Bug 1518830
| Summary: | [Docs][RFE] Clarify/standardize OCP networks | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Thom Carlin <tcarlin> |
| Component: | Documentation | Assignee: | Vikram Goyal <vigoyal> |
| Status: | CLOSED DEFERRED | QA Contact: | Vikram Goyal <vigoyal> |
| Severity: | medium | Docs Contact: | Vikram Goyal <vigoyal> |
| Priority: | medium | ||
| Version: | 3.6.0 | CC: | aos-bugs, bbennett, dmoessne, jokerman, jroberts, mmccomas, tcarlin |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-11-21 12:49:05 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1724792 | ||
|
Description
Thom Carlin
2017-11-29 15:51:16 UTC
The cluster network is the "real" network that allows the nodes to communicate with one another and with the internet. The pod network is the SDN that allows the pods to talk to one another (when allowed) across the cluster. I've added a PR for this: https://github.com/openshift/openshift-docs/pull/7796 Thom, does this fulfill the BZ? The only other section I'm questioning is the "Design on Masters" section of the SDN doc [1]. It looks correct, but perhaps Ben can clear that up. As for some diagrams on the setup, is there anything specific you're after? I can potentially work with the design team to get something together, but some more information on what you're after specifically might be needed. Thanks! https://docs.openshift.com/container-platform/3.7/architecture/networking/sdn.html#sdn-design-on-masters brice, the intent is an overview of the different types of networks used by OpenShift and consistent terminology. Part of the confusion in comment 0 may have come from my misunderstanding of the various networks due to this. Thank you, the review has improved my understanding of OpenShift Networking: * [ClusterNetworkCIDR] Cluster network (a.k.a. node network, overlay network). the "real" network that allows the OpenShift nodes to communicate with one another and with the internet * [ServiceNetwork, ServiceNetworkCIDR] Pod network (a.k.a. sdn network, interpod network, service network): the SDN that allows the pods to talk to one another (when allowed) across the cluster https://docs.openshift.com/container-platform/3.7/admin_guide/tcp_ingress_external_ports.html mentions * IngressIPNetworkCIDR ingress IP network * [ExternalIPNetworkCIDRs] external IP network and links to https://docs.openshift.com/container-platform/3.7/install_config/master_node_configuration.html#master-node-config-network-config I am unclear if these differ from the cluster network or if there are any other networks? A simple, high-level overview diagram of OpenShift networking would be helpful to clarify the distinction between the various network. Specific details could come in separate diagrams once the basic concepts are understood. Additionally, there is the Docker (bridge subnet) network referenced at https://github.com/openshift/openshift-ansible/pull/3972/files A couple of example may also help: * [OpenStack] https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/12/html-single/director_installation_and_usage/#sect-Planning_Networks contains a picture: https://access.redhat.com/webassets/avalon/d/Red_Hat_OpenStack_Platform-12-Director_Installation_and_Usage-en-US/images/edaa375c7952ba8fa0a9f734124fbae6/Diagram-002-Network.png * [RHV] https://rhelblog.redhat.com/2017/10/11/segregating-rhv-networks-for-the-slightly-paranoid/ provides a high level discussion for RHV contains a similar picture at https://rhelblog.files.wordpress.com/2017/10/paranoidnetworks.jpg?w=640 ClusterNetwork - Virtual (overlay) network that the Pod IP addresses are allocated from ServiceNetwork - Virtual (overlay) network that the Service IP addresses are allocated from The service and cluster are both virtual networks, the service network is more virtual since nothing in the cluster will have the address... traffic to the service is natted to an endpoint address (usually a clusternetwork address allocated to a pod). ExternalIPNetworkCIDRs - IP addresses on the underlay (real) network that the administrator has allowed to be used as externalIPs in services. i.e. if set, and the person creating the service has sufficient privilege, they can put an address from that range into a service in the externalIP field, and then traffic arriving at a node with that as the target address will pass into the cluster to one of the service's endpoints. IngressIPNetworkCIDR - This is a way for a cluster admin to allow self-provisioning of externalIPs. If this is set up, users can create services of type LoadBalancer (on bare metal) and OpenShift will provision the ip address from this range and add it as an ExternalIP to the service. This range must be included in ExternalIPNetworkCIDRs. https://docs.openshift.org/latest/admin_guide/tcp_ingress_external_ports.html OCP 3.6-3.10 is no longer on full support [1]. Marking un-triaged bugs CLOSED DEFERRED. If you have a customer case with a support exception or have reproduced on 3.11+, please reopen and include those details. When reopening, please set the Version to the appropriate version where reproduced. [1]: https://access.redhat.com/support/policy/updates/openshift The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days |
