A subnet is a partition of the virtual network in which CDP workloads are launched.

It is recommended that the subnets be configured with the following properties:
  • The CIDR block for the subnet should be sufficiently large for supporting the CDP workload targeted to run inside it. Refer to VNet and subnet planning to understand how to compute the CIDR block range.
  • Several CDP data services run on Kubernetes and use Kubenet CNI plugin for networking. Azure's Kubenet CNI plugin requires that the subnet is not shared between multiple Kubernetes clusters as it adds custom routes (see Bring your own subnet and route table with kubenet). Therefore, as many subnets as the expected number of workloads need to be created.
  • In addition, you may want to ensure that the CIDR ranges assigned to the subnets do not overlap with any of your on-premise network CIDR ranges, as this may be a requirement for setting up connectivity from your on-prem network to the subnets.
  • A subnet can be associated with a Network Security Group (NSG). However, since Cloudera works with a fully private network configuration where communication is always initiated from VMs within the subnets, an NSG at subnet level is generally not useful for this configuration.