Vintner
Plant a Vine

Network

VPC/VNet configuration — create new or use existing, CIDR blocks, NAT gateways.

Network

The network section configures the virtual network that contains all provisioned resources.

Create New vs. Use Existing

Two modes controlled by a toggle:

Create New Network

Provisions a new network from scratch. Fields:

FieldDescription
CIDR BlockIP address range (e.g., 10.0.0.0/16)
NAT GatewaySingle (cost-optimized) or HA (one per availability zone)

Creates a VPC with:

  • Public and private subnets across availability zones
  • Internet Gateway for public subnets
  • NAT Gateway(s) for private subnet internet access
  • Route tables for each subnet type
  • Default security group

Creates a VPC Network with:

  • Custom-mode subnets in the selected region
  • Cloud NAT with Cloud Router
  • Firewall rules for internal communication

Creates a Virtual Network (VNet) with:

  • Subnets for cluster nodes and services
  • NAT Gateway for outbound traffic
  • Network Security Groups (NSGs)

Use Existing Network

Select from existing networks discovered by the resource refresh job. The dropdown shows:

  • Network ID and name
  • CIDR range
  • Region

Existing networks must be in the same region as the vine. The resource refresh job (FETCH_RESOURCES) populates the list by querying your cloud account. If you don't see a network, click the refresh button in the Provider Ribbon.

CIDR Block Validation

The form validates CIDR notation in real-time and shows a breakdown:

10.0.0.0/16
├── Total addresses: 65,536
├── Usable IPs: 65,531
├── Range: 10.0.0.0 – 10.0.255.255
└── Size: Large

Common ranges:

  • /16 — 65,536 addresses (recommended for production)
  • /20 — 4,096 addresses (suitable for small environments)
  • /24 — 256 addresses (minimal, development only)

NAT Gateway Cost Impact

NAT gateways have significant cost implications:

ModeAWS CostDescription
Single~$35/moOne NAT in a single AZ (cost-optimized, single point of failure)
HA~$105/mo (3 AZ)One NAT per AZ (high availability, 3x cost)

The cost sidebar reflects the NAT gateway choice immediately.

Allowed CIDR Blocks

Optional field for restricting inbound access. Enter CIDR ranges that should be allowed to connect to resources within the network. Default: open to the VPC CIDR only.

Project Basics

Vineyard selection, project name, environment stage, and Terraform version.

Cluster

Kubernetes cluster configuration — version, instance types, node scaling, Karpenter, and cluster admins.

On this page

NetworkCreate New vs. Use ExistingCreate New NetworkUse Existing NetworkCIDR Block ValidationNAT Gateway Cost ImpactAllowed CIDR Blocks