Learn how to change the networking settings for DNS server, namespace networks, ingress and egress of a Supervisor configured for NSX as the networking stack.

Prerequisites

  • Verify that you have the Modify cluster-wide configuration privilege on the cluster.

Procedure

  1. In the vSphere Client, navigate to Workload Management.
  2. Under Supervisors, select the Supervisor, and select Configure.
  3. Select Network and expand Workload Network.
    Figure 1. Updating Supervisor workload network settings

    Updating Supervisor workload network settings
  4. Change networking settings as needed.
    Option Description

    DNS Server(s)

    Enter the addresses of DNS Servers that can resolve the domain names of the vSphere management components, such as vCenter Server .

    For example, 10.142.7.1.

    When you enter IP address of the DNS server, a static route is added on each control plane VM. This indicates that the traffic to the DNS servers go through the workload network.

    If the DNS servers that you specify are shared between the management network and workload network, the DNS lookups on the control plane VMs are routed through the workload network after initial setup.

    Namespace Network

    Enter a CIDR annotation to change the IP range for Kubernetes workloads that are attached to the namespace segments of the Supervisor. If NAT Mode is not configured, then this IP CIDR range must be a routable IP Address.

    Ingress

    Enter a CIDR annotation to change the ingress IP range for the Kubernetes services. This range is used for services of type load balancer and ingress. For TKG clusters, publishing services through ServiceType loadbalancer will also get the IP addresses from this IP CIDR block.

    Note: You can only add CIDRs to ingress and workload network fields, but you cannot edit or remove existing ones.

    Egress

    Enter a CIDR annotation for allocating IP addresses for SNAT (Source Network Address Translation) for traffic exiting the Supervisor to access external services. Only one egress IP address is assigned for each namespace in the Supervisor. The egress IP is the IP address that the vSphere Pods in the particular namespace use t o communicate outside of NSX.