From 5406a808f2be9e10143368bbda2bd926e7b8d80a Mon Sep 17 00:00:00 2001
From: Ivan Sim <ivan.sim@suse.com>
Date: Mon, 13 Jan 2025 11:46:36 -0800
Subject: [PATCH 1/4] doc: update iso installation page with new cluster cidr
 and dhcp settings

Signed-off-by: Ivan Sim <ivan.sim@suse.com>
---
 docs/install/harvester-configuration.md       |  46 ++++++++++++++++++
 docs/install/iso-install.md                   |  18 ++++++-
 .../img/v1.5/install/config-cluster-cidrs.png | Bin 0 -> 5196 bytes
 static/img/v1.5/install/config-virtual-ip.png | Bin 0 -> 4277 bytes
 4 files changed, 62 insertions(+), 2 deletions(-)
 create mode 100644 static/img/v1.5/install/config-cluster-cidrs.png
 create mode 100644 static/img/v1.5/install/config-virtual-ip.png

diff --git a/docs/install/harvester-configuration.md b/docs/install/harvester-configuration.md
index 5e1c5f61e5..2cc35dc7a5 100644
--- a/docs/install/harvester-configuration.md
+++ b/docs/install/harvester-configuration.md
@@ -73,6 +73,9 @@ install:
   vip: 10.10.0.19
   vip_hw_addr: 52:54:00:ec:0e:0b
   vip_mode: dhcp
+  cluster_pod_cidr: 172.16.0.0/16
+  cluster_service_cidr: 172.22.0.0/16
+  cluster_dns_ip: 172.22.0.10
   force_mbr: false
   addons:
     harvester_vm_import_controller:
@@ -728,6 +731,49 @@ install:
   vip_hw_addr: 52:54:00:ec:0e:0b
 ```
 
+### `install.cluster_pod_cidr`
+
+**Definition**: CIDR of the Harvester pods.
+
+Use this field to override the default pod CIDR of 10.52.0.0/16.
+
+**Example**:
+
+```yaml
+install:
+  cluster_pod_cidr: 172.16.0.0/16
+```
+
+### `install.cluster_service_cidr`
+
+**Definition**: CIDR of the Harvester services.
+
+Use this field to override the default service CIDR of 10.53.0.0/16.
+
+If this CIDR is changed, the cluster DNS IP must be within this range. See the `install.cluster_dns` field.
+
+**Example**:
+
+```yaml
+install:
+  cluster_service_cidr: 172.22.0.0/16
+```
+
+### `install.cluster_dns`
+
+**Definition**: IP of the Harvester DNS service.
+
+Use this field to override the default DNS service IP of 10.53.0.10.
+
+This IP must be within the range defined by the `cluster_service_cidr` field.
+
+**Example**:
+
+```yaml
+install:
+  cluster_dns: 172.16.0.10
+```
+
 ### `install.webhooks`
 
 **Definition**: Webhooks that allow you to receive notifications for certain installer-related events.
diff --git a/docs/install/iso-install.md b/docs/install/iso-install.md
index 3f64d1cebb..211631f75a 100644
--- a/docs/install/iso-install.md
+++ b/docs/install/iso-install.md
@@ -87,6 +87,20 @@ The following [video](https://youtu.be/X0VIGZ_lExQ) shows a quick overview of an
 	For more information, see [DHCP Server Configuration](./pxe-boot-install.md#dhcp-server-configuration).
 	:::
 
+1. (Optional) Configure the CIDRs for the cluster pods and services. Leave these fields blank to use the default CIDRs.
+
+	![config-cluster-cidrs.png](/img/v1.5/install/config-cluster-cidrs.png)
+
+  The following is an example of a valid CIDR configuration:
+
+  * Pod CIDR: 172.16.0.0/16
+  * Service CIDR: 172.22.0.0/16
+  * Cluster DNS IP: 172.22.0.10
+
+	:::note
+  The pod CIDR and service CIDR must not overlap. The DNS service IP must be within the service CIDR.
+	:::
+
 1. (Optional) Configure the `DNS Servers`. Use commas as a delimiter to add more DNS servers. Leave it blank to use the default DNS server.
 
 	![config-dns-server.png](/img/v1.2/install/config-dns-server.png)
@@ -94,10 +108,10 @@ The following [video](https://youtu.be/X0VIGZ_lExQ) shows a quick overview of an
 1. Configure the virtual IP (VIP) by selecting a `VIP Mode`. This VIP is used to access the cluster or for other nodes to join the cluster.
 
 	:::note
-	If using DHCP to configure the IP address, you need to configure a static MAC-to-IP address mapping on your DHCP server to have a persistent virtual IP (VIP), and the VIP must be unique.
