Add a guide for external network use case #573
Conversation
|
🤖 Created branch: z_pr573/mkimuram/external |
|
✔️ Deploy Preview for elated-bell-2913d9 ready! 🔨 Explore the source changes: 5ccd2c2 🔍 Inspect the deploy log: https://app.netlify.com/sites/elated-bell-2913d9/deploys/61c49fcf2fc45000084cfd4b 😎 Browse the preview: https://deploy-preview-573--elated-bell-2913d9.netlify.app |
| ```bash | ||
| export KUBECONFIG=kubeconfig.cluster-a | ||
| kubectl -n default run tmp-shell --rm -i --tty --image quay.io/submariner/nettest -- bash | ||
| curl 242.0.255.253 |
There was a problem hiding this comment.
Due to this issue, access from cluster to non-cluster works only via global ingress IP. It should be able to be accessed via DNS name.
| metadata: | ||
| name: test-vm | ||
| spec: | ||
| ports: |
There was a problem hiding this comment.
Does it make sense to make it headless service, by adding clusterIP: None?
Then, it will be headless service without selector.
By doing so, I expect that it can provide a persistent source IP from the endpoint that is pointing to an external host.
Currently, it doesn't seem to work maybe the similar reason to this issue.
There was a problem hiding this comment.
Opened a separate issue submariner-io/submariner#1537 .
| subctl join --kubeconfig kubeconfig.cluster-b broker-info.subm --clusterid cluster-b --natt=false | ||
| ``` | ||
|
|
||
| #### Deploy dns server on cluster-a for non-cluster hosts |
There was a problem hiding this comment.
Created a separate issue to discuss a better way for this, here.
| On the other hand, subnets of non-cluster hosts should be distinguished from those of all the clusters to easily specify the external network CIDR. | ||
| In above case, cluster-a and cluster-b belongs to 192.168.122.0/25 network and test-vm belongs to 192.168.122.128/25 network. | ||
| Therefore, the external network CIDR for this configuration is 192.168.122.128/25. | ||
| In test environment for just one host, we will be able to specify external network CIDR, like 192.168.122.142/32, however design of the subnet needs to be considered when more hosts are added. |
There was a problem hiding this comment.
For this configuration to be more flexible, it would be better to provide a separate interface for external CIDR, in the future, as @mangelajo has already pointed out here.
|
|
||
| ```bash | ||
| subm_gw_ip=192.168.122.26 | ||
| ip r add 242.0.0.0/8 via ${subm_gw_ip} |
There was a problem hiding this comment.
Do you want to add a small note saying 242.0.0.0/8 is the default globalCIDR?
|
🤖 I had an issue pushing the updated branch: already up-to-date |
3 similar comments
|
🤖 I had an issue pushing the updated branch: already up-to-date |
|
🤖 I had an issue pushing the updated branch: already up-to-date |
|
🤖 I had an issue pushing the updated branch: already up-to-date |
mkimuram
force-pushed
the
external
branch
3 times, most recently
from
56c4141 to
1719e45
Compare
|
Thank you for your review and suggestions! Fixed as suggested. |
| ```bash | ||
| CLUSTER_CIDR=10.42.0.0/24 | ||
| EXTERNAL_CIDR=192.168.122.128/25 | ||
| subctl join --kubeconfig kubeconfig.cluster-a broker-info.subm --clusterid cluster-a --natt=false --clustercidr=${CLUSTER_CIDR},${EXTERNAL_CIDR} |
There was a problem hiding this comment.
| subctl join --kubeconfig kubeconfig.cluster-a broker-info.subm --clusterid cluster-a --natt=false --clustercidr=${CLUSTER_CIDR},${EXTERNAL_CIDR} | |
| subctl join --kubeconfig kubeconfig.cluster-a broker-info.subm --clusterid cluster-a --natt=false --external-network-cidr ${EXTERNAL_CIDR} |
There was a problem hiding this comment.
In the future we could have something like this, but still not implemented
|
This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
|
Still working. |
|
This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
|
🤖 Closed branches: [z_pr573/mkimuram/external] |
|
🤖 Created branch: z_pr573/mkimuram/external |
|
This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
|
Hi @mkimuram, I was wondering if you would be up for chatting about this proposal as there is some interest in a project I am working on to find a bare metal and/or non-kube solution and this PR was referenced. My email is brent.salisbury@redhat.com if you were up to chatting on slack/hangout or whatever would be convenient for you. Thanks! |
|
This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
|
bump |
|
@dfarrell07 can you please review this one for style/grammar? I don't see a reason not to merge it, as the content is accurate AFAIK and we keep point users to this PR instead of a proper doc. Thanks! @sridhargaddam FYI |
nyechiel
added
the
confirmed
ACK, sounds good @nyechiel will do. I thought this was waiting on some still-pending implementation PRs. |
|
I'll send a commit with a bunch of little tweaks if that's okay. |
Signed-off-by: Masaki Kimura <masaki.kimura@hitachivantara.com>
mkimuram
force-pushed
the
external
branch
3 times, most recently
from
1f9879b to
5ccd2c2
Compare
Various edits to the new quickstart guide for connecting K8s clusters with non-clusters using Submariner. Signed-off-by: Daniel Farrell <dfarrell@redhat.com> Signed-off-by: Masaki Kimura <masaki.kimura@hitachivantara.com>
|
Thank you for your review and fixes. |
There was a problem hiding this comment.
Thank you for your patience on the PR @mkimuram. As discussed on the thread, we can get this in and iterate using further PRs.
|
🤖 Closed branches: [z_pr573/mkimuram/external] |
fixes: #572