Why not use a large subnet to address IP exhaustion in AKS Azure CNI?

Question

I'm reading several articles on planning IP addressing for AKS K8S cluster when using Azure CNI such as this one. They all describe the risk of IP exhaustion and recommend reducing maximum pods per node down to 30. The examples all seem to show CIDR examples such as /21.

My question is, why not just use a large subnet such as /16? Wouldn't 65,536 ip address be more than enough for most scenarios for IP exhaustion to not be a concern? What am I missing?

The examples you read are exactly that; examples. Whenever you do an implementation you select the actual ip-ranges and subnet sizes that are relevant to your requirements. — Bob, Apr 08 '21 at 10:52

score 0 · Accepted Answer · answered Apr 14 '21 at 14:05

It's perfectly find to use a large subnet to account for planned IP expansion, and if you can do this that's great. However, most people who are connecting AKS to existing networks don't have that luxury and need to work with smaller assigned address spaces. The examples mentioned are to help deal with that.

Why not use a large subnet to address IP exhaustion in AKS Azure CNI?

1 Answers1