Explained the 10.200.0.0/16 subnet
parent
2de198c0f7
commit
81db106fad
|
@ -67,7 +67,9 @@ https://cloud.google.com/compute/docs/vpc/firewalls
|
||||||
|
|
||||||
A GCP network also acts as a firewall. By default no connections are allowed from the outside world, and connections between instances are also forbidden. We can add firewall rules to allow our instances to talk to each other within the network.
|
A GCP network also acts as a firewall. By default no connections are allowed from the outside world, and connections between instances are also forbidden. We can add firewall rules to allow our instances to talk to each other within the network.
|
||||||
|
|
||||||
This creates a rule called `allow-internal` which allows TCP, UDP and ICMP connections between all machines in your `10.240.0.0/24` subnet, and also enables those machines to talk to the CIDR range `10.200.0.0/16`:
|
Kubernetes pods are assigned their own IP addresses independent of the instances ther are running on. We will be using the CIDR subnet `10.200.0.0/16` for this, configured in chapter 5 as the `--cluster-cidr` argument to `kube-controller-manager`.
|
||||||
|
|
||||||
|
Here we create a firewall rule called `allow-internal` which allows TCP, UDP and ICMP connections between the instances in your `10.240.0.0/24` subnet, and the Kubernetes pods that will live in the `10.200.0.0/16` range.
|
||||||
|
|
||||||
```
|
```
|
||||||
gcloud compute firewall-rules create allow-internal \
|
gcloud compute firewall-rules create allow-internal \
|
||||||
|
|
Loading…
Reference in New Issue