Setting up Node Network Configuration Policy
Rederence: See Section 3.4. Preparing RHOCP for RHOSP network isolation from Deploying Red Hat OpenStack Platform 18.0 Development Preview 3 on Red Hat OpenShift Container Platform guide.
FIME: Eleminate the configuration on the master nodes
-
Create required projects for the Openstack Operator installation.
The next installation step for the OpenStack Operators involves creating the openstack-operators and openstack projects for the RHOSO operators.
oc new-project openstack-operators oc new-project openstack
-
get list of worker nodes in your ocp cluster.
oc get nodes -l node-role.kubernetes.io/worker -o jsonpath="{.items[*].metadata.name}"
Sample outputocp4-worker1.aio.example.com ocp4-worker2.aio.example.com ocp4-worker3.aio.example.com
-
Copy sample nncp configuration from step #4 in the documentation link provided on the section page.
or
use the provided sample configuration file
single-nic-vlan-nncp.sample
. -
Create a copy of sample config for one of your nodes.
cp single-nic-vlan-nncp.sample osp-ng-nncp-worker1.yaml
-
Edit the file for use with the relevant node.
Refer to the network configuration table you have created earlier.
vi osp-ng-nncp-worker1.yaml
-
Customize the copy of sample configuration as per requirement.
-
Change the metadata name to reflect the node name and interface name strings.
-
Change the name of the interface as per the network configuration table.
-
Change the vlan id as per your setup.
-
Change the ipaddress of the interface as per the network configuration table.
-
Repeat above steps for all network configuration blocks: internalapi, storage, tenant and interface configuration.
-
Change the hostname under nodeselector to match your hostname.
-
-
Apply the configuration
oc apply -f osp-ng-nncp-worker1.yaml
-
Create copy of your current edited file for other nodes, it will be easier to edit.
cp osp-ng-nncp-worker1.yaml osp-ng-nncp-worker2.yaml cp osp-ng-nncp-worker1.yaml osp-ng-nncp-worker3.yaml
-
Edit the other files with relevant network configuration as per network configuration table.
-
Most likely you will need to change only the metadata name, the ip addresses and nodeselector hostname configuration.
-
Apply newly onfigured yamls indivdually:
oc apply -f osp-ng-nncp-worker2.yaml oc apply -f osp-ng-nncp-worker3.yaml
-
Wait until they are in an available state before proceeding:
oc get nncp -w
Sample OutputNAME STATUS REASON osp-enp1s0-worker-ocp4-worker1 Available SuccessfullyConfigured osp-enp1s0-worker-ocp4-worker2 Available SuccessfullyConfigured osp-enp1s0-worker-ocp4-worker3 Available SuccessfullyConfigured
-
Verify the network settings are applied on the relevant node by listing ip settings on the node.
-
Connect to node:
oc debug node/ocp4-worker1.aio.example.com
Sample outputTemporary namespace openshift-debug-cp7xd is created for debugging node... Starting pod/ocp4-master1aioexamplecom-debug ... To use host binaries, run `chroot /host` Pod IP: 192.168.123.101 If you don't see a command prompt, try pressing enter. sh-4.4#
-
Check IP address listing to verify the desired settings are applied.
ip address show
Sample output. . . 66: enp1s0.20@enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether de:ad:be:ef:00:01 brd ff:ff:ff:ff:ff:ff inet 172.17.0.10/24 brd 172.17.0.255 scope global noprefixroute enp1s0.20 valid_lft forever preferred_lft forever 67: enp1s0.21@enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether de:ad:be:ef:00:01 brd ff:ff:ff:ff:ff:ff inet 172.18.0.10/24 brd 172.18.0.255 scope global noprefixroute enp1s0.21 valid_lft forever preferred_lft forever 68: enp1s0.22@enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether de:ad:be:ef:00:01 brd ff:ff:ff:ff:ff:ff inet 172.19.0.10/24 brd 172.19.0.255 scope global noprefixroute enp1s0.22 . . .
-