+	For DHCP setup with static MAC-to-IP address mappings configured, enter the MAC address in the provided field to fetch the unique persistent virtual IP (VIP). Otherwise, leave it blank.
 	:::
 
-	![config-virtual-ip.png](/img/v1.2/install/config-virtual-ip.png)
+	![config-virtual-ip.png](/img/v1.5/install/config-virtual-ip.png)
 
 1. Configure the `Cluster token`. This token is used for adding other nodes to the cluster.
 
diff --git a/static/img/v1.5/install/config-cluster-cidrs.png b/static/img/v1.5/install/config-cluster-cidrs.png
new file mode 100644
index 0000000000000000000000000000000000000000..7ed485b750603e32c2d9ce6a283af0502a0a2e6c
GIT binary patch
literal 5196
zcmbtY3sh41)<5>HuWZt3CQ`FCW@ctyGb<lRQz@dUJuFgFD&Lw?J`)tWb7w3aAL9d@
zeDM{LnIYu^LPMshd|`U=g^Ef_N=iVefP%n1b=UgtUEf`E*P0pDS&Q}G=YQ7T=f8jZ
zw}1O&o$`fm+OT~C005g1o+r)#z)A=J7<{>I4QPQ+YSw{&s}heP{MUiM^mSpk!8Ihw
z{X)`NbVO3><%Dn`G9DclZkrgI5FQ?%7==!ftz^3afblru#JB!8$|Yj~b!2BF;8Z-E
z%Kb5{hye?ER@S>R*Lsbn{C4)9vLA~#uAprBSig@WTLA!Hyn`Xvf*#VpLV*6i@G3L_
zfbR>#K+D}-U|2`@{4VoD7<YB8Sj`jh#9M=3qmn-m^p$R8X$^r0eUxWKYqpt$g*F3#
ztNVLGPMk<L#`P-7Yj=()#;4Z1Jn=)3kgx5Y0>C2s$*xe@?28Y1ywgkkU0`@ekc-!<
z`|0&;l}#eXeNusO+yq5biKcz3Bm>N^{o>M@Q#JMn@YcFBOEV4QOF;}lNCs5Q_!1wV
zmVkWiL6jBUk{AH*%2R}?&c%CqcVOG&lNa<<vSDx_K6dSs;`Cx7Ei6gLo$ITC&4`E+
zhKhN=K?@h!Wret{Ujux6^8nRxyT8b^D_iLK4r)-qSqw?#m)*m5(gIrU@ONL)=8bO)
zDODM2_5i;Sb`Ziw--KArb(?YG?#XqdXIpdFth%m{)a=#3Ti*wpOEBubY_~UER(Sbl
z@z=m&%4LMd%#Lhy11sj*>t$wLjPtJ)wS`d3HAZ3b+x8i40^XKs_i^S-0xn6z(<xO}
zjpJcu*ewE2txT3*xyL_9#TA%U-(jaLCHQsief_mOsj5H&4UDgoX6fILR~AfhEU#sr
zGXMm;T{~`UFgpqWKMNb+Lm`scyHEi5XxlRD<?-sL9RRRXR#UhU04}xAAp2JXK>6`M
z2ZrAVo&VgeyJ!Y91o9NKUjTqxuUN6c8eaG!)ZK9fa1;Ht)}nR-ES=wr&nJg*<}Ax6
zB5D`EE>Pqr^c2BLTfWw(jJHp%1aA6$m0}snAI7mlhP$!e0k-4GQ?q`;F0FpgFeDf(
zvBfZRhl?>~m!9Wd4FBl_=$-Ur;*6u$@xnY^#P<^?0pMD#HKKL=FJzX@CUMh#ag$W{
zrh>LJXVd|#G*Y}*p?yNV%Gg<w>h~Q0y!A3q^lKd+tp_Vk<L1`!(<%V?h3U4tW2m|A
zFNK#}qZhvdfKkMS!qc;(=%Sk{wnR0vP&wfl4dKhYu1mG->F{*$2?356zQl4~7d5fh
z7&!X)y>6gwV+rU^I?-Puf3c4;akUl$=CX|dW_D+>4J3UPaxZxI<v-WERsz5}%MP&I
zk0A~Kz|B*i0I;+8vw3O@-Szy;YS76=VPpVNQ1dr%o7=5FaP0q?+kfMh*`5J|qczFF
