Skip to content
This repository has been archived by the owner on Jan 29, 2024. It is now read-only.

Commit

Permalink
Merge pull request #2344 from aiven/dorota-platform-byoc-add-cidr-for…
Browse files Browse the repository at this point in the history
…mat-guidelines

platform: add CIDR guidelines to the BYOC docs
  • Loading branch information
wojcik-dorota authored Dec 18, 2023
2 parents 4a4329f + dba93a5 commit ec909d2
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 4 deletions.
1 change: 1 addition & 0 deletions .github/vale/dicts/aiven.dic
Original file line number Diff line number Diff line change
Expand Up @@ -161,6 +161,7 @@ MongoDB
MySQL
myhoard
namespace/MS
netmask
NodeJS
nosqlbench
npm
Expand Down
16 changes: 12 additions & 4 deletions docs/platform/howto/byoc/create-custom-cloud.rst
Original file line number Diff line number Diff line change
Expand Up @@ -472,11 +472,19 @@ In the **Create custom cloud** wizard, proceed as follows:
* Region
* CIDR

Aiven needs CIDR for the `CIDR block of the VPC <https://docs.aws.amazon.com/vpc/latest/userguide/vpc-cidr-blocks.html>`_ that will be created in your AWS account.
The **CIDR** block defines the IP address range of the VPC that Aiven creates in your AWS account. Any Aiven service created in the custom cloud will be placed in the VPC and will get an IP address within this address range.

* Specify inbound rules with the CIDR block notation, for example: 200.1.2.3/32 (allowing 200.1.2.3 as a single address), 0.0.0.0/0 (allowing traffic from anywhere), or 100.1.0.0/16 (allowing traffic from 100.1..).
* To create VPC peerings with that VPC, choose a CIDR block that doesn't overlap with CIDR blocks of peer VPCs.
* Keep in mind that CIDR block needs be large enough so that, after splitting it into per-region subnets, each subnet has enough addresses to fit required services.
In the **CIDR** field, specify an IP address range for the BYOC VPC using a CIDR block notation, for example: ``10.0.0.0/16``, ``172.31.0.0/16``, or ``192.168.0.0/20``.

Make sure that an IP address range you use meets the following requirements:

* IP address range is within the private IP address ranges allowed in `RFC 1918 <https://datatracker.ietf.org/doc/html/rfc1918>`_.
* CIDR block size is between ``/16`` (65536 IP addresses) and ``/24`` (256 IP addresses).
* CIDR block is large enough to host the desired number of services after splitting it into per-availability-zone subnets.

For example, the smallest ``/24`` CIDR block might be enough for a few services but can pose challenges during node replacements or maintenance upgrades if running low on available free IP addresses.

* CIDR block of your BYOC VCP doesn't overlap with the CIDR blocks of VPCs you plan to peer your BYOC VPC with. You cannot change the BYOC VPC CIDR block after your custom cloud is created.

2. Select **Next**.

Expand Down

0 comments on commit ec909d2

Please sign in to comment.