Halaman utama Jelajahi Bantuan
Daftar Masuk
shixiong
/
okd
1
0
Fork 0
Berkas Masalah 0 Tarik Permintaan 0 Wiki
Pohon: 0c453351ac
Ranting Tag
okd
/
roles
/
kuryr
Michał Dulko 75c0b8f089 Update Kuryr CNI template to 3.11 6 tahun lalu
..
defaults 71859bdfce Merge pull request #8425 from luis5tb/kuryr-healthchecks-ports 6 tahun lalu
meta 801779eeb6 Relocate filter plugins to lib_utils 7 tahun lalu
tasks a5dd4b4861 Initial 3.11 support 6 tahun lalu
templates 75c0b8f089 Update Kuryr CNI template to 3.11 6 tahun lalu
OWNERS 45eda3c950 Add Luis Tomas to Kuryr and OpenStack owners 6 tahun lalu
README.md 01fccd65cb Merge pull request #8527 from dulek/kuryr-lb-api 6 tahun lalu

README.md

OpenStack Kuryr

Install Kuryr CNI components (kuryr-controller, kuryr-cni) on Master and worker nodes. Kuryr uses OpenStack Networking service (Neutron) to provide network for pods. This allows to have interconnectivity between pods and OpenStack VMs.

Requirements

  • Ansible 2.2+
  • Centos/ RHEL 7.3+

Current Kuryr restrictions when used with OpenShift

  • Openshift Origin only
  • OpenShift on OpenStack Newton or newer (only with Trunk ports)

Key Ansible inventory Kuryr master configuration parameters

  • openshift_use_kuryr=True
  • openshift_use_openshift_sdn=False
  • openshift_sdn_network_plugin_name='cni'
  • kuryr_cni_link_interface=eth0
  • kuryr_openstack_auth_url=keystone_url
  • kuryr_openstack_user_domain_name=Default
  • kuryr_openstack_user_project_name=Default
  • kuryr_openstack_project_id=project_uuid
  • kuryr_openstack_username=kuryr
  • kuryr_openstack_password=kuryr_pass
  • kuryr_openstack_ca=/etc/ssl/ca.crt` (defaults toOS_CACERT`` env var)
  • kuryr_openstack_pod_sg_id=pod_security_group_uuid
  • kuryr_openstack_pod_subnet_id=pod_subnet_uuid
  • kuryr_openstack_pod_service_id=service_subnet_uuid
  • kuryr_openstack_pod_project_id=pod_project_uuid
  • kuryr_openstack_worker_nodes_subnet_id=worker_nodes_subnet_uuid
  • kuryr_openstack_pool_driver=nested
  • kuryr_openstack_pool_max=0
  • kuryr_openstack_pool_min=1
  • kuryr_openstack_pool_batch=5
  • kuryr_openstack_pool_update_frequency=20
  • openshift_kuryr_precreate_subports=5
  • openshift_kuryr_device_owner=compute:kuryr

OpenShift API loadbalancer

Kuryr is connecting to OpenShift API through the load balancer created by OpenStack playbook. Both Octavia and Neutron LBaaS v2 hardcode 50 seconds as client and server inactivity timeout. This is a low value for Kuryr, which is watching K8s API forever. If connection will get closed by the LB, Kuryr will restart it with some messages about it in the logs.

If you have access to your OpenStack cloud configuration you can disable the timeouts by providing custom HA proxy templates to your LBaaS v2 or Octavia installations. It's controlled by [haproxy]jinja_config_template option in Neutron LBaaS v2 and [haproxy_amphora]haproxy_template in Octavia's config. Please note that such configuration change will affect all the load balancers created in the cloud.

Kuryr resources