zG(!X6tpzKD_EW+xi0gTO3-G*CxUk9XpRo8lDQQE7P&Hn*f_B4Z-X+gQjPnjXQW_GN
z3P)dF7>otqe)k8jR(hyj$I$9b?u##J#`uS<_h|7hXlJbn&kg{3J{G*B&?`RHe+Y&`
zvc5Gk0Dd|9!=@4pD}>Wj3toEh&XUXxary{8LZDfVrx}wpwT-&c8R*8y6~J5m_aPla
zyH`cuVjV1hw7_)C^sm-gZBmWYq7dNerW#{}s=8$t?n7qjHUHMDSjDJ)wI>CM1tH=4
zYf%n^HE~uZ3+g<=KU=%el!^j?XMykgD9cSc^x%2`5KQ-0c{lFb&BX4B7=Rg})cVRH
z`qT<Az~xUIac-!+uguHtDc^=XU71a+g1fs0&*qfKrz)Q*Hnk)(4S<L&De8yakZWr|
zX8(*AcuUS^&`I8Z!@_SsL?N05{+HKOi@XIQF^?1;fTJ0L*jqHs^afG=M>@!FK;_}5
zE=3(oW;w3{ZsspwSjRdG!aiO&oeLfs-(7z@_Su)eyL;_j&K1n?SM)IspsRW?q4Q0(
zRqRa|nQaz-+jw81fYA9q%L19=w*&yEj4&WCM7zz7c1!y`*hZ|u6lQ{%hP>FDjPx=L
zoE*~N(Vw>w!#-%w=-;plRlBx>)VluHTi%oy<6QFH<Jgx!Dm(qE6y16Z%h#lr(E7Ai
zj5^M0aYC#F-ZFP23R9zxaFxxh9>;l+8@$8PknbEBA{ipu6&L_JM;2@#r|;orXfw}y
zq&KRN-pX0u62~SS$mCP@h}OF0im2x>Rk6Jgjh$?_bj2dJf<5-d!o(SeOp}bsqJoIc
z1t4kGe{TuFn(5np6Gzt55C^@?RCmm<DpxR0>L(7#-S=cFJbh;2VAlJLfH7|0-M~s;
zN43#&a+7TCK#P?X%;*Sk^8!~}^KsY8h$2uSyvmlMpwnCEVCo$_|37*B24Mc(jIT8W
zFjO%n8B{zU76XV=s@a_&1@&D11G)T@y5%=e_fPYzpZ~WYn{(>+(RenR;J5(ld=92f
zosyy@)8(QoG;MQ$f=5&|C<Ir~OA&D;WHo%Y6cXz*jFg#Ma8S<OrapdbKhap(xUqo#
zn3aYt(e7!9bE1S_rHUS9U|ZGL!tr@r*cf`GM43!?d3DWd0(l_8MFW{vjYv28joQbA
zRyJNeJr&ZZ?J-KLn{_;c#N5mu51|Z6pWsiFo8}J+xYwg(dbm~n#id4j;-t(PYr<Ee
z0#ne-WV!o3lthi4befhn*h$2}I)cQTuj3a_oI$3p0_(|j&0><_1BDWoVG@9MD11&d
zJe8y+oBfTuh!F{V(E)hUhiu<UC7~+gIst5U)hx4bQknZJh$gtk!+J=dT{ST?Zy-#`
zEeVaC=GS0@BE)}xTzVt|ttTgsoxz>Z!sW%2W>grm)pLoZ!HeBSnsj;7JrcGf2d^ZQ
zIlO6d9uTgt$Ryr99J$R2M;L*>S+b#$A4s~~*n((16QjRTTF*zG(6`aGjE^=D$BGA|
z;m_lo;3mu@Cc4$m+ED=y&NgM5YW9;O$9wBo?3yfEW6>8(Ew;GRoXT!UkKV^sRE58L
zU`9Zx&qWW?hlv>r%m`iTNfuwV-b@g_r16sGT!7QXF7(lXY3>kQ)m*v+$F*DA;`6ye
z<V+%Ud|v-Sh`n#cpd|(REt5uCJTx#rCs=u0Cn4t`|HmZ7w^fRgx9xL5&lxZ1FEQuG
z{H|Wbifwohk{PF9Tpi0m)Go(0x5SKHoI+?8x`b#NS!)S(gI<Q_zxsK9EJx1tkMEa@
zA1CYkL)(k^yvJI*-gA=JgG_I+$h<Gp`%TPkB>Gh;DuzxXcam)P>a6&c4+SKZZrZC}
zY_3%-mZ?ZCGfM?`DIXyBeES_l?8L}#)Qicl4~$=DNz<-qvgfiSoTb>x{B%E$ca$iX
zpk}MX{mrOHqWYmW-E~p7h96*`SI#zN>mtlt+l=!J8k&;}Pdg8J<j0QLun)56y3uX@
zx94QLCr_kK&s8N4yn<~P49uf~bq|}{80VVWC<DV*?}$R)c*@N1dCK*v0y$xtja?h1
zl-G!s&l#oRcrBBI6s7z9PaVQy!w4S{v;SK{Yq*qvEM>!M4F+3DtrbC5Gb+calKw7y
z|Dx)OjoCUnDbea#Wf{XuF7ZLzGLrQ<BYLljzxJx7R2XI{QFFd}xm5WS*%so|=)pky
