I followed this this GCP guide to be able to reach a Kubernetes Cluster private endpoint with Cloud Build jobs. I have set up everything (using Terraform). The final step in the guide is adding the (cloud build) private pool network range to the authorized networks of the cluster as such:
gcloud container clusters update PRIVATE_CLUSTER_NAME \
--enable-master-authorized-networks \
--region=REGION \
--master-authorized-networks=PRIVATE_POOL_NETWORK/PRIVATE_POOL_PREFIX
I have a private pool set up with an internal IP range of 192.170.0.0/16 as can be seen here.
But when I add the CIDR to the master authorized networks I get this error:
Invalid master authorized networks: network "192.170.0.0/16" is not a reserved network, which is required for private endpoints.
NAME: cloud-build-private-pool
ADDRESS/RANGE: 192.170.0.0/16
TYPE: INTERNAL
PURPOSE: VPC_PEERING
NETWORK: cb-runner-network
REGION:
SUBNET:
STATUS: RESERVED
I tried everything but cant think of a reason why the allocated IP range cant be added. Help would be much appreciated.
Solved. The IP address range was wrong and I needed to use one of the three private IP ranges as can be read here: https://cloud.google.com/vpc/docs/subnets#valid-ranges