Document to describe networking requirements for vendors replacing openshift-sdn#12981
Merged
danmcp merged 1 commit intoopenshift:masterfrom Feb 22, 2017
Merged
Document to describe networking requirements for vendors replacing openshift-sdn#12981danmcp merged 1 commit intoopenshift:masterfrom
danmcp merged 1 commit intoopenshift:masterfrom
Conversation
pweil-
suggested changes
Feb 16, 2017
| @@ -0,0 +1,35 @@ | |||
| # OpenShift networking requirements | |||
| Guidelines for a third party network plugin for OpenShift | |||
|
|
||
| ## CNI is the recommended way | ||
|
|
||
| Any external networking solution can be used to plumb networking for openshift as long as it follows the 'CNI' spec. Then, openshift needs to be launched with 'networkPluginName: "cni"' in the master/node config yaml files. |
There was a problem hiding this comment.
example master config snippet would be nice
Contributor
Author
There was a problem hiding this comment.
Example has been added below
|
|
||
| Any external networking solution can be used to plumb networking for openshift as long as it follows the 'CNI' spec. Then, openshift needs to be launched with 'networkPluginName: "cni"' in the master/node config yaml files. | ||
|
|
||
| When done through ansible, provide sdn_network_plugin_name=cni as the option while installing openshift. Be aware that openshift ansible installation allows a firewall passthrough for the VxLAN port (4789), so if a plugin needs other ports (for management/control/data) to be open, then the installer needs to be changed suitably. |
There was a problem hiding this comment.
should mention that this goes in the inventory file. Does it need to be in a specific group? Example might also be helpful here.
|
|
||
| 2. Certain services in the cluster will be run as infrastructure services. e.g. Load balancer, registry, DNS server(skydns). The plugin should allow for a 'global' tenant which is-accessible-by/can-access all pods of the cluster. For example, a load balancer can run in two modes - private and global. The global load balancer should have access to all tenants/namespaces of the cluster. A private load balancer is one that is launched as a pod by a particular namespace, and this should obey tenant isolation rules. | ||
|
|
||
| 3. *Access to all pods from the host - particularly important if kube-proxy is used by the SDN solution to support kubernetes services. Please note that iptables based kube-proxy will be enabled by default in openshift. This will have to be overridden specially if the plugin wants a different behaviour. |
rajatchopra
force-pushed
the
netreqs
branch
2 times, most recently
from
fa29987 to
8f1ad53
Compare
Contributor
Author
|
@pweil- Fixed according to the feedback. Thanks for the review. |
danmcp
reviewed
Feb 22, 2017
|
|
||
| ## CNI is the recommended way | ||
|
|
||
| Any external networking solution can be used to plumb networking for openshift as long as it follows the 'CNI' spec. Then, openshift needs to be launched with 'networkPluginName: "cni"' in the master/node config yaml files. |
There was a problem hiding this comment.
Should use OpenShift consistently (instead of openshift).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
@danmcp
@mcurry-rh