zEK}|K={<u(bU|(&q85sy;QJENYn*h%PV-#5!}=!Tt=GkaDDe{d-7_W<$5Go+o5}2I
zD0|@~?QX^Zp`u3E$4B}sQMIJfCHA=sg$CCm4b`I+8DB2$>Wg1q1I!}!-}FlmV-En|
zoX8yj*V{e|lLX6uNvH~(FjXeB3KAdDtZ5o)Yjby<WE>(6=j%^$vT&;|%MO)4U8W|B
zX1C>DM(f?k!DFupes7(GTkbIDg08qGYF(rCF2ZfsQZ&ywOI6`|nYDf+RC^0OqK9jc
zNFLsQnm@)6^p)c*LzQcu&pzmuBup7ThRfqNFUs&tHmp#iDJ}BqIMl*A0-wykjaJT;
ze2}ayuy>sa(?<7Zq=PbttF$vS@11c_aUqor`Zqa>N6NI4c|VB`&(k&^u0#*(E$F-f
zg)FUCiQWE^vU|qq@A)w^m*D2_7*=^Zw#b8-%TUuHb&fO^s>H3|k##xcUaUYJk1WRn
zXYRhFc<g5o#~)nS3#%A((JOs&ZRLy+&FZ9J9((_4`e4Sbym><9vt_EpLYsaNFV+c+
zk9#jsl;<4EEvV#!{?(Q(A*tf7{Kq6>o%cNN10K#-M?t*M{nRYkWAhueQ6$@la(u+2
zF{OiMGxezlolTsIgRU|4;ZU2$wG4*VeL!#qxgehp`XRXEcGKuc5Kb))R)f_(D%!)W
zNC*;j<;{5x%ZBo<oUF<{I2Tasb&Rf1Zam&D5ky00bS@)q-t(k^mKf(asC=x$Q!^6`
zbF?4mW;67J=`kF#UYnp9IBjOpcE7NOAL(6AiH<DC-|OCdT7%{&ZLB3&2Rgc1d*9xa
zP!LP9(AJcyy*Y;i@!rAAAsJ5htgQMl4!)yHU`6Dj0%KCLhliupu`ff$X6i!X?DAOK
z`ZDoV;m<}wL{aCVaLnfHMv2T&VuS24_T9h~zKpt4!1fn8+hDsdsNl)vTxrakC=ykH
zO4C8C=gqLOCU>6d8H0>{JpC_@SONB!rsg_Bq6({m1;@NfdCC4ic_4WLcS-XfOHJ`8
zR8hb2{m4|Nf^DbD8QT@5-_q6-QcwGW4Gq`qaB?tU&n_ntY*hNVjj3M_xXGH*PrGF-
zMcf$86_7C1F-psr+aIeXG+y7}UnNLoZrda}AVLExkBuqZlJ?e%^T_E`@hmCr5{p0e
zA}M2Pk{@JOAWo2>;X<1`!Md#;Let@hEfRE1xTZgQG%`_`gbn2rU4nX)v9|N^wRy5G
zCG)VXZdA0K*f`uqyZv+Jbf<0rG9_T?sy>N@!;hY@wpQ+Vm*-qE)4-C89j9c3v&N|X
zwc9B}N<%e^!!vq$x`J7k?|Z6|bK@Y(Uzf9(U{5Ea$SHcMEzC9&EkLl#n0R*vtydWx
zz^3-a78A+EuDn+%4O$Oj8B-giVvovMsrtC!Hj1#lXhdYz4a0_?AfaM~Brg78uKeM0
zyOLL*ZadFw$iKJ*Rq$r1Y|1EP3SaYgP)kRYDZE)WfGZ)R#0ArzD*)0-_0Ff9qk!ud
zJAk*!dzmJ`R&ftKv-$jiW%hdh6L8Ft`g|U_o8Gm`dVSKxY8fL3oWbIiKHrh$&@qDF
z(<8zy_n31Az@FwYLQZq4Qo2K6#ov9{u?J-bPO0`?gw4RwVM|0S-B|T%jy<+joGP2`
z@Z4Cq4!D{2Yo_<W^MXW8uv9}%i+xbiDQJm4fYhDNu#k^U<Z|E~SQGf-V#_<LfM=vW
zT9|3_hCWnVBAbYoWj)MrTTsfdnJ;r%OAHm!RQ5r9GzRRArS~6MwYUWE2KZ+UfHfzX
za;&WNy=SUyacWX5@n_SHUgb$bppH|dMjb}j9EfRL3*0<Z0*)kQx#RFtY66S0Y*X0S
zY;_xrMVJ9Va=a?ZdQR%r|NiPAICE*gw}Q-UTjthDN3%?GY2msBbgWS>aV}AHYGLoc
zh97!2R-`oo-p0T<b;}-G>8e%akrIlT)<;^g#?kLuC)Bo@K^`^{m{smS_lU9Zj#{eV
zyRcdzc0wD8dHja8K>Pprfcg~}E&5X*zy7O;{F4Ipp?(D+LFsN~xAqq>PypfXd!qK(
HrSJX$u|TT|

literal 0
HcmV?d00001

diff --git a/static/img/v1.5/install/config-virtual-ip.png b/static/img/v1.5/install/config-virtual-ip.png
new file mode 100644
index 0000000000000000000000000000000000000000..fdfe26a8523a802a5e50ed39761a30138b2409ff
GIT binary patch
literal 4277
zcmchadsI^C`p37~q|<bFW*RfIY-&!EX=Q4YDP2g?GRLfAUa3s+hLqO=ftjv0O)}JY
zFPX{IydWh41tM1dv?Or^1r?FX&_IDi0TtPt?fm}u-PW3Q`mM9h{%5~?uXjK1`+WEJ
z`K<T3{{0ce;)Sag0syes{~-J*09Y>v04u<D0rcios_7hbo1eDN|ClXwW!s*~fu8Nt
z51dF3!NjF!ol1=bP$?L6?3T2c)Y#aRw0KOq)|%%F0Lu{m@V&>*-%-m(>&ra9T<|@%
zn$opYSui$DKDF=juNyMnWQwZ;6b;*MHP?5cE>AOD_>@lo;5Q+$E(KcRgUi18P!MN0
zG+y^HLmuw$Ac1F@GLB3r6JG^8;uJJKs@sPjU2=#-6~`)vl&JtvST%jPCG!v5j>nF{
zZ9nU@DGmz*h?Z`%HPGx)ysu@DHB9Gy(wWC|gj)l^L`EPgAg|(Wasg)li>~zY$ms+}
z1mB<<ND4xm0;Dzofbmp3Q>9mjBs?rF$-QmDZT5-}8YM-0o%`H1m#IB0*BZ%^D^O06
z`#a%3cW<Af^yJ?0j=Z#XCjgvfO0VW{`W$K<nyrBkc8l){(yw8LDZlOTf&Pf5ZWDZU
z)bkH^Xj<R{GDkBHdZm%nyAZ=eU1iCd_mUfl#B~W68Cg#wjS$FHOwGVVZtco~k$iO?
zu{96`fVGvI;k&P3Ojf|jJDXtRSjPKqXGrA1q)vFD4$3X9(Q{7Ww8qq3b^x%Iw9E<s
zF55x|*pu^b9lp@kH~<?Up;Q|Ipiww7kq{l4^LjaU*LMIwbQs@2RUZDQ_GE&8*sX!t
z0L$E`@*@O)nkNwDEanWLwa$^)WQHqWwt;4-YhmaS?TKLp4pT08)JCjCn{mw2zX8SE
zMvc*;A5w|5!16ZX_EZc#-J!EL6Zq|AxBGJG-U~`?*;z8(mp3AoU3`8Cf6KzEBj(kN
zBJ<5Z&J4=Cm?``~{y~0cPgl4XFnf%mXc!tEs&v=Sw_Q^^ES>P`T~d#zF;~FYB+^Cy
z7AX=5e5Gs|8cuSn9sF#iGVIz>pel@V<Nl>?tu9LkYFuCoS9^q<OC8nruvmnIu#~M7
z@$HCwoIp0f#RDG}C?Ch);&;NcdGg^=d-2G~v!}a`Ct}#gsszRQ3lAry=1IBo*qx)*
zmNTF$6?e>H822F?Iwt#OB@wOlw)Vi*_D^FjK>;QS9C<wf9lv~4ibiF(KS?Mry?NrU
zjJcVu>MAOUw+EVc-tIgYxyD)ZYO=h<VO!4KH<ghzD_}tK&fOd+DiSJvs3P(YPAzTL
zz@4GXRnIyk@cVn;s;y4r)C=6w-v-?atm4I*``tHmExpH0#SyPcB9;QGJLzL%?1#Iu
zPE90g_YDi>Wy#ip!7EawE^=)<wX*|l^N6wmc0yprhOi0BjuY5g2DstEZnL+rX+6Rk
z6xWM9#oc);)&gsXTVh6Nv0>mV+JgSE1v@VV06!F}zfWvl`L4jyviX0ZL}T}K;&GEB
z@cQU~y5ld<^7fnP3zzkVF#w3v&J|r<3Phw2t1H~08u=(B{lywOlWM`9mqrtp{V4#@
zCa1HDC0{t7zg&7`3D7L}%l1#2E6b0fpfJ5nrFYGea%{CeOy5$D^emRun9o^J&>l3}
ziyQ2M==Yk!7Qkz*KMYXmhxn}DV;mb1n5Xz-mT<!L*ANW0$wWoD^ID?!^m->PcYIaQ
z4iRoRp;(aqwc~4|FGXQ8uQ}pVy?6yf;q=LkV&K;jO#@5wLIJTXGz#U+yfnpm8C4cc
z-|fR8gWh+4^1wnhJP>9q%IUvRjCyc4;ESlHo_ahE<tMC)D4+Wb6;k0&bq=|qIYFqa
z6UInmlfLi8Y36qNxF$mO&0DnSLT<&kMeXx}X1k~r&H=pM$zxLbLMg8x)>8bFaBd!*
zFMuc82+Ara@5dIn{yG>z_&i0ZHxjl~qvlrcoAXDc%=X3dhXByJYFiV##{+^~vpLY5
