https://github.com/julie-ng/cloudkube-networking-iac

Separate IaC repo for networking
https://github.com/julie-ng/cloudkube-networking-iac

Last synced: 7 months ago
JSON representation

Separate IaC repo for networking

• Host: GitHub
• URL: https://github.com/julie-ng/cloudkube-networking-iac
• Owner: julie-ng
• License: mit
• Created: 2024-04-30T09:57:26.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2024-05-01T06:09:40.000Z (over 1 year ago)
• Last Synced: 2025-02-01T02:41:45.001Z (8 months ago)
• Language: HCL
• Homepage:
• Size: 19.5 KB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE.md

Awesome Lists containing this project

README

          
# cloudkube.io - Networking infrastructure

Separating out networking infrastructure from [julie-ng/cloudkube-aks-clusters](https://github.com/julie-ng/cloudkube-aks-clusters)  because networking has longer lifecycle than AKS clusters.

## Managed Resources

- **Resource Group**: `cloudkube-${env}-networking-rg` 

- **Virtual Network**: `cloudkube-${env}-vnet` 

- **Subne**: `aks-nodes-subnet` 

- **Subnet**: `aks-api-server-subnet` - [for API Server VNet integration](https://learn.microsoft.com/en-us/azure/aks/api-server-vnet-integration) 

- **Static Public I**: `cloudkube-${env}-aks-ingress-ip` - referenced for DNS records in [cloudkube-shared-infra](https://github.com/julie-ng/cloudkube-shared-infra) 

## IP Address Planning 

See also [Docs: Azure CNI IP Address Planning](https://learn.microsoft.com/en-us/azure/aks/azure-cni-overview#plan-ip-addressing-for-your-cluster).

### Managed IP Addresses

The following is defined in this repo

| Name | Address Space | # IPs |

|:--|:--|:--|

| Virtual Network | `10.0.0.0/16` | 65k |

| Subnet for AKS Nodes | `10.0.4.0/22` | 1024 |

| Subnet for API Server | `10.0.8.0/24` | 256|

### Reserved IP Addresses

| Name | Address | Notes |

|:--|:--|:--|

| Reserved for AKS Service | `10.0.0.0/22` | Do not use. |

| Reserved for K8s DNS Service IP* | `10.0.0.2` | Must exist in reserved for AKS service range and _not_ be the first address. |

> [!WARNING]

> Do not use this space, which is reserved for Kubernetes services. If there is an overlap, Azure gives [`ServiceCidrOverlapExistingSubnetsCidr`](https://learn.microsoft.com/en-us/troubleshoot/azure/azure-kubernetes/create-upgrade-delete/error-code-servicecidroverlapexistingsubnetscidr) error.

## Usage

Initialize Terraform

```bash

terraform init

```

Preview infra changes and pass in environment specific params, e.g. `environments/dev.tfvars` to `-var-file` flag.

```bash

terraform plan -var-file=environments/dev.tfvars -o plan.tfplan

```

If satisifed, apply changes

```bash

terraform apply plan.tfplan

```

> [!NOTE]

> This repo (currently) uses local state file.