Update doc for internal IP ranges for egress control (#13287)

* clarify the internal IP ranges for IBM Cloud Kubernetes Service

* Trigger Build

* add example of the command output

* paraphrase the text

* update snips.sh

content/en/docs/tasks/traffic-management/egress/egress-control/index.md

@@ -363,7 +363,18 @@ Set the value of `values.global.proxy.includeIPRanges` according to your cluster
 
 #### IBM Cloud Kubernetes Service
 
-Use `--set values.global.proxy.includeIPRanges="172.30.0.0/16\,172.21.0.0/16\,10.10.10.0/24"`
+To see which CIDR is used in the cluster use `ibmcloud ks cluster get -c <CLUSTER-NAME>` and look for the `Service Subnet`:
+
+{{< text bash >}}
+$ ibmcloud ks cluster get -c my-cluster | grep "Service Subnet"
+Service Subnet:                 172.21.0.0/16
+{{< /text >}}
+
+Then use `--set values.global.proxy.includeIPRanges="172.21.0.0/16"`
+
+{{< warning >}}
+On very old clusters, this may not work so you can use `--set values.global.proxy.includeIPRanges="172.30.0.0/16,172.21.0.0/16,10.10.10.0/24"` or use `kubectl get svc -o wide -A` to further narrow down the CIDR value for the setting.
+{{< /warning >}}
 
 #### Google Kubernetes Engine (GKE)
 

content/en/docs/tasks/traffic-management/egress/egress-control/snips.sh

@@ -194,6 +194,14 @@ grep service_cluster_ip_range cluster/config.yaml
 service_cluster_ip_range: 10.0.0.1/24
 ENDSNIP
 
+snip_ibm_cloud_kubernetes_service_1() {
+ibmcloud ks cluster get -c my-cluster | grep "Service Subnet"
+}
+
+! read -r -d '' snip_ibm_cloud_kubernetes_service_1_out <<\ENDSNIP
+Service Subnet:                 172.21.0.0/16
+ENDSNIP
+
 snip_google_kubernetes_engine_gke_1() {
 gcloud container clusters describe XXXXXXX --zone=XXXXXX | grep -e clusterIpv4Cidr -e servicesIpv4Cidr
 }