zv9a*Y`~KyqEl`rF8zI8lp4)h_?OcTw@H+gTvq+i4D=Xk^DUx45`-D9gHLXwpIptr4
z(SH>h|BL4bMUFL+|AEBLsOwO^U`6Tm-m4dda>N@*hsR4rMF8-_vUPKsB(OK0zOVj#
zqXa@~vpH&w^L)q@=fC`O#xE7i$Y8N>u#*GL)OKfYbY8q-9wfl*q9{?3`1LQJEtB4;
zNCKhrgob8%rV`rc3~Zm1`}LE^6N~>pI{m4LN0VIJ69`2i61MPlBPu`0xt*szx?Dc~
zfbkdA{NIA<II-ngBgchbpY2O|8^ee_AhC}{PbAVDr6b);_bpygtW1ldpA||tWJ-+Y
z2}eWdmc)K?ot%TGqQBD5Ah!sI#YQwbimNcP*<f^*oQKeWV4o?wL^jNEa{6kdeLS!Z
zq|X?8hHk9F>;@^+(Zg`fb5*S#hxR_uVZ~;0aSA_HMnqP)UpN8d_(UJTKcue7lUmA{
zZv9vD6<O(VC6vd+(tG-ekt3P`Sly~*m||)VrN(INIi*vLAGqnY#?mSFxvN})`PIGu
z4^h!Q%*BDHC$E-yO+`y1q*)orH*%(vFv!KC(UWdTud<TmL75{%){{HavY&bsSGbo4
z_@{0*o(fB=_KYH2p&TX7U?DLq*BD0~0{DU@%etx(J!0>ZXr@?NZvUpwsQje73eIW<
zw*mjeGxu8<zA?7{NQ0UhtED0*rn4G|r2bG2UJ3FYo7byr`iMT-X?v4fs3BNBbG@yy
z$jpgj^Iu7LtvTvL{9^O;FPlv%W?bu(b0{J~MmakR+b=1~DLzu<Ei3j`gwqNASM9yC
z-0V9alo=1VXPVy=dYi7J647#Y3V#NHuT)&hh%gMM2}SfLo|CSm2jBgzK>V@?IZ@n@
zPe~zSEJySj`JlwDo_I)IEo*uYj;iIjQNN#ii3n-vF7Q6OXc}~RqMF)TPt=+@EO1bV
z5W`}!MI3yVQjWUmmYU%WQp!w+TMTPG`t!W0s1GZuVtUwAE_yQ+cG_apJQwQ&(AsIh
zpE1T`V9>B;(NeQe_kgRzz9JxBd15WOCy2C0@3E155PvO`wB0oEh^cWWEoEp)#h&`f
zANv%f2gJ;2x_m#~WIV2QYO_o%DiZA2d~o1Gn|VIh=26W8J9^Xa-)_RkkZ}ZM#IrKR
z<RfCtJ+tYX^AiS1Bg|PUUlkXZPdrdWRUq|fFib((?FVgobliCTy^qZFb(UNZEV3v3
zR2GsKv@>t|jKK}FoxPOz#yozz)dpi^O2)UeS)`Y9%DhasVT<lrtGKyom1tNZ1sKOj
z!4iXl`yIJlF<JD8NSU49@l3?xvCKZBa`n_7Ixr`hn6P9jM~5nu!QwFTJhQh-Ger3k
z;|p5C^A$nq<y<d($EN#b7xEC5EWf1zqFn)cgvvJ&*8y&3{9cLn(39ekfhBQhWO(bK
zr{0B@fJ8gRM-lGFnTtV+hSYENs-KNCk>Jp=O^4t%F{DUQTewLw2HqWY+Q2o@#9dFZ
zewIel_&Q;0=}cN17_7ihq^3S{ez4RM-s-hJns?NU(rd$pZX9$-&1f=D5i2T|S)I)n
z{|FEtS*ET};tDY@uJiz9JEx3~EPE{1+;`ep4G3O@%)rQIo95&{F_Kz>L_yFj-8<J+
z?PI&u)|tQSEY*clVaL7RqAcO+9$5WsG?ymtnsIm4tv1``D0O7??r$xhnunICd($e-
z-KuztV0N~cVHy0u2F}((5J=hT8PI`QDXDexP&H?@o@5}jqh2PxmLcmb=S7%81x$H<
zI}c}h%wcIO`zT1dK`uqE1VCLO<-CmZ(#D9|GoBpHdoqRuN~<@)-!%o_#kX<A-o6GV
z&6rZ-5%MLrKU8#8J+sAB+2Dd@3Cavy*%(OXaN?AjYD5Mc$*V!i<4yOn7Oi=NXJpaU
zMMphVxm-jR#ix2mAbJbLi}ZFh#HF?}>$JeWn)iE~Sa<~M04e!-7rHBrbsQrja!r+)
z-icx-S^oPO4=a=hc2z{Dr_n$PHrK>P_%&LRZVpHo>yq9X4)phgr(hh(;NKV4&zs-O
z8OYof((x4aZn7fMk-jvWvC`L%KMVDPkN-wDmb~bzTXk{(e^MlcCC)pY?$m9d)l@p=
