Overview
Purpose
This document outlines the IP address allocation strategy for the ULZ Chat project, detailing the allocation for AKS clusters, PostgreSQL servers, Tyk Redis, and Azure Application Gateway. It ensures adherence to Azure service quotas and provides a scalable, efficient network design.
Scope
The scope includes key limits and requirements, a detailed IP allocation table, advantages and disadvantages of the approach, and a conclusion for each scenario.
Key Limits
Maximum nodes per cluster: 5,000
Maximum pods per node: 250 (Azure CNI and Kubenet)
Maximum total pods: 150,000 (derived from maximum nodes and pods per node)
Source: Azure Service Quotas and Limits
Worst-Case Scenario IP Allocation
Total IP Addresses Needed:
Total IP addresses for nodes: 5,000 (1 per node)
Total IP addresses for pods: 150,000
Total IP addresses for AKS cluster: 5,000 (nodes) + 150,000 (pods) = 155,000
Updated IP Allocation Table (Starting from 10.106.0.0):
Given the requirement to accommodate up to 155,000 IP addresses, we will use multiple /16 subnets.
Subnet Allocation Table
Component | Subnet Address | Range of Addresses | Useable IPs | Hosts |
|---|---|---|---|---|
AKS Nodes | 10.106.0.0/16 | 10.106.0.0 - 10.106.255.255 | 10.106.0.1 - 10.106.255.254 | 65,534 |
AKS Pods (1st Block) | 10.107.0.0/16 | 10.107.0.0 - 10.107.255.255 | 10.107.0.1 - 10.107.255.254 | 65,534 |
AKS Pods (2nd Block) | 10.108.0.0/16 | 10.108.0.0 - 10.108.255.255 | 10.108.0.1 - 10.108.255.254 | 65,534 |
AKS Pods (3rd Block) | 10.109.0.0/17 | 10.109.0.0 - 10.109.127.255 | 10.109.0.1 - 10.109.127.254 | 32,766 |
PostgreSQL Server | 10.109.128.0/24 | 10.109.128.0 - 10.109.128.255 | 10.109.128.1 - 10.109.128.254 | 254 |
Tyk Redis | 10.109.129.0/24 | 10.109.129.0 - 10.109.129.255 | 10.109.129.1 - 10.109.129.254 | 254 |
Azure App Gateway | 10.109.130.0/24 | 10.109.130.0 - 10.109.130.255 | 10.109.130.1 - 10.109.130.254 | 254 |
Network Size Necessary:
To cover all the subnet requirements, a network size of 10.106.0.0/14 is necessary. This range provides sufficient IP addresses to cover all subnets for AKS nodes, pods, and additional services.
Detailed Breakdown:
AKS Nodes:
Allocated 10.106.0.0/16 providing 65,534 usable IP addresses.
Sufficient for 5,000 nodes.
AKS Pods:
Allocated three /16 subnets and one /17 subnet to provide the necessary IP addresses.
First Block: 10.107.0.0/16
Second Block: 10.108.0.0/16
Third Block: 10.109.0.0/17
Total of 195,368 IP addresses (though only 150,000 are needed, the extra provides buffer for other configurations and administrative purposes).
PostgreSQL Server:
Allocated 10.109.128.0/24 providing 254 usable IP addresses.
Sufficient for a highly available PostgreSQL server setup.
Tyk Redis:
Allocated 10.109.129.0/24 providing 254 usable IP addresses.
Sufficient for a highly available Redis setup.
Azure App Gateway:
Allocated 10.109.130.0/24 providing 254 usable IP addresses.
Sufficient for a highly available Application Gateway setup.
Advantages:
Scalability: Easily supports large clusters with up to 5,000 nodes and 150,000 pods.
Simplicity: Simplified management due to fewer subnets and larger address blocks.
Buffer Capacity: Provides a buffer of extra IP addresses, enhancing flexibility for future expansions or additional services.
Component Perspective:
Nodes and Pods: Ample IP addresses reduce the need for frequent reconfiguration.
Database and Redis: Large subnets ensure that IP address allocation is never a limiting factor for scaling services.
Disadvantages:
Wastage of IP Addresses: Potential wastage of IP addresses as /16 subnets provide a large number of addresses, some of which may remain unused.
Routing Complexity: Larger subnets can lead to more complex routing configurations and potential performance issues in very large networks.
Component Perspective:
Nodes and Pods: Larger address blocks might make it challenging to isolate network issues quickly.
Database and Redis: Oversized subnets might lead to underutilized IP spaces, adding unnecessary overhead.
Conclusion
This IP allocation ensures that the AKS cluster can scale up to the maximum limits defined by Azure service quotas and limits, while efficiently using IP addresses and avoiding overprovisioning. It provides the required IP addresses for nodes and pods, as well as sufficient addresses for other critical services such as PostgreSQL, Redis, and Azure Application Gateway.
Subnet Allocation Table of Unique
Scenario: For networks requiring a balance between scalability and efficient use of addresses, a moderate allocation strategy is ideal. This approach provides a good balance between address space and routing complexity, with room for future expansion.
This table provides a detailed allocation of subnets based on the Unique configurations , ensuring efficient use of IP addresses and adherence to best practices.
