Stay organized with collections
Save and categorize content based on your preferences.
This document shows how to remove static IP addresses from a cluster in
Google Distributed Cloud.
When you create a cluster that uses
static IP addresses
for the nodes, you specify a set of IP addresses in an
IP block file.
If you later realize that you specified more IP addresses than necessary, you
can remove some of the IP addresses from the cluster.
Remove IP addresses from a user cluster
Ensure that you will have enough IP addresses remaining after the removal. You
need one IP address for each cluster node plus an additional IP address to be
used for a temporary node during upgrades. For example, if you have three
cluster nodes, then you will need to have four IP addresses remaining after the
removal.
Follow these steps:
The admin cluster has an OnPremUserCluster custom resource for each
associated user cluster. In the admin cluster, edit the OnPremUserCluster
custom resource for your user cluster:
In your user cluster, view all of the Machine objects in the default namespace:
kubectl --kubeconfig USER_CLUSTER_KUBECONFIG get machines --output yaml
Delete all of the Machine objects that use one of the removed IP addresses.
For example, suppose you removed the address 198.51.100.1, and you
discover that the my-node-pool-1234 Machine object uses that address:
Ensure that you will have enough IP addresses remaining after the removal. You
need one IP address for the admin cluster control-plane node, two addresses
for add-on nodes, and an additional IP address to be used for a temporary node
during upgrades. Also, for each associated user cluster, you need either one
or three addresses for the user cluster control plane. Each high-availability
(HA) user cluster requires three nodes in the admin cluster for the control
plane of the user cluster. Each non-HA user cluster requires one node in the
admin cluster for the control plane of the user cluster.
For example, suppose your admin cluster is associated with one HA user cluster
and one non-HA user cluster. Then after the removal, you must have eight IP
addresses remaining to accommodate the following nodes:
Admin cluster control-plane node
Two add-on nodes
Three nodes for the control plane of the HA user cluster
One node for the control plane of the non-HA user cluster
A temporary node to be used during upgrades
Follow these steps:
Determine the IP address that is being used for the control-plane node of the
admin cluster:
kubectl --kubeconfig ADMIN_CLUSTER_KUBECONFIG get nodes --output wide
In the output, find the node listed as the control plane. Make a note of its
IP address.
Replace ADMIN_CLUSTER_KUBECONFIG with the path of the admin
cluster kubeconfig file.
Remove selected IP addresses from the ipBlocks section. Make sure that you
do not remove the IP address that is being used for the control-plane node of
the admin cluster.
In your admin cluster, view all of the Machine objects in the default
namespace:
kubectl --kubeconfig ADMIN_CLUSTER_KUBECONFIG get machines --output yaml
Delete all of the Machine objects that use one of the removed IP addresses.
For example, suppose you removed the address 198.51.100.102, and you
discover that the gke-admin-node- Machine object uses that address:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-25 UTC."],[],[],null,["# Remove static IP addresses from a cluster\n\nThis document shows how to remove static IP addresses from a cluster in\nGoogle Distributed Cloud.\n\nWhen you create a cluster that uses\n[static IP addresses](/kubernetes-engine/distributed-cloud/vmware/docs/how-to/create-user-cluster#network)\nfor the nodes, you specify a set of IP addresses in an\n[IP block file](/kubernetes-engine/distributed-cloud/vmware/docs/how-to/ip-block-file).\nIf you later realize that you specified more IP addresses than necessary, you\ncan remove some of the IP addresses from the cluster.\n\nRemove IP addresses from a user cluster\n---------------------------------------\n\nEnsure that you will have enough IP addresses remaining after the removal. You\nneed one IP address for each cluster node plus an additional IP address to be\nused for a temporary node during upgrades. For example, if you have three\ncluster nodes, then you will need to have four IP addresses remaining after the\nremoval.\n\nFollow these steps:\n\n1. The admin cluster has an OnPremUserCluster custom resource for each\n associated user cluster. In the admin cluster, edit the OnPremUserCluster\n custom resource for your user cluster:\n\n ```\n kubectl --kubeconfig ADMIN_CLUSTER_KUBECONFIG edit onpremusercluster USER_CLUSTER_NAME \\\n --namespace USER_CLUSTER_NAME-gke-onprem-mgmt\n ```\n\n Replace the following:\n - \u003cvar translate=\"no\"\u003eADMIN_CLUSTER_KUBECONFIG\u003c/var\u003e: the path of the admin cluster kubeconfig file\n - \u003cvar translate=\"no\"\u003eUSER_CLUSTER_NAME\u003c/var\u003e: the name of your user cluster\n2. Remove selected IP addresses from the `ipBlocks` section:\n\n ```\n network:\n ...\n ipMode:\n ipBlocks:\n - gateway: 198.51.100.254\n ips:\n - hostname: user-host1\n ip: 198.51.100.1\n - hostname: user-host2\n ip: 198.51.100.2\n - hostname: user-host3\n ip: 198.51.100.3\n - hostname: user-host4\n ip: 198.51.100.4\n - hostname: user-host5\n ip: 198.51.100.5\n netmask: 255.255.255.0\n type: static\n ```\n3. Close the editing session.\n\n4. In your user cluster, view all of the Machine objects in the default namespace:\n\n ```\n kubectl --kubeconfig USER_CLUSTER_KUBECONFIG get machines --output yaml\n ```\n5. Delete all of the Machine objects that use one of the removed IP addresses.\n For example, suppose you removed the address 198.51.100.1, and you\n discover that the `my-node-pool-1234` Machine object uses that address:\n\n ```\n Name: my-node-pool-1234\n Namespace: default\n Labels: kubernetes.googleapis.com/cluster-name=my-cluster\n kubernetes.googleapis.com/cluster-namespace=default\n ...\n Annotations: ...\n vm-ip-address: 198.51.100.1\n ```\n\n Then you must remove the `my-node-pool-1234` Machine object. \n\n ```\n kubectl --kubeconfig USER_CLUSTER_KUBECONFIG delete machine my-node-pool-1234\n ```\n6. After a a few minutes, view the cluster node addresses:\n\n ```\n kubectl --kubeconfig USER_CLUSTER_KUBECONFIG get nodes --output wide\n ```\n7. Verify that removed IP addresses do not appear in the output. For example:\n\n ```\n myhost2 Ready ... 198.51.100.2\n myhost3 Ready ... 198.51.100.3\n myhost4 Ready ... 198.51.100.4\n ```\n\nRemove IP addresses from an admin cluster\n-----------------------------------------\n\nEnsure that you will have enough IP addresses remaining after the removal. You\nneed one IP address for the admin cluster control-plane node, two addresses\nfor add-on nodes, and an additional IP address to be used for a temporary node\nduring upgrades. Also, for each associated user cluster, you need either one\nor three addresses for the user cluster control plane. Each high-availability\n(HA) user cluster requires three nodes in the admin cluster for the control\nplane of the user cluster. Each non-HA user cluster requires one node in the\nadmin cluster for the control plane of the user cluster.\n\nFor example, suppose your admin cluster is associated with one HA user cluster\nand one non-HA user cluster. Then after the removal, you must have eight IP\naddresses remaining to accommodate the following nodes:\n\n- Admin cluster control-plane node\n- Two add-on nodes\n- Three nodes for the control plane of the HA user cluster\n- One node for the control plane of the non-HA user cluster\n- A temporary node to be used during upgrades\n\nFollow these steps:\n\n1. Determine the IP address that is being used for the control-plane node of the\n admin cluster:\n\n ```\n kubectl --kubeconfig ADMIN_CLUSTER_KUBECONFIG get nodes --output wide\n ```\n\n In the output, find the node listed as the control plane. Make a note of its\n IP address. \n\n ```\n gke-admin-master-hdn4z Ready control-plane,master … 198.51.100.101\n ...\n ```\n2. In the admin cluster, edit the OnPremAdminCluster custom resource:\n\n ```\n kubectl --kubeconfig ADMIN_CLUSTER_KUBECONFIG edit onpremadmincluster --namespace kube-system\n ```\n\n Replace \u003cvar translate=\"no\"\u003eADMIN_CLUSTER_KUBECONFIG\u003c/var\u003e with the path of the admin\n cluster kubeconfig file.\n3. Remove selected IP addresses from the `ipBlocks` section. Make sure that you\n do not remove the IP address that is being used for the control-plane node of\n the admin cluster.\n\n ```\n network:\n ...\n ipMode:\n ipBlocks:\n - gateway: 198.51.100.254\n ips:\n - hostname: admin-host1\n ip: 198.51.100.101\n - hostname: admin-host2\n ip: 198.51.100.102\n - hostname: admin-host3\n ip: 198.51.100.103\n - hostname: admin-host4\n ip: 198.51.100.104\n - hostname: admin-host5\n ip: 198.51.100.105\n - hostname: admin-host6\n ip: 198.51.100.106\n - hostname: admin-host7\n ip: 198.51.100.107\n - hostname: admin-host8\n ip: 198.51.100.108\n - hostname: admin-host9\n ip: 198.51.100.109\n netmask: 255.255.255.0\n type: static\n ```\n4. Close the editing session.\n\n5. In your admin cluster, view all of the Machine objects in the default\n namespace:\n\n ```\n kubectl --kubeconfig ADMIN_CLUSTER_KUBECONFIG get machines --output yaml\n ```\n6. Delete all of the Machine objects that use one of the removed IP addresses.\n For example, suppose you removed the address 198.51.100.102, and you\n discover that the `gke-admin-node-` Machine object uses that address:\n\n ```\n Name: gke-admin-node-5678\n Namespace: default\n ...\n Status:\n Addresses:\n Address: 198.51.100.102\n Type: ExternalIP\n ...\n ```\n\n Then you must remove the `gke-admin-node-5678` Machine object. \n\n ```\n kubectl --kubeconfig ADMIN_CLUSTER_KUBECONFIG delete machine gke-admin-node-5678\n ```\n7. View the cluster node addresses:\n\n ```\n kubectl --kubeconfig ADMIN_CLUSTER_KUBECONFIG get nodes --output wide\n ```\n8. Verify that removed IP addresses do not appear in the output. For example:\n\n ```\n gke-admin-master-hdn4z Ready control-plane,master 198.51.100.101\n gke-admin-node-abcd Ready ... 198.51.100.103\n gke-admin-node-efgh Ready ... 198.51.100.104\n my-user-cluster-ijkl Ready ... 198.51.100.105\n my-user-cluster-mnop Ready ... 198.51.100.106\n my-user-cluster-qrst Ready ... 198.51.100.107\n my-user-cluster-uvwx Ready ... 198.51.100.108\n ```"]]