OpenStack: Custom API and Ingress vip addresses #3366
Conversation
|
/cc @Fedosin |
|
/label platform/openstack |
openshift-ci-robot
added
the
needs-rebase
openshift-ci-robot
removed
the
needs-rebase
openshift-ci-robot
requested review from
adduarte
and removed request for
jstuever
|
/retest |
pkg/types/openstack/platform.go
Outdated
| @@ -43,4 +43,14 @@ type Platform struct { | |||
| // the default OS image for cluster nodes, or an existing Glance image name. | |||
| // +optional | |||
| ClusterOSImage string `json:"clusterOSImage,omitempty"` | |||
|
|
|||
| // apiVIP is the static IP on the nodes subnet that the api port for openshift will be assigned | |||
There was a problem hiding this comment.
APIVIP is the static IP...
pkg/types/openstack/platform.go
Outdated
| // +optional | ||
| APIVIP string `json:"apiVIP,omitempty"` | ||
|
|
||
| // ingressVIP is the static IP on the nodes subnet that the apps port for openshift will be assigned |
There was a problem hiding this comment.
IngressVIP is the static IP...
|
|
||
| if p.IngressVIP != "" { | ||
| if err := validate.IP(p.IngressVIP); err != nil { | ||
| allErrs = append(allErrs, field.Invalid(fldPath.Child("IngressVIP"), p.IngressVIP, err.Error())) |
There was a problem hiding this comment.
fldPath.Child("ingressVIP")
| } | ||
|
|
||
| if !n.MachineNetwork[0].CIDR.Contains(net.ParseIP(p.IngressVIP)) { | ||
| allErrs = append(allErrs, field.Invalid(fldPath.Child("IngressVIP"), p.IngressVIP, "IP is not in the nodesNetwork")) |
There was a problem hiding this comment.
fldPath.Child("ingressVIP")
|
/hold race condition for ports |
openshift-ci-robot
added
the
do-not-merge/hold
|
/hold cancel |
openshift-ci-robot
removed
the
do-not-merge/hold
|
/retest |
|
/lgtm |
pkg/types/openstack/platform.go
Outdated
| @@ -43,4 +43,14 @@ type Platform struct { | |||
| // the default OS image for cluster nodes, or an existing Glance image name. | |||
| // +optional | |||
| ClusterOSImage string `json:"clusterOSImage,omitempty"` | |||
|
|
|||
| // APIVIP is the static IP on the nodes subnet that the api port for openshift will be assigned | |||
| // Default: will be set to the 5 on the machinesNetwork CIDR | |||
There was a problem hiding this comment.
machinesNetwork -> machineNetwork
also it seems like we pick the 5th host in the first network range of the list.
| allErrs = append(allErrs, field.Invalid(fldPath.Child("apiVIP"), p.APIVIP, err.Error())) | ||
| } | ||
| if !n.MachineNetwork[0].CIDR.Contains(net.ParseIP(p.APIVIP)) { | ||
| allErrs = append(allErrs, field.Invalid(fldPath.Child("apiVIP"), p.APIVIP, "IP is not in the machineNetwork")) |
| if err := validate.IP(p.APIVIP); err != nil { | ||
| allErrs = append(allErrs, field.Invalid(fldPath.Child("apiVIP"), p.APIVIP, err.Error())) | ||
| } | ||
| if !n.MachineNetwork[0].CIDR.Contains(net.ParseIP(p.APIVIP)) { | ||
| allErrs = append(allErrs, field.Invalid(fldPath.Child("apiVIP"), p.APIVIP, "IP is not in the machineNetwork")) |
There was a problem hiding this comment.
the 2 step check is same for API and ingress VIP, so maybe use one function for both..
| MachineNetwork: []types.MachineNetworkEntry{ | ||
| { | ||
| CIDR: *ipnet.MustParseCIDR("10.0.0.0/16"), | ||
| }, | ||
| }, |
There was a problem hiding this comment.
| MachineNetwork: []types.MachineNetworkEntry{ | |
| { | |
| CIDR: *ipnet.MustParseCIDR("10.0.0.0/16"), | |
| }, | |
| }, | |
| MachineNetwork: []types.MachineNetworkEntry{{ | |
| CIDR: *ipnet.MustParseCIDR("10.0.0.0/16"), | |
| }}, |
| name: "invalid network custom ingress vip", | ||
| platform: func() *openstack.Platform { | ||
| p := validPlatform() | ||
| p.IngressVIP = "banana" |
|
few nits, but i'll leave them upto openstack-approvers /approve /hold just to give people some time to fix the nits, please free to remove. |
openshift-ci-robot
added
the
do-not-merge/hold
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: abhinavdahiya The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
the
approved
co-authored-by: Fedosin mfedosin@redhat.com
|
/lgtm |
|
/retest |
|
/hold cancel |
openshift-ci-robot
removed
the
do-not-merge/hold
|
/retest Please review the full test history for this PR and help us cut down flakes. |
9 similar comments
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
@iamemilio: The following tests failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
| @@ -23,7 +23,9 @@ Beyond the [platform-agnostic `install-config.yaml` properties](../customization | |||
| * `octaviaSupport` (optional string): Whether OpenStack supports Octavia (`1` for true or `0` for false) | |||
| * `region` (deprecated string): The OpenStack region where the cluster will be created. Currently this value is not used by the installer. | |||
| * `trunkSupport` (optional string): Whether OpenStack ports can be trunked (`1` for true or `0` for false) | |||
| * `clusterOSImage` (optional string): Either a URL with `http(s)` or `file` scheme to override the default OS image for cluster nodes or an existing Glance image name. | |||
| * `clusterOSimage` (optional string): Either a URL with `http(s)` or `file` scheme to override the default OS image for cluster nodes or an existing Glance image name. | |||
There was a problem hiding this comment.
This needs to match the Go JSON serialization. Fixed via #3439.
Customers may want to plumb the networking that enables external access to the cluster in a number of ways. To make their job easier, this feature allows them to select fixed IP addresses that they can reach the API and apps ingress at in their OpenShift cluster. This allows them to use/reuse pre-existing routing and external access schemes more easily. This adds an additional optional set of values to the openstack platform section of the install config as follows:
Note that the default values have not changed. APIVIP still defaults to the
5on the machineNetwork, and IngressVIP still defaults to the7.