From 73e258ee76d1e23fee61cc0b39e9d34595aecad4 Mon Sep 17 00:00:00 2001 From: Jiangtian Li Date: Tue, 23 Jan 2018 11:51:59 -0800 Subject: [PATCH] Update custom vnet doc --- docs/custom-vnet.md | 2 +- docs/kubernetes/features.md | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/custom-vnet.md b/docs/custom-vnet.md index fe706e33ce..6039acf873 100644 --- a/docs/custom-vnet.md +++ b/docs/custom-vnet.md @@ -4,7 +4,7 @@ By doing this, you will be able to control the properties of the virtual network *Note: This article describes the procedure with Docker Swarm but it will work in the exact same way with the all the orchestrators available with ACS Engine: Docker Swarm, Kubernetes and DC/OS.* -*For Kubernetes, the cluster should be deployed in the same resource group than the virtual network and the service principal you use for the cluster needs permissions on the VNET resource's group too* +*For Kubernetes, the cluster should be deployed in the same resource group than the virtual network and the service principal you use for the cluster needs permissions on the VNET resource's group too. Custom VNET for Kubernetes Windows cluster has a [known issue](https://github.com/Azure/acs-engine/issues/1767).* ## Prerequisites You can run this walkthrough on OS X, Windows, or Linux. diff --git a/docs/kubernetes/features.md b/docs/kubernetes/features.md index 61060e49c9..ad2239d141 100644 --- a/docs/kubernetes/features.md +++ b/docs/kubernetes/features.md @@ -167,6 +167,8 @@ Per default Calico still allows all communication within the cluster. Using Kube ## Custom VNET +*Note: Custom VNET for Kubernetes Windows cluster has a [known issue](https://github.com/Azure/acs-engine/issues/1767).* + ACS Engine supports deploying into an existing VNET. Operators must specify the ARM path/id of Subnets for the `masterProfile` and any `agentPoolProfiles`, as well as the first IP address to use for static IP allocation in `firstConsecutiveStaticIP`. Please note that in any azure subnet, the first four and the last ip address is reserved and can not be used. Additionally, each POD now gets the IP address from the Subnet. As a result, for the master nodes, enough IP addresses (equal to `ipAddressCount`) should be available beyond `firstConsecutiveStaticIP`. By default, the `ipAddressCount` has a value of 30, and can be changed if desired. Furthermore, to prevent source address NAT'ing within the VNET, we assign to the `vnetCidr` property in `masterProfile` the CIDR block that represents the usable address space in the existing VNET. See below profiles as an example: