Ocpbugs 25129: metallb should make sure that secondary nics are forwarding traffic #83087
Conversation
openshift-ci
bot
added
the
size/M
|
🤖 Tue Oct 15 08:39:35 - Prow CI generated the docs preview: |
kquinn1204
force-pushed
the
OCPBUGS-25129
branch
2 times, most recently
from
91dc592 to
681a70c
Compare
|
/label peer-review-needed |
openshift-ci
bot
added
the
peer-review-needed
| [id="nw-metallb-configure-secondary-interface_{context}"] | ||
| = Configuring MetalLb with secondary networks | ||
|
|
||
| From {product-title} 4.14 the default behavior is to not allow forwarding of IP packets between network interfaces. Therefore when MetalLb is configured on a secondary interfaces which is common practice you need to add a machine configuration to enable IP forwarding for only the required interfaces. |
There was a problem hiding this comment.
🤖 [error] Vale.Terms: Use 'MetalLB' instead of 'MetalLb'.
|
/label peer-review-in-progress |
openshift-ci
bot
added
the
peer-review-in-progress
There was a problem hiding this comment.
Hey @kquinn1204, I just added some nits, else LGTM!
/remove-label peer-review-in-progress
/remove-label peer-review-needed
/label peer-review-done
| osImageURL: "" | ||
| ---- | ||
| + | ||
| <1> Node role where you want to enable IP forwarding for example `worker` |
There was a problem hiding this comment.
| <1> Node role where you want to enable IP forwarding for example `worker` | |
| <1> Node role where you want to enable IP forwarding, for example, `worker` |
There was a problem hiding this comment.
@kquinn1204 There is another way to enable forwarding by using flag ipForwarding
oc patch network.operator cluster -p '{"spec":{"defaultNetwork":{"ovnKubernetesConfig":{"gatewayConfig":{"ipForwarding": "Global"}}}}}
There was a problem hiding this comment.
Thank you @asood-rh I saw that "Change install-config manifests prior to deployment to reflect the new parameter and globally enable forwarding between all interfaces." Do I need to change install-config as I have also been assigned this https://issues.redhat.com/browse/TELCODOCS-1853 with mentions simply setting ipForwarding: Global. Seems to be a couple tied to this change. What is preferred method globally or as in this example ob specific secondary interface using MachineConfig.
| @@ -0,0 +1,49 @@ | |||
| :_mod-docs-content-type: PROCEDURE | |||
| [id="nw-metallb-configure-secondary-interface_{context}"] | |||
| = Configuring MetalLb with secondary networks | |||
There was a problem hiding this comment.
| = Configuring MetalLb with secondary networks | |
| = Configuring MetalLB with secondary networks |
openshift-ci
bot
added
peer-review-done
|
/lgtm |
openshift-ci
bot
added
lgtm
|
New changes are detected. LGTM label has been removed. |
kquinn1204
force-pushed
the
OCPBUGS-25129
branch
from
01bc156 to
6879733
Compare
|
/label merge-review-needed |
openshift-ci
bot
added
the
merge-review-needed
|
@kquinn1204: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
| = Configuring MetalLB with secondary networks | ||
|
|
||
| From {product-title} 4.14 the default network behavior is to not allow forwarding of IP packets between network interfaces. Therefore, when MetalLB is configured on a secondary interface, you need to add a machine configuration to enable IP forwarding for only the required interfaces. | ||
| [NOTE] |
There was a problem hiding this comment.
| [NOTE] | |
| [NOTE] |
Renders OK on the docs.openshift.com preview, but you'll want to check the docs.redhat.com preview after merge; hard to say if the lack of the line space breaks anything there.
ShaunaDiaz
removed
the
merge-review-needed
|
/cherrypick enterprise-4.14 |
|
/cherrypick enterprise-4.15 |
|
/cherrypick enterprise-4.16 |
|
/cherrypick enterprise-4.17 |
|
/cherrypick enterprise-4.18 |
|
@ShaunaDiaz: new pull request created: #83521 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
@ShaunaDiaz: new pull request created: #83522 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
@ShaunaDiaz: new pull request created: #83523 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
@ShaunaDiaz: new pull request created: #83524 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
@ShaunaDiaz: new pull request created: #83525 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
7 participants
[OCPBUGS-25129: metallb should make sure that secondary nics are forwarding traffic
Version(s):4.14, 4.15, 4.16, 4.17, 4.18 and main
Issue:https://issues.redhat.com/browse/OCPBUGS-25129
Link to docs preview:https://83087--ocpdocs-pr.netlify.app/openshift-enterprise/latest/networking/metallb/about-advertising-ipaddresspool.html#nw-metallb-configure-secondary-interface_about-advertising-ip-address-pool
QE review:
Additional information: