GKE CIDR Planner

// VPC-Native Flat Network · Exact minimum ranges · Full calculation shown

Cluster Configuration

VPC

VPC Primary CIDR

Node subnet AND Pod range carved from this

Node Planning

Nodes Today

Future Node Count (for CIDR sizing)

Pod CIDR is permanent — size for this

Pod Planning

Use RFC6598 range for Pod CIDR 100.64.0.0/x Check this to use 100.64.0.0 instead of carving from VPC primary range

Max Pods per Node

Expected Total Pods in Cluster (future)

Both constraints evaluated — larger one wins

Service Planning

Services Today

Future Service Count

Control Plane

Control Plane CIDR

Must be exactly /28 (16 IPs) — permanent, never changes

GKE IP Allocation Rules

NODE CIDR — carved from VPC start → 1 IP per node → GCP reserves 4 IPs per subnet: .0 network address .1 default gateway .n-1 reserved (GCP future use) .n broadcast address

POD CIDR — two options: ① Carved from VPC after node subnet (default) → If fits in VPC → use VPC range ✅ → If doesn't fit → ERROR ❌ ② RFC6598 100.64.0.0/x (checkbox) → Independent of VPC primary range → Safe, won't clash with RFC1918 Two constraints, take MAX: C1 = future_nodes × block_per_node C2 = total_pods_in_cluster

SERVICE CIDR — outside VPC → 1 IP per ClusterIP service → Uses 10.96.0.0/x (k8s standard)

CONTROL PLANE CIDR → Must be exactly /28 (16 IPs) → GKE manages the control plane → Permanent — cannot change ever → Must not overlap any other range

🚨 Pod, Service and Control Plane CIDRs are permanent after cluster creation.

Step-by-Step Calculation