RE: Automatic Egress IPs across multiple subnets

Mon, 04 Feb 2019 07:42:54 -0800 

This is what I had understood as well. Thanks for the clarification.

Should I post directly on the openshift origin repository to ask for this 
feature (if it is feasible) in a future release ?

Jocelyn

-----Original Message-----
From: Dan Winship <d...@redhat.com> 
Sent: lundi, 4 février 2019 16:29
To: Thode Jocelyn <jocelyn.th...@elca.ch>; dev@lists.openshift.redhat.com
Subject: Re: Automatic Egress IPs across multiple subnets

On 2/4/19 8:57 AM, Thode Jocelyn wrote:
> oc patch hostsubnet node-1.dc1.com -p '{"egressCIDRs": ["172.20.220.0/24"]}'
> oc patch hostsubnet node-2.dc2.com -p '{"egressCIDRs": ["172.20.221.0/24"]}'
> 
> oc patch netnamespace test -p '{"egressIPs":
> ["10.231.86.150","10.230.86.150"]}'

(So first off, this example is broken (the egressIPs you are assigning to the 
namespace don't match the egressCIDRs you assigned to the nodes) but I assume 
that's just because you changed the IPs before pasting into the email but you 
forgot to change them in both places.)

> However when we specify multiple IPs none are actually getting assigned.
> We found this resolved issue:
> https://bugzilla.redhat.com/show_bug.cgi?id=1633574 that seems to 
> point that the expected behavior is to not assign any ip.
> 
> As I understand it, right now if we want to use automatic Egress IPs 
> we can only have one IP which is this correct ?

You can't have multiple IPs per namespace when using the "fully-automatic" mode 
where egress IPs are automatically assigned to nodes based on egressCIDRs.

But you can do it if you use the "semi-automatic" mode where you assign egress 
IPs to nodes by hand:

oc patch hostsubnet node-1.dc1.com -p '{"egressIPs": ["10.231.86.150"]}'
oc patch hostsubnet node-2.dc2.com -p '{"egressIPs": ["10.230.86.150"]}'
oc patch netnamespace test -p '{"egressIPs":
["10.231.86.150","10.230.86.150"]}'

in that case, the "test" namespace would use the 10.231.86.150 IP on
node-1 whenever it was available, but would fall back to the
10.230.86.150 IP on node2 if node1 became inaccessible.


We didn't think about the case of multiple zones in the fully-automatic case... 
This *could* in theory be made to work, but it doesn't now.

-- Dan

_______________________________________________
dev mailing list
dev@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/dev

Reply via email to