Automatic Egress IPs across multiple subnets



We have an OKD setup over multiple DCs. Each DC has its own subnet (e.g.: and We want each project to have its own ip. And of course we want the project to be able to still reach other services even if we lose a DC. Thus what we had in mind was to do the following:


oc new-project test


oc patch hostsubnet node-1.dc1.com -p '{"egressCIDRs": [""]}'

oc patch hostsubnet node-2.dc2.com -p '{"egressCIDRs": [""]}'


oc patch netnamespace test -p '{"egressIPs": ["",""]}'


With the understanding that the first IP would be assigned to node-1.dc1.com and the second ip would be assigned to node-2.dc2.com. Thus if we lose a zone traffic could still go through.


However when we specify multiple IPs none are actually getting assigned. We found this resolved issue: https://bugzilla.redhat.com/show_bug.cgi?id=1633574 that seems to point that the expected behavior is to not assign any ip.


As I understand it, right now if we want to use automatic Egress IPs we can only have one IP which is this correct ?



Jocelyn Thode

