From e7095fc5826d68d4ba5d3c5a024a03b36988262b Mon Sep 17 00:00:00 2001 From: dfitzmau Date: Mon, 30 Sep 2024 12:43:59 +0100 Subject: [PATCH] OCPBUGS-34995-FIZX: Updated the Expanding the node port range doc for range --- modules/nw-nodeport-service-range-edit.adoc | 28 +++++++++++++------ .../configuring-node-port-service-range.adoc | 17 +++++++---- 2 files changed, 31 insertions(+), 14 deletions(-) diff --git a/modules/nw-nodeport-service-range-edit.adoc b/modules/nw-nodeport-service-range-edit.adoc index 5a2e4acdc7ac..bb3112ce9f50 100644 --- a/modules/nw-nodeport-service-range-edit.adoc +++ b/modules/nw-nodeport-service-range-edit.adoc @@ -6,29 +6,36 @@ [id="nw-nodeport-service-range-edit_{context}"] = Expanding the node port range -You can expand the node port range for the cluster. +You can expand the node port range for your cluster. However, after you install your {product-title} cluster, you cannot contract the node port range on either side. + +[IMPORTANT] +==== +Before you expand a node port range, consider that Red{nbsp}Hat has not performed testing outside the default port range of `30000-32768`. For ranges outside the default port range, ensure that you test to verify the expanding node port range does not impact your cluster. If you expanded the range and a port allocation issue occurs, create a new cluster and set the required range for it. +==== .Prerequisites -* Install the OpenShift CLI (`oc`). -* Log in to the cluster with a user with `cluster-admin` privileges. +* Installed the {oc-first}. +* Logged in to the cluster as a user with `cluster-admin` privileges. +* You ensured that your cluster infrastructure allows access to the ports that exist in the extended range. For example, if you expand the node port range to `30000-32900`, your firewall or packet filtering configuration must allow the inclusive port range of `30000-32900`. .Procedure -. To expand the node port range, enter the following command. Replace `` with the largest port number in the new range. +* Expand the range for the `serviceNodePortRange` parameter in the `network.config.openshift.io` object that your cluster uses to manage traffic for pods by entering the following command in your command-line interface (CLI): + [source,terminal] ---- $ oc patch network.config.openshift.io cluster --type=merge -p \ '{ "spec": - { "serviceNodePortRange": "30000-" } + { "serviceNodePortRange": "" } <1> }' ---- +<1> Where `` is your expanded range, such as `30000-32900`. + [TIP] ==== -You can alternatively apply the following YAML to update the node port range: +You can also apply the following YAML to update the node port range: [source,yaml] ---- @@ -37,7 +44,8 @@ kind: Network metadata: name: cluster spec: - serviceNodePortRange: "30000-" + serviceNodePortRange: "" +# ... ---- ==== + @@ -47,7 +55,9 @@ spec: network.config.openshift.io/cluster patched ---- -. To confirm that the configuration is active, enter the following command. It can take several minutes for the update to apply. +.Verification + +* To confirm a successful configuration, enter the following command. The update can take several minutes to apply. + [source,terminal] ---- @@ -59,5 +69,5 @@ $ oc get configmaps -n openshift-kube-apiserver config \ .Example output [source,terminal] ---- -"service-node-port-range":["30000-33000"] +"service-node-port-range":["30000-32900"] ---- diff --git a/networking/configuring-node-port-service-range.adoc b/networking/configuring-node-port-service-range.adoc index 25b6784f4486..8af2b0c312ee 100644 --- a/networking/configuring-node-port-service-range.adoc +++ b/networking/configuring-node-port-service-range.adoc @@ -6,15 +6,22 @@ include::_attributes/common-attributes.adoc[] toc::[] -As a cluster administrator, you can expand the available node port range. If your cluster uses of a large number of node ports, you might need to increase the number of available ports. +During cluster installation, you can configure the node port range to meet the requirements of your cluster. After cluster installation, only a cluster administrator can expand the range as a postinstallation task. If your cluster uses a large number of node ports, consider increasing the available port range according to the requirements of your cluster. -The default port range is `30000-32767`. You can never reduce the port range, even if you first expand it beyond the default range. +[IMPORTANT] +==== +Before you expand a node port range, consider that Red{nbsp}Hat has not performed testing outside the default port range of `30000-32768`. For ranges outside the default port range, ensure that you test to verify the expanding node port range does not impact your cluster. If you expanded the range and a port allocation issue occurs, create a new cluster and set the required range for it. +==== -[id="configuring-node-port-service-range-prerequisites"] -== Prerequisites +If you do not set a node port range during cluster installation, the default range of `30000-32768` applies to your cluster. In this situation, you can expand the range on either side, but you must preserve `30000-32768` within your new port range. -- Your cluster infrastructure must allow access to the ports that you specify within the expanded range. For example, if you expand the node port range to `30000-32900`, the inclusive port range of `32768-32900` must be allowed by your firewall or packet filtering configuration. +[IMPORTANT] +==== +If you expand the node port range and {oc-first} stops working because of a port conflict with the OpenShift API server, you must create a new cluster. +Ensure that the new node port range does not overlap with any ports already in use by host processes or pods that are configured with host networking. +==== +// Expanding the node port range include::modules/nw-nodeport-service-range-edit.adoc[leveloffset=+1] [role="_additional-resources"]