ztDL%+H7uHVa5Upgt9~!g$Vcyo-()!zVwo84vpM<4-7_wY9*7ooY4eJ~484h-i9Hc?
zg1BBw1QH(ywcNn_4iPWBUm`^7&?6pxlQi_QH~7J+Y3pX>)hjtQHr5Ee(N)_MK{#Wc
zeBxoFbC-IZHVbF<WPwT&I%e5%nIX>bv#7qP;%&G;Xr34fC<n*ispm~8*{-$G`7_9`
z{0k86vIrJ)Hs6r9;NW_~kL4A!T_!gcp#$6$MY$D0q%B@=YGdB%Pl`)5d18YT(43<T
z6OTpgPDXZIq505|=_Z`(8Vy?B^&di<+M$cMo)*$DTWsjj@VMrXnXGpcqA>UmBdR6K
xfh~*HTD^X9*%oRYTOjxTyZgZZ({;|SwB;PU@(bhi1*k#*{{u(hb^A_U{0G}pslfmM

literal 0
HcmV?d00001


From 4de0e065dc663d1a9aae01930fb16e4c39deacb5 Mon Sep 17 00:00:00 2001
From: Ivan Sim <ivan.sim@suse.com>
Date: Tue, 14 Jan 2025 11:53:59 -0800
Subject: [PATCH 2/4] Use default CIDRs in example config

Signed-off-by: Ivan Sim <ivan.sim@suse.com>
---
 docs/install/harvester-configuration.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/docs/install/harvester-configuration.md b/docs/install/harvester-configuration.md
index 2cc35dc7a5..9e89730d1e 100644
--- a/docs/install/harvester-configuration.md
+++ b/docs/install/harvester-configuration.md
@@ -73,9 +73,9 @@ install:
   vip: 10.10.0.19
   vip_hw_addr: 52:54:00:ec:0e:0b
   vip_mode: dhcp
-  cluster_pod_cidr: 172.16.0.0/16
-  cluster_service_cidr: 172.22.0.0/16
-  cluster_dns_ip: 172.22.0.10
+  cluster_pod_cidr: 10.52.0.0/16
+  cluster_service_cidr: 10.53.0.0/16
+  cluster_dns_ip: 10.53.0.10
   force_mbr: false
   addons:
     harvester_vm_import_controller:

From 99a2455f32ad0b21de0e09788fa12529a3551fc1 Mon Sep 17 00:00:00 2001
From: Ivan Sim <ivan.sim@suse.com>
Date: Tue, 14 Jan 2025 12:46:40 -0800
Subject: [PATCH 3/4] Include permitted private ranges for the pod and service
 CIDRs

Signed-off-by: Ivan Sim <ivan.sim@suse.com>
---
 docs/install/iso-install.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/docs/install/iso-install.md b/docs/install/iso-install.md
index 211631f75a..73a24e78f5 100644
--- a/docs/install/iso-install.md
+++ b/docs/install/iso-install.md
@@ -98,7 +98,11 @@ The following [video](https://youtu.be/X0VIGZ_lExQ) shows a quick overview of an
   * Cluster DNS IP: 172.22.0.10
 
 	:::note
-  The pod CIDR and service CIDR must not overlap. The DNS service IP must be within the service CIDR.
