I'm looking for a way to separate specific subsets of the Kubernetes Services CIDR for different applications. For instance, is it possible to set up something like this?
- 10.98.32.0/20 for App A
- 10.108.128.0/18 for App B
- 10.100.64.0/19 for App C
Could I configure the Services CIDR in this way?
3 Answers
What’s the reason behind wanting to do this?
You can allocate subnets for different namespaces using kube ovn, but I'm not sure if it's really worth the effort for your use case.
You can definitely achieve what you're looking for, though I haven't personally implemented it myself. Some folks have done this using tools like vCluster or Multus. However, think about your application architecture carefully; tightly coupling your IP space to the underlying infrastructure can make your setup pretty fragile. It's often better to manage IP requirements outside Kubernetes using external load balancers to keep things neat and abstracted.
I’m considering it for security reasons. I’m working on integrating Tailscale with Kubernetes and trying to find the best way to expose certain Kubernetes CIDRs to my tailnet.