Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(vnets) add 2 public subnets for ci.jenkins.io agents and controller #62

Merged
merged 1 commit into from
Apr 13, 2023
Merged

feat(vnets) add 2 public subnets for ci.jenkins.io agents and controller #62

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 22 additions & 2 deletions vnets.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -124,15 +124,35 @@ resource "azurerm_subnet" "publick8s_tier" {
name = "publick8s-tier"
resource_group_name = azurerm_resource_group.public.name
virtual_network_name = azurerm_virtual_network.public.name
address_prefixes = ["10.245.0.0/24", "fd00:db8:deca:deed::/64"] # smaller size as we're using kubenet (required by dual-stack AKS cluster), which allocate one IP per node instead of one IP per pod (in case of Azure CNI)
address_prefixes = [
"10.245.0.0/24", # 10.245.0.1 - 10.245.0.254
"fd00:db8:deca:deed::/64", # smaller size as we're using kubenet (required by dual-stack AKS cluster), which allocate one IP per node instead of one IP per pod (in case of Azure CNI)
]
}

# Dedicated subnet for machine to machine private communications
resource "azurerm_subnet" "public_vnet_data_tier" {
name = "${azurerm_virtual_network.public.name}-data-tier"
resource_group_name = azurerm_resource_group.public.name
virtual_network_name = azurerm_virtual_network.public.name
address_prefixes = ["10.245.1.0/24"]
address_prefixes = ["10.245.1.0/24"] # 10.245.1.1 - 10.245.1.254
}

# Dedicated subnets for ci.jenkins.io (controller and agents)
resource "azurerm_subnet" "public_vnet_ci_jenkins_io_agents" {
name = "${azurerm_virtual_network.public.name}-ci_jenkins_io_agents"
resource_group_name = azurerm_resource_group.public.name
virtual_network_name = azurerm_virtual_network.public.name
address_prefixes = ["10.245.2.0/23"] # 10.245.2.1 - 10.245.3.254
}
resource "azurerm_subnet" "public_vnet_ci_jenkins_io_controller" {
name = "${azurerm_virtual_network.public.name}-ci_jenkins_io_controller"
resource_group_name = azurerm_resource_group.public.name
virtual_network_name = azurerm_virtual_network.public.name
address_prefixes = [
"10.245.4.0/24", # 10.245.4.1 - 10.245.4.254
"fdb5:c0c9:9cfc:7658::/64", # smaller size as it only need to support public IPv6 for ci.jenkins.io controller
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I know very little about ipv6 as I've never really used it but this seems to show /64 being very big?
https://docs.netgate.com/pfsense/en/latest/network/ipv6/subnets.html

but I could be wrong.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Went through the same thought process, until I learnt that IETF recommends a /64 for subnets most of the time:

A /64 is a standard size IPv6 subnet as defined by the IETF. It is smallest subnet that can used locally if auto configuration is desired.

Good thing with IPv6, as I understand it, is that overlap won't be a problem as the Prefix cna be used accordingly (compared to the IPv4 CIDR and subnets).

]
}

## Peering
Expand Down