Subnet Allocation Table
Component | Subnet Address | Range of Addresses | Useable IPs | Hosts |
|---|---|---|---|---|
AKS Nodes | 10.106.0.0/24 | 10.106.0.0 - 10.106.0.255 | 10.106.0.1 - 10.106.0.254 | 254 |
AKS Pods | 10.106.1.0/20 | 10.106.1.0 - 10.106.15.255 | 10.106.1.1 - 10.106.15.254 | 4,094 |
App Gateway | 10.106.16.0/28 | 10.106.16.0 - 10.106.16.15 | 10.106.16.1 - 10.106.16.14 | 14 |
Tyk Redis | 10.106.17.0/28 | 10.106.17.0 - 10.106.17.15 | 10.106.17.1 - 10.106.17.14 | 14 |
PostgreSQL Server | 10.106.18.0/28 | 10.106.18.0 - 10.106.18.15 | 10.106.18.1 - 10.106.18.14 | 14 |
Network Size Necessary:
To cover all the subnet requirements, a network size of 10.106.0.0/16 is necessary. This range provides sufficient IP addresses to cover all subnets for AKS nodes, pods, and additional services.
Detailed Breakdown:
AKS Nodes:
Allocated 10.106.0.0/24 providing 254 usable IP addresses.
This subnet is dedicated to AKS nodes.
AKS Pods:
Allocated 10.106.1.0/20 providing 4,094 usable IP addresses.
This subnet is large enough to accommodate the required number of pods.
App Gateway:
Allocated 10.106.16.0/28 providing 14 usable IP addresses.
Sufficient for the Azure Application Gateway setup.
Tyk Redis:
Allocated 10.106.17.0/28 providing 14 usable IP addresses.
Sufficient for a highly available Redis setup.
PostgreSQL Server:
Allocated 10.106.18.0/28 providing 14 usable IP addresses.
Sufficient for a highly available PostgreSQL server setup.
Advantages:
Efficient Use of Addresses: Smaller subnets reduce the likelihood of wasting IP addresses.
Improved Performance: Smaller subnets can lead to simpler routing and improved network performance.
Flexibility: Offers flexibility in addressing and can be adjusted based on specific service requirements.
Component Perspective:
Nodes and Pods: Allows for better isolation and security management within the cluster.
Database and Redis: Allocations are tightly matched to needs, reducing wastage.
Disadvantages:
Complex Management: Managing a larger number of smaller subnets can be more complex.
Limited Scalability: Smaller subnets may require reconfiguration or additional subnets as the network grows.
Component Perspective:
Nodes and Pods: May require more frequent updates and reconfiguration as the cluster grows.
Database and Redis: Multiple smaller subnets could complicate network configuration and monitoring.
Conclusion
This subnet allocation ensures that the AKS cluster and supporting services have the necessary IP addresses while maintaining efficient use of the address space.
Subnet Allocation Table with least IP addresses allocation
Scenario: For smaller networks where the scale is limited, it is essential to use IP addresses efficiently to avoid wastage and simplify network management.
This table provides a detailed allocation of subnets based on a network of /22, ensuring efficient use of IP addresses and adherence to best practices.
Subnet Allocation Table
Component | Subnet Address | Range of Addresses | Useable IPs | Hosts |
|---|---|---|---|---|
AKS Nodes | 10.106.0.0/24 | 10.106.0.0 - 10.106.0.255 | 10.106.0.1 - 10.106.0.254 | 254 |
AKS Pods | 10.106.1.0/20 | 10.106.1.0 - 10.106.15.255 | 10.106.1.1 - 10.106.15.254 | 4,094 |
App Gateway | 10.106.16.0/28 | 10.106.16.0 - 10.106.16.15 | 10.106.16.1 - 10.106.16.14 | 14 |
Tyk Redis | 10.106.16.16/28 | 10.106.16.16 - 10.106.16.31 | 10.106.16.17 - 10.106.16.30 | 14 |
PostgreSQL Server | 10.106.16.32/28 | 10.106.16.32 - 10.106.16.47 | 10.106.16.33 - 10.106.16.46 | 14 |
Reserved for Future Use | 10.106.16.48/28 | 10.106.16.48 - 10.106.16.63 | 10.106.16.49 - 10.106.16.62 | 14 |
Detailed Breakdown:
AKS Nodes:
Allocated 10.106.0.0/24 providing 254 usable IP addresses.
This subnet is dedicated to AKS nodes.
AKS Pods:
Allocated 10.106.1.0/20 providing 4,094 usable IP addresses.
This subnet is large enough to accommodate the required number of pods.
App Gateway:
Allocated 10.106.16.0/28 providing 14 usable IP addresses.
Sufficient for the Azure Application Gateway setup.
Tyk Redis:
Allocated 10.106.16.16/28 providing 14 usable IP addresses.
Sufficient for a highly available Redis setup.
PostgreSQL Server:
Allocated 10.106.16.32/28 providing 14 usable IP addresses.
Sufficient for a highly available PostgreSQL server setup.
Reserved for Future Use:
Allocated 10.106.16.48/28 providing 14 usable IP addresses.
Reserved for future expansion or additional services.
Advantages:
Balanced Approach: Provides a good balance between address space and routing complexity.
Future-Proofing: Reserved subnets allow for future expansion without significant reconfiguration.
Efficient Use of Addresses: Ensures efficient use of IP addresses with minimal wastage.
Component Perspective:
Nodes and Pods: Adequate IP space for growth while maintaining simplicity in management.
Database and Redis: Reserved subnets ensure room for future enhancements and scale-out.
Disadvantages:
Moderate Scalability: May not be sufficient for very large networks or those expecting rapid growth.
Management Complexity: Similar to /24 and /20 allocations, managing multiple subnets can add complexity.
Component Perspective:
Nodes and Pods: Might hit IP limits sooner than with larger subnets.
Database and Redis: Less buffer space compared to /16, which might require careful planning.
Conclusion
This subnet allocation within a /22 network ensures that the AKS cluster and supporting services have the necessary IP addresses while maintaining efficient use of the address space. The allocations are designed to fit within the defined range, allowing for future growth and additional services.
Author |
|---|