Bug 1461155
Summary: | [RFE] Provide services and cluster network cidr check disablement configuration option | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Dave Sullivan <dsulliva> |
Component: | RFE | Assignee: | Marc Curry <mcurry> |
Status: | CLOSED WONTFIX | QA Contact: | Meng Bo <bmeng> |
Severity: | high | Docs Contact: | |
Priority: | unspecified | ||
Version: | 3.5.1 | CC: | aos-bugs, bbennett, bmeng, jokerman, mmccomas |
Target Milestone: | --- | Keywords: | RFE |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-07-17 13:12:15 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Dave Sullivan
2017-06-13 16:41:12 UTC
I'm sorry... I'm missing something fundamental here. Whose IPAM are you using? And what network plugin? The network SDN addresses and the service network addresses are managed by the networking plugin and by OpenShift respectively. They are two separate allocators. If we were to disable the check that the ranges were separate, there would be no guarantee that the same address was not allocated to a pod and to a service, and bad things would ensue. I'm not sure what you are trying to do when you add routes to the VPC to allow Amazon to access the private network. Can you please provide more details? Thanks I'm going to close this, I incorrectly misunderstood the abilities of the OpenShift network cidr check (I think). My understanding is that it mainly looks at what the local host system routing table is (I think). The actual problem that I was encountering is that the network subnet length was too large for the CIDR range. This in turn caused failure in hostsubnet allocation. With that said I still think an IPAM plugin validation modules would be nice to have for OpenShift to validate CIDR ranges. One example is Infoblox. Where if validates further then just the hosts routing tables. Mainly because people will later change routing tables and potential open up IaaS/PaaS environments which may then accidentally lead to duplicate ip mappings. Having PaaS integrate with IPAM solutions would help alleviate human error. |