so that means I can enter an IP range (let's say /28) for control plane and will just make sure that it does not overlap with the subnet that I'm using for the cluster nodes, pods and services?
是的。你是对的。以下 ip 范围 不应重叠 :
PodsServicesControl planeVPC Network
其他资源:
我正在尝试创建私有 GKE 集群。
我有一个子网有两个次要 IP 范围(一个用于 pods,一个用于服务)。
但是,私有 GKE 集群还需要控制平面的 IP 地址范围。
我看过创建私有 GKE 集群的文档,我在他们的示例中看到他们要求您使用 172.16.0.32/28 作为控制 plane/master IP 范围。
我想了解的是,如果区域集群的控制平面 IP 范围由 GCP 管理? (如果有怎么找?)
或者,
我是否需要为控制平面创建一个单独的 VPC 网络?
解决第一个问题:
What I want to understand is that, if the control plane IP range is managed by GCP for a zonal cluster? (if yes how to find it?)
您可以分配 GKE 集群的控制平面将拥有的 IP 范围(在创建过程中)。
根据文档:
The control plane in private clusters
Every GKE cluster has a Kubernetes API server that is managed by the control plane (master). The control plane runs on a VM that is in a VPC network in a Google-owned project. A regional cluster has multiple control planes, each of which runs on its own VM.
-- Cloud.google.com: Kubernetes Engine: ... : Control plane in private clusters
解决第二个问题:
Do I need to create a separate VPC network altogether for the control plane?
不,您不需要为您的控制平面创建 VPC。它将为您创建。您的网络与控制平面之间的连接将使用 VPC Network Peering.
您可以通过以下路径查看详情:
Cloud Console (Web UI) -> VPC Network -> VPC Networks -> VPC_NAME -> VPC Network Peering
@DawidKruk so that means I can enter an IP range (let's say /28) for control plane and will just make sure that it does not overlap with the subnet that I'm using for the cluster nodes, pods and services?
是的。你是对的。以下 ip 范围 不应重叠 :
PodsServicesControl planeVPC Network
其他资源: