ASAdika SmithCloud app platform

Kubernetes networking

AKS networking redesign under IP pressure

Developed a practical network redesign for AKS environments facing IP exhaustion and private connectivity routing constraints.

2025AKSAzure CNI overlayCIDR planningPrivate EndpointsCapacity planning

Proof block

What this proves

A compact hiring view of the work before the deeper project narrative.

Problem

A Kubernetes networking design was consuming too much address space while private connectivity still needed to work.

My ownership

Modeled network options, explained tradeoffs to stakeholders, and shaped a path that protected future scale.

Result

Produced a defensible network recommendation tied to IP conservation, private access, and measured capacity.

Transferable skill

Can explain cloud networking tradeoffs clearly enough for engineers and leaders to make a decision.

Situation

The cluster design consumed too much routable address space, while private connectivity options created return-path ambiguity.

Role

Analyzed the current footprint, modeled redesign options, and converged stakeholders on a sequenced path that conserved IPs.

Actions

  • Compared classic routable pod addressing against Azure CNI overlay behavior.
  • Modeled subnet sizing for node pools, ingress, API management, and batch workloads.
  • Used real telemetry to challenge over-provisioned CPU and memory assumptions.
  • Prepared a fallback connectivity plan so leadership had an alternative if network restructuring was delayed.

Outcomes

  • Produced a defensible recommendation tied to measured usage, not guesswork.
  • Reduced the risk of address-space exhaustion while preserving private service access.
  • Created a clearer operating model for future AKS network decisions.

Public safety

What is preserved

The project details are intentionally sanitized for a public repository while keeping the operating logic and technical tradeoffs visible.

Architecture thinking

Resource categories, dependency order, validation habits, and operational tradeoffs remain visible.

Impact

The outcomes focus on risk reduction, repeatability, cost awareness, and stakeholder alignment.

Protected details

Internal hostnames, ticket identifiers, raw IPs, client names, and sensitive names are excluded.