[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: OpensShift SDN

On Fri, Jan 8, 2016 at 12:53 PM, Srinivas Naga Kotaru (skotaru)
<skotaru cisco com> wrote:
> Can we span cluster nodes across 2 physical subnets?
> Reason am asking was we have few data centers and each data center host
> internal and external apps. Node which hosting internal apps reside in a
> different subnet than external nodes. External nodes resides in a separate
> protected network,
> As usual, internal nodes/subnet is more relaxed compare to protected network
> while talking to internal resources. External network need explicit ACL’s to
> open to connect same resources.
> We were decided to install dedicated cluster installation per data center.
> The question remain is, can we use this single install to host both internal
> and external apps by using regions/zones and node selector feature.  This
> way we can designated few nodes as internal and few as external similar to
> OSE 2.X node profile by separating nodes??

The scheduler in 3.x is much more powerful than what could be done
with node profiles out of the box in 2.x:


You would likely want to use MatchNodeSelector.  In addition you'll
likely find the affinity and anti-affinity support very useful for
ensuring work is scheduled properly across availability zones.

> Will it create any issues due to SDN? SDN will be single network might be
> sharing by both internal and external apps but this SDN is private and am
> thinking don’t pose any security issues? If required we can still use VNDI
> option to further isolation project traffic by creating separate projects
> for internal and external apps??
> We can install separate cluster installations for internal and external to
> get full clean isolation but it further complex and double multiple API end
> points along with per data center API end points.
> Is my understanding correct or am missing anything in this whole picture?
> Srinivas Kotaru
> _______________________________________________
> dev mailing list
> dev lists openshift redhat com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]