[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Automatic Egress IPs across multiple subnets



On 2/4/19 10:42 AM, Thode Jocelyn wrote:
> This is what I had understood as well. Thanks for the clarification.
> 
> Should I post directly on the openshift origin repository to ask for this feature (if it is feasible) in a future release ?

Sure. (Unless you're an OpenShift Container Platform customer, in which
case you should file an RFE through Support.)

-- Dan

> 
> Jocelyn
> 
> -----Original Message-----
> From: Dan Winship <danw redhat com> 
> Sent: lundi, 4 février 2019 16:29
> To: Thode Jocelyn <jocelyn thode elca ch>; dev lists openshift redhat com
> Subject: Re: Automatic Egress IPs across multiple subnets
> 
> On 2/4/19 8:57 AM, Thode Jocelyn wrote:
>> oc patch hostsubnet node-1.dc1.com -p '{"egressCIDRs": ["172.20.220.0/24"]}'
>> oc patch hostsubnet node-2.dc2.com -p '{"egressCIDRs": ["172.20.221.0/24"]}'
>>
>> oc patch netnamespace test -p '{"egressIPs":
>> ["10.231.86.150","10.230.86.150"]}'
> 
> (So first off, this example is broken (the egressIPs you are assigning to the namespace don't match the egressCIDRs you assigned to the nodes) but I assume that's just because you changed the IPs before pasting into the email but you forgot to change them in both places.)
> 
>> However when we specify multiple IPs none are actually getting assigned.
>> We found this resolved issue:
>> https://bugzilla.redhat.com/show_bug.cgi?id=1633574 that seems to 
>> point that the expected behavior is to not assign any ip.
>>
>> As I understand it, right now if we want to use automatic Egress IPs 
>> we can only have one IP which is this correct ?
> 
> You can't have multiple IPs per namespace when using the "fully-automatic" mode where egress IPs are automatically assigned to nodes based on egressCIDRs.
> 
> But you can do it if you use the "semi-automatic" mode where you assign egress IPs to nodes by hand:
> 
> oc patch hostsubnet node-1.dc1.com -p '{"egressIPs": ["10.231.86.150"]}'
> oc patch hostsubnet node-2.dc2.com -p '{"egressIPs": ["10.230.86.150"]}'
> oc patch netnamespace test -p '{"egressIPs":
> ["10.231.86.150","10.230.86.150"]}'
> 
> in that case, the "test" namespace would use the 10.231.86.150 IP on
> node-1 whenever it was available, but would fall back to the
> 10.230.86.150 IP on node2 if node1 became inaccessible.
> 
> 
> We didn't think about the case of multiple zones in the fully-automatic case... This *could* in theory be made to work, but it doesn't now.
> 
> -- Dan
> 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]