Jose,
Thanks.
So my setup just has a single master and single infra node (plus some
'worker' nodes).
So that presumably makes it not possible to do this as single master
setups cannot be scaled up?
Seems like I have to start again from scratch?
On 28/08/18 12:02, Jose Manuel wrote:
Hi Tim,
In master certificates the Subject Alternative Name includes some IP
addresses like internal balancer.
In etcd certificates the Subject Alternative Name also includes its
own addresses.
Masters cannot change their IP addresses (not easily).
Nodes also have certificates where their own address is and there is a
virtual network software that all nodes (masters are also nodes) use
to allow pods communication. I think that connections are also done
using the ip address instead dns name. I am not sure about this point.
The most secure and easy way to change the node address is to remove
it from the cluster and add it using the procedures described here:
https://docs.okd.io/3.9/admin_guide/manage_nodes.html#adding-nodes
Jose Manuel
--
Jose Manuel Ferrer Mosteiro
Devops / Sysdev @ Paradigma Digital
__ _ _
/ / _ __ __ _ _ __ __ _ __| (_) __ _ _ __ ___ __ _
| | | '_ \ / _` | '__/ _` |/ _` | |/ _` | '_ ` _ \ / _` |
< < | |_) | (_| | | | (_| | (_| | | (_| | | | | | | (_| |
| | | .__/ \__,_|_| \__,_|\__,_|_|\__, |_| |_| |_|\__,_|
\_\ |_| |___/
http://www.paradigmadigital.com/
Vía de las dos Castillas, 33, Ática 4, 2ª Planta
28224 Pozuelo de Alarcón, Madrid
Tel: 91 352 59 42 // @paradigmate
El 2018-08-28 12:36, Tim Dudgeon escribió:
I've got a situation where the IP addresses of the nodes in an
openshift origin 3.9 cluster are going to change and am trying to
work out what impact this will have. Of course the DNS will be
updated to reflect the changes, and the ansible inventory file only
uses hostnames, not IP addresses.
However, looking that the /etc/origin/master/master-config.yaml I see
an entry like this:
masterIP: 172.20.0.16
And on the nodes in the /etc/origin/node/node-config.yaml I see this:
dnsIP: 172.20.0.16
So this suggests that the IP addresses are significant in some aspects.
Are there other places where the IP addresses will need to be changed?
Should it work to just update those IP addresses and restart the services?
Thanks
Tim
_______________________________________________
users mailing list
users@lists.openshift.redhat.com
<mailto:users@lists.openshift.redhat.com>
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
_______________________________________________
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
