Merge pull request #51690 from bowei/service-as-2ndary

Automatic merge from submit-queue (batch tested with PRs 51583, 51283, 51374, 51690, 51716) Create a secondary range for the services instead of a subnetwork GCE now supports >1 secondary ranges / subnetwork. Fixes #51774 ```release-note When using IP aliases, use a secondary range rather than subnetwork to reserve cluster IPs. ```
2025-07-23 11:50:44 +00:00 · 2017-09-02 20:35:26 -07:00 · 2017-09-02 20:35:26 -07:00 · af52d4403c
commit af52d4403c
parent dceff77669 b145beb3da
1 changed files with 2 additions and 39 deletions
--- a/cluster/gce/util.sh
+++ b/cluster/gce/util.sh
@ -849,7 +849,8 @@ function create-subnetworks() {
      --network ${NETWORK} \
      --region ${REGION} \
      --range ${NODE_IP_RANGE} \
-      --secondary-range "pods-default=${CLUSTER_IP_RANGE}"
+      --secondary-range "pods-default=${CLUSTER_IP_RANGE}" \
+      --secondary-range "services-default=${SERVICE_CLUSTER_IP_RANGE}"
    echo "Created subnetwork ${IP_ALIAS_SUBNETWORK}"
  else
    if ! echo ${subnet} | grep --quiet secondaryIpRanges ${subnet}; then
@ -857,31 +858,6 @@ function create-subnetworks() {
      exit 1
    fi
  fi
-
-  # Services subnetwork.
-  local subnet=$(gcloud beta compute networks subnets describe \
-    --project "${PROJECT}" \
-    --region ${REGION} \
-    ${SERVICE_CLUSTER_IP_SUBNETWORK} 2>/dev/null)
-
-  if [[ -z ${subnet} ]]; then
-    if [[ ${SERVICE_CLUSTER_IP_SUBNETWORK} != ${INSTANCE_PREFIX}-subnet-services ]]; then
-      echo "${color_red}Subnetwork ${NETWORK}:${SERVICE_CLUSTER_IP_SUBNETWORK} does not exist${color_norm}"
-      exit 1
-    fi
-
-    echo "Creating subnet for reserving service cluster IPs ${NETWORK}:${SERVICE_CLUSTER_IP_SUBNETWORK}"
-    gcloud beta compute networks subnets create \
-      ${SERVICE_CLUSTER_IP_SUBNETWORK} \
-      --description "Automatically generated subnet for ${INSTANCE_PREFIX} cluster. This will be removed on cluster teardown." \
-      --project "${PROJECT}" \
-      --network ${NETWORK} \
-      --region ${REGION} \
-      --range ${SERVICE_CLUSTER_IP_RANGE}
-    echo "Created subnetwork ${SERVICE_CLUSTER_IP_SUBNETWORK}"
-  else
-    echo "Subnet ${SERVICE_CLUSTER_IP_SUBNETWORK} already exists"
-  fi
 }

 function delete-firewall-rules() {
@ -934,19 +910,6 @@ function delete-subnetworks() {
        ${IP_ALIAS_SUBNETWORK}
    fi
  fi
-
-  if [[ ${SERVICE_CLUSTER_IP_SUBNETWORK} == ${INSTANCE_PREFIX}-subnet-services ]]; then
-    echo "Removing auto-created subnet ${NETWORK}:${SERVICE_CLUSTER_IP_SUBNETWORK}"
-    if [[ -n $(gcloud beta compute networks subnets describe \
-          --project "${PROJECT}" \
-          --region ${REGION} \
-          ${SERVICE_CLUSTER_IP_SUBNETWORK} 2>/dev/null) ]]; then
-      gcloud --quiet beta compute networks subnets delete \
-        --project "${PROJECT}" \
-        --region ${REGION} \
-        ${SERVICE_CLUSTER_IP_SUBNETWORK}
-    fi
-  fi
 }

 # Generates SSL certificates for etcd cluster. Uses cfssl program.