diff --git a/CHANGELOG.md b/CHANGELOG.md index 677e09b8..c20c9c2d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Added - Chart: Allow to enable `auditd` through `global.components.auditd.enabled`. +- Chart: Add `global.connectivity.network.pods.nodeCidrMaskSize` to schema. ## [1.3.1] - 2024-09-19 diff --git a/helm/cluster-aws/README.md b/helm/cluster-aws/README.md index f5303188..fee23054 100644 --- a/helm/cluster-aws/README.md +++ b/helm/cluster-aws/README.md @@ -279,6 +279,7 @@ Properties within the `.global.connectivity` object | `global.connectivity.network.pods` | **Pods**|**Type:** `object`<br/>| | `global.connectivity.network.pods.cidrBlocks` | **Pod subnets** - CIDR blocks used for pods. Right now, only one block is supported.<br/><br/>**Note if you use `global.connectivity.cilium.ipamMode=eni` (https://docs.cilium.io/en/latest/network/concepts/ipam/eni/#ipam-eni):** this will be associated as secondary VPC CIDR. Therefore, only sizes /16 to /28 sizes are possible (see https://docs.aws.amazon.com/vpc/latest/userguide/vpc-cidr-blocks.html). And `global.connectivity.eniModePodSubnets` must be a valid split of the CIDR you chose here – we recommend setting `10.1.0.0/16` here for ENI mode because the default values for `global.connectivity.eniModePodSubnets` match that CIDR.|**Type:** `array`<br/>**Default:** `["100.64.0.0/12"]`| | `global.connectivity.network.pods.cidrBlocks[*]` | **Pod subnet** - IPv4 address range for pods, in CIDR notation.|**Type:** `string`<br/>**Example:** `"10.244.0.0/16"`<br/>| +| `global.connectivity.network.pods.nodeCidrMaskSize` | **Node CIDR mask size** - The size of the mask that is used for the node CIDR. The node CIDR is a sub-range of the pod CIDR and so the mask size and pod CIDR must be chosen such that there is enough space for the maximum number of nodes in the cluster.|**Type:** `integer`<br/>**Default:** `24`| | `global.connectivity.network.services` | **Services**|**Type:** `object`<br/>| | `global.connectivity.network.services.cidrBlocks` | **K8s Service subnets**|**Type:** `array`<br/>**Default:** `["172.31.0.0/16"]`| | `global.connectivity.network.services.cidrBlocks[*]` | **Service subnet** - IPv4 address range for kubernetes services, in CIDR notation.|**Type:** `string`<br/>**Example:** `"172.31.0.0/16"`<br/>| diff --git a/helm/cluster-aws/values.schema.json b/helm/cluster-aws/values.schema.json index 03b99242..5644cae9 100644 --- a/helm/cluster-aws/values.schema.json +++ b/helm/cluster-aws/values.schema.json @@ -1187,6 +1187,14 @@ ], "maxItems": 1, "minItems": 1 + }, + "nodeCidrMaskSize": { + "type": "integer", + "title": "Node CIDR mask size", + "description": "The size of the mask that is used for the node CIDR. The node CIDR is a sub-range of the pod CIDR and so the mask size and pod CIDR must be chosen such that there is enough space for the maximum number of nodes in the cluster.", + "default": 24, + "maximum": 27, + "minimum": 16 } } }, diff --git a/helm/cluster-aws/values.yaml b/helm/cluster-aws/values.yaml index 1e9cb869..268358bc 100644 --- a/helm/cluster-aws/values.yaml +++ b/helm/cluster-aws/values.yaml @@ -333,6 +333,7 @@ global: pods: cidrBlocks: - 100.64.0.0/12 + nodeCidrMaskSize: 24 services: cidrBlocks: - 172.31.0.0/16