[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Coming back to openshift. looking for help rolling a 6 node lab running 3.10.

I played with openshift a few revs back, but didn’t have the hardware assembled to be able to give it a full test.

Now that I’ve assembled the gear I (think I) need, I’m starting to walk through the instructions, and I’m finding some spots that I’m uncertain about.

most specifically (at the moment)

the overall environment has a /27 of public ipv4 space.
one unroutable/24 is for ‘generic lan user traffic’
one unroutable/24 is for ‘dmz devices’
I am using the unroutable network 198.18.100/24 for ‘openshift physical systems’
3 masters
3 nodes
I plan on sticking a vip for the masters on the ha firewall pair (pfsense) for the entire environment.

I was thinking that I’d have a (maybe more?) vip configured on the public space for the masters permitting access from the outside world to the workloads being facilitated through the cluster.

I doubt it prudent to make everything available externally by default,
Does it make sense to have one vip on the 198.18.100 network for node/master <-> node/master comms, and one vip on the public network for workloads?

This WAS my plan, but I saw the previous post from Gaurav today outlining his difficulties when having differing PublicMasterURL and masterURL variables configured, and thought that it might be wise to pause and ask for clarification and perhaps a touch of guidance before runnign down a trap-laden-path.

Thanks in advance for any guidance or help.


Attachment: signature.asc
Description: Message signed with OpenPGP

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]