+  The pod CIDR and service CIDR must not overlap.
+
+  The CIDRs must be within the private IP address range of either 10.0.0.0/8, 172.16.0.0/12 or 192.168.0.0/16.
+
+  The DNS service IP must be within the service CIDR.
 	:::
 
 1. (Optional) Configure the `DNS Servers`. Use commas as a delimiter to add more DNS servers. Leave it blank to use the default DNS server.

From 4339e8e7bc1a61337ca526082b8476ab631131ff Mon Sep 17 00:00:00 2001
From: Ivan Sim <1330522+ihcsim@users.noreply.github.com>
Date: Thu, 16 Jan 2025 13:32:52 -0800
Subject: [PATCH 4/4] Address review feedback

Co-authored-by: Jillian <67180770+jillian-maroket@users.noreply.github.com>
---
 docs/install/harvester-configuration.md | 10 +++++++++-
 docs/install/iso-install.md             | 26 +++++++++++++------------
 2 files changed, 23 insertions(+), 13 deletions(-)

diff --git a/docs/install/harvester-configuration.md b/docs/install/harvester-configuration.md
index 9e89730d1e..3c4375ad68 100644
--- a/docs/install/harvester-configuration.md
+++ b/docs/install/harvester-configuration.md
@@ -750,7 +750,11 @@ install:
 
 Use this field to override the default service CIDR of 10.53.0.0/16.
 
-If this CIDR is changed, the cluster DNS IP must be within this range. See the `install.cluster_dns` field.
+:::info important
+
+If you change this CIDR, you must ensure that the cluster DNS IP (`install.cluster_dns`) is within this range.
+
+:::
 
 **Example**:
 
@@ -765,8 +769,12 @@ install:
 
 Use this field to override the default DNS service IP of 10.53.0.10.
 
+:::info important
+
 This IP must be within the range defined by the `cluster_service_cidr` field.
 
+:::
+
 **Example**:
 
 ```yaml
diff --git a/docs/install/iso-install.md b/docs/install/iso-install.md
index 73a24e78f5..7c55ba2a60 100644
--- a/docs/install/iso-install.md
+++ b/docs/install/iso-install.md
@@ -87,23 +87,25 @@ The following [video](https://youtu.be/X0VIGZ_lExQ) shows a quick overview of an
 	For more information, see [DHCP Server Configuration](./pxe-boot-install.md#dhcp-server-configuration).
 	:::
 
-1. (Optional) Configure the CIDRs for the cluster pods and services. Leave these fields blank to use the default CIDRs.
+1. (Optional) Configure the CIDRs for the cluster pods and services.
 
-	![config-cluster-cidrs.png](/img/v1.5/install/config-cluster-cidrs.png)
+    If you want to use the default values, leave the fields blank.
 
-  The following is an example of a valid CIDR configuration:
+    ![config-cluster-cidrs.png](/img/v1.5/install/config-cluster-cidrs.png)
 
-  * Pod CIDR: 172.16.0.0/16
-  * Service CIDR: 172.22.0.0/16
-  * Cluster DNS IP: 172.22.0.10
+    :::info important
+  
+    The CIDR values must not overlap and must be within the private IP address range of 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16.
 
-	:::note
-  The pod CIDR and service CIDR must not overlap.
-
-  The CIDRs must be within the private IP address range of either 10.0.0.0/8, 172.16.0.0/12 or 192.168.0.0/16.
+    The DNS service IP must be within the range defined by the **Service CIDR** field.
+    
+    :::
+    
+    Example of a valid CIDR configuration:
 
-  The DNS service IP must be within the service CIDR.
-	:::
+    - **Pod CIDR**: 172.16.0.0/16
+    - **Service CIDR**: 172.22.0.0/16
+    - **Cluster DNS IP**: 172.22.0.10
 
 1. (Optional) Configure the `DNS Servers`. Use commas as a delimiter to add more DNS servers. Leave it blank to use the default DNS server.