How kubernetes assigns podCIDR for nodes?

Question

I'm currently learning about Kubernetes networking.

What I've got so far, is that we have CNI plugins which takes care of handling network connectivity for pods - they create network interfaces inside a network namespace when a pod is created, they set up routes for the pod, etc. So basically kubernetes delegates some network-related tasks to the CNI plugins.

But I suppose there is some portion of networking tasks that kubernetes does by itself. For example - kubernetes assigns to each node a podCIDR.

For example, I've set up a kubernetes cluster using kubeadm, with the command:

 kubeadm init --pod-network-cidr=192.168.0.0/16 --kubernetes-version=1.24.0

And when I then look at the nodes I see that each received its own podCIDR range, for example:

 spec:
    podCIDR: 192.168.2.0/24
    podCIDRs:
    - 192.168.2.0/24

My question is: How does kubernetes calculate CIDR ranges for the nodes? Does it always assign a /24 subnet for each node?

score 0 · Answer 1 · answered Dec 04 '22 at 10:20

When you configure the maximum number of Pods per node for the cluster, Kubernetes uses this value to allocate a CIDR range for the nodes. You can calculate the maximum number of nodes on the cluster based on the cluster's secondary IP address range for Pods and the allocated CIDR range for the node.

Kubernetes assigns each node a range of IP addresses, a CIDR block, so that each Pod can have a unique IP address. The size of the CIDR block corresponds to the maximum number of Pods per node.

Also please refer to the similar SO & CIDR ranges for more information.

This answer doesn't solve OP's question – flyingfox Jul 05 '23 at 06:36 — flyingfox, Jul 05 '23 at 06:36

score 0 · Answer 2 · answered Jul 17 '23 at 11:45

How does kubernetes calculate CIDR ranges for the nodes?

Using CIDRAllocator. There are multiple types, see: https://github.com/kubernetes/kubernetes/blob/16534deedf1e3f7301b20041fafe15ff7f178904/pkg/controller/nodeipam/ipam/cidr_allocator.go#L39-L58

For instance, RangeAllocator uses CidrSet.AllocateNext() method to compute the next free CIDR range. See: https://github.com/kubernetes/kubernetes/blob/16534deedf1e3f7301b20041fafe15ff7f178904/pkg/controller/nodeipam/ipam/range_allocator.go#L274

Does it always assign a /24 subnet for each node?

It depends on you configuration. This can be configured via command line arguments of kube-controller-manager:

--node-cidr-mask-size int32
  Mask size for node cidr in cluster. Default is 24 for IPv4 and 64 for IPv6.

--node-cidr-mask-size-ipv4 int32
  Mask size for IPv4 node cidr in dual-stack cluster. Default is 24.

--node-cidr-mask-size-ipv6 int32
  Mask size for IPv6 node cidr in dual-stack cluster. Default is 64.

See https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/#options.

How kubernetes assigns podCIDR for nodes?

2 Answers2