Learn how to change the networking settings for DNS server, namespace networks, ingress and egress of a Supervisor Cluster configured for NSX-T Data Center as the networking stack.
Prerequisites
- Verify that you have the Modify cluster-wide configuration privilege on the cluster.
Procedure
- In the vSphere Client, navigate to the Supervisor Cluster.
- Select Configure.
- Under Supervisor Cluster, select Network.
- Select Workload Network.
- Change networking settings as needed.
Option Description DNS Server(s)
Enter the addresses of DNS Servers that can resolve the domain names of the vSphere management components, such as vCenter Server .
For example,
10.142.7.1
.When you enter IP address of the DNS server, a static route is added on each control plane VM. This indicates that the traffic to the DNS servers go through the workload network.
If the DNS servers that you specify are shared between the management network and workload network, the DNS lookups on the control plane VMs are routed through the workload network after initial setup.
Namespace Network
Enter a CIDR annotation to change the IP range for Kubernetes workloads that are attached to the namespace segments of the Supervisor Cluster. If NAT Mode is not configured, then this IP CIDR range must be a routable IP Address.
Ingress
Enter a CIDR annotation to change the ingress IP range for the Kubernetes services. This range is used for services of type load balancer and ingress. For Tanzu Kubernetes clusters, publishing services through ServiceType loadbalancer will also get the IP addresses from this IP CIDR block.
Note: You can only add CIDRs to ingress and workload network fields, but you cannot edit or remove existing ones.Egress
Enter a CIDR annotation for allocating IP addresses for SNAT (Source Network Address Translation) for traffic exiting the Supervisor Cluster to access external services. Only one egress IP address is assigned for each namespace in the Supervisor Cluster. The egress IP is the IP address that the vSphere Pods in the particular namespace use t o communicate outside of NSX-T Data Center.