vSphere: zonal with external lb #1277
Conversation
openshift-ci
bot
added
the
do-not-merge/work-in-progress
|
Skipping CI for Draft Pull Request. |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
Currently working with haproxy and zonal, with changes to the installer. Obviously this isn't complete just a test. |
Describes the requirements for a MVP implementation of a external lb and the use of multiple subnets.
jcpowermac
force-pushed
the
vsphere-external-lb
branch
from
5ff57cb
to
2e33b46
Compare
There was a problem hiding this comment.
I know we have similar requests for other on-prem platforms (https://issues.redhat.com/browse/OPNET-14 ) so I'd be interested in a cross-platform solution to this. My thought was less removing all of the IPI components and making it behave like UPI, and more allow the DNS records to be pointed at an external loadbalancer.
That said I don't know all the details about your use cases. There are situations my idea would not support.
|
|
||
| ## Summary | ||
|
|
||
| The goal of this enhancement is to provide the ability to install vSphere IPI zonal on separate L2 segments. As of this writing the only way to |
There was a problem hiding this comment.
Is this distinct from the remote workers functionality that we already have for baremetal? AFAIK that should already work for vsphere, we just haven't tested it.
There was a problem hiding this comment.
ingress was resolved for vsphere
https://issues.redhat.com/browse/SPLAT-409
The scope is install time use of a external lb without the static pods of IPI with support for api and ingress.
openshift-ci
bot
removed
the
do-not-merge/work-in-progress
|
@jcpowermac: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
|
||
| ## Summary | ||
|
|
||
| The goal of this enhancement is to provide the ability to install vSphere IPI zonal on separate L2 segments without the static pods (keepalived, haproxy, coredns). |
|
|
||
| ### MCO | ||
|
|
||
| The existing switch to deploy keepalived, haproxy and coredns static pods in the machine config operator is the apivip variable. This would change to be the Infrastructure status parameter: `LoadBalancerType`. |
There was a problem hiding this comment.
for all on prem platforms or only for vsphere?
I would prefer to have it a generic enhancement to the on prem networking
| ) | ||
|
|
||
| // Platform stores any global configuration used for vsphere platforms | ||
| type Platform struct { |
| @@ -0,0 +1,201 @@ | |||
| --- | |||
| title: vsphere-ipi-zonal-external-lb | |||
There was a problem hiding this comment.
general thought:
The fact that there is a inter-dependency between IPI and onprem networking is a big limitation that we've been imposing on our customers. Hence I think having this enhancement is a great step forward. I do believe that it should be solved in a holistic manner - for all on prem platforms, rather than for vpshere only.
In assisted - the way we are categorizing it is - CMN (cluster managed netoworking) and UMN (user managed networking) - where, currently, it boils down to ipi/upi manifests (which define the networking yamls). Once this enhancement is implemented, we'll have to adjust our logic there.
| - "@jcpowermac" | ||
| reviewers: | ||
| - "@rvanderp3" | ||
| - "@bostrt" |
|
|
||
| ### api | ||
|
|
||
| #### Infrastructure Status |
There was a problem hiding this comment.
what about existence / non-existence of VIPs - why it cannot be the signal? then it will be aligned with upi/ipi networking parts
There was a problem hiding this comment.
and, the installer can set the lodbalancer type as the derivative of those values, without letting the user specifying it
|
/hold After a slack thread chat last week with @tsorya this enhancement will change significantly. |
openshift-ci
bot
added
the
do-not-merge/hold
|
/close |
|
@jcpowermac: Closed this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
No description provided.