VMware NSX Container Plugin 3.2

4.2 4.1 4.0 3.2 3.1 3.0
简体中文 Deutsch Español Français Italiano 日本語 한국어 繁體中文 English

Configuring Subnets for a Kubernetes Namespace

When you create a Kubernetes namespace, you can specify subnets for the namespace with the annotation
ncp/subnets
 if SNAT is not configured for the namespace. The subnets will be used to allocate IP addresses to the pods in the namespace.
To enable this feature, set
enable_namespace_subnets
 to
True
 under the
[K8s]
 section in
ncp.ini
. The default is
False
. Once set to
True
, you must not set it back to
False
.
Details about this feature:
  • The value of the
    ncp/subnets
     annotation should be a comma-separated list of IP addresses in CIDR format.
  • You can update the annotation with additional subnets.
  • If a pod is created in the namespace and no IP address from the subnets is available, the namespace is annotated with the error
    NAMESPACE_SUBNETS_EXHAUSTED
    . You can update the
    ncp/subnets
     annotation with additional subnets and the pod will be allocated an IP address.
  • You can remove a subnet from the annotation if no IP address has been allocated from it.
  • This feature is only supported in policy mode.
  • This feature is only supported for new namespaces.
  • Adding the annotation to an existing namespace is not supported. The namespace will be annotated with the error
    SUBNETS_ON_EXISTING_NAMESPACE_NOT_SUPPORTED
    .
  • Removing the annotation is not supported. If you remove the annotation, NCP will add it back and log a warning in the NCP log.
  • This feature is not supported on Tanzu Application Service (TAS), Tanzu Kubernetes Grid Integrated (TKGI), or vSphere with Kubernetes.
  • Both IPv4 and IPv6 are supported.
  • Removing a subnet from the annotation will be ignored if an IP address from the subnet has been allocated. NCP will add the subnet back and log an error.

Content feedback and comments