Posted On: Oct 5, 2020
Amazon Elastic Kubernetes Service (EKS) now supports a configurable Kubernetes service IP address range. This enables customers with clusters running in a peered or direct connected network environment to ensure that their pods can communicate with external applications on networks outside the cluster.
A Kubernetes service is an abstract way to expose an application running on a set of pods as a network service. Kubernetes assigns a stable, reliable IP address to each newly created service from the cluster's pool of available service IP addresses. Previously, Amazon EKS automatically chose a value for this range based on the primary CIDR block of the Amazon VPC used by the cluster. While this worked for most cases, customers with VPCs peered to on-premise networks or other Amazon VPCs found that the EKS chosen Kubernetes service IP address range may conflict with other IP ranges in use across their network. This resulted in pods being unable to communicate with certain applications that reside on peered networks external to the cluster.
Now, EKS users can configure the Kubernetes service IP address range on cluster creation. Customers who operate clusters in a peered or direct connected network environment can ensure pods are able to communicate with external services available across their networks.
The Kubernetes service IP address range can be configured for all newly created EKS clusters using the AWS SDKs, Console, CloudFormation, or eksctl. Visit the Amazon EKS documentation to learn more.