Networking Models¶
AKS networking determines pod IP assignment, routability, and subnet pressure. This is one of the most important design choices because it is painful to change later.
Main Content¶
flowchart TD
A[Networking Choice] --> B[Azure CNI Overlay]
A --> C[Azure CNI Pod Subnet]
A --> D[Kubenet]
B --> E[Large pod density with overlay addressing]
C --> F[Direct VNet-routable pod IPs]
D --> G[Simpler basic model with route management limits] Comparison summary¶
| Model | Pod IP Behavior | Best Fit | Main Caution |
|---|---|---|---|
| Azure CNI Overlay | Pods use overlay addresses while nodes stay in VNet | Most new AKS clusters | Requires understanding overlay routing behavior |
| Azure CNI Pod Subnet | Pods get IPs from delegated subnets | Deep VNet integration and direct routability | Subnet sizing becomes critical |
| Kubenet | Pods use private address space with NAT through nodes | Legacy/smaller clusters | Feature limits and future preference toward Azure CNI options |
What to decide early¶
- Required pod-to-VNet routability.
- Subnet size and IP growth model.
- Network policy engine and private cluster requirements.
- Whether your org standardizes on overlay for simpler IP planning.
Example cluster creation¶
az aks create --resource-group $RG --name $CLUSTER_NAME --location $LOCATION --network-plugin azure --network-plugin-mode overlay --pod-cidr 192.168.0.0/16 --service-cidr 10.0.0.0/16 --dns-service-ip 10.0.0.10