=============================== Enable OCP-Router functionality =============================== To enable OCP-Router functionality we should set the following: - Setting L7 Router. - Configure Kuryr to support L7 Router and OCP-Route resources. Setting L7 Router ------------------ The L7 Router is the ingress point for the external traffic destined for services in the K8S/OCP cluster. The next steps are needed for setting the L7 Router: #. Create LoadBalancer that will run the L7 loadbalancing: .. code-block:: console $ openstack loadbalancer create --name kuryr-l7-router --vip-subnet-id k8s-service-subnet +---------------------+--------------------------------------+ | Field | Value | +---------------------+--------------------------------------+ | admin_state_up | True | | created_at | 2018-06-28T06:34:15 | | description | | | flavor | | | id | 99f580e6-d894-442a-bc5f-4d14b41e10d2 | | listeners | | | name | kuryr-l7-router | | operating_status | OFFLINE | | pools | | | project_id | 24042703aba141b89217e098e495cea1 | | provider | amphora | | provisioning_status | PENDING_CREATE | | updated_at | None | | vip_address | 10.0.0.171 | | vip_network_id | 65875d24-5a54-43fb-91a7-087e956deb1a | | vip_port_id | 42c6062a-644a-4004-a4a6-5a88bf596196 | | vip_qos_policy_id | None | | vip_subnet_id | 01f21201-65a3-4bc5-a7a8-868ccf4f0edd | +---------------------+--------------------------------------+ $ #. Create floating IP address that should be accessible from external network: .. code-block:: console $ openstack floating ip create --subnet public-subnet public +---------------------+--------------------------------------+ | Field | Value | +---------------------+--------------------------------------+ | created_at | 2018-06-28T06:31:36Z | | description | | | dns_domain | None | | dns_name | None | | fixed_ip_address | None | | floating_ip_address | 172.24.4.3 | | floating_network_id | 3371c2ba-edb5-45f2-a589-d35080177311 | | id | c971f6d3-ba63-4318-a9e7-43cbf85437c2 | | name | 172.24.4.3 | | port_details | None | | port_id | None | | project_id | 24042703aba141b89217e098e495cea1 | | qos_policy_id | None | | revision_number | 0 | | router_id | None | | status | DOWN | | subnet_id | 939eeb1f-20b8-4185-a6b1-6477fbe73409 | | tags | [] | | updated_at | 2018-06-28T06:31:36Z | +---------------------+--------------------------------------+ $ #. Bind the floating IP to LB vip: .. code-block:: console [stack@gddggd devstack]$ openstack floating ip set --port 42c6062a-644a-4004-a4a6-5a88bf596196 172.24.4.3 Configure Kuryr to support L7 Router and OCP-Route resources ------------------------------------------------------------ 1. Configure the L7 Router by adding the LB UUID at kuryr.conf: .. code-block:: ini [ingress] l7_router_uuid = 99f580e6-d894-442a-bc5f-4d14b41e10d2 2. Enable the ocp-route and k8s-endpoint handlers. For that you need to add this handlers to the enabled handlers list at kuryr.conf (details on how to edit this for containerized deployment can be found at :doc:`./devstack/containerized`): .. code-block:: ini [kubernetes] enabled_handlers=vif,lb,lbaasspec,ocproute,ingresslb Note: you need to restart the kuryr controller after applying the above detailed steps. For devstack non-containerized deployments: .. code-block:: console $ sudo systemctl restart devstack@kuryr-kubernetes.service And for containerized deployments: .. code-block:: console $ kubectl -n kube-system get pod | grep kuryr-controller $ kubectl -n kube-system delete pod KURYR_CONTROLLER_POD_NAME For directly enabling both L7 router and OCP-Route handlers when deploying with devstack, you just need to add the following at local.conf file: .. code-block:: bash KURYR_ENABLE_INGRESS=True KURYR_ENABLED_HANDLERS=vif,lb,lbaasspec,ocproute,ingresslb Testing OCP-Route functionality ------------------------------- 1. Create a service: .. code-block:: console $ oc run --image=celebdor/kuryr-demo kuryr-demo $ oc scale dc/kuryr-demo --replicas=2 $ oc expose dc/kuryr-demo --port 80 --target-port 8080 2. Create a Route object pointing to above service (kuryr-demo): .. code-block:: console $ cat >> route.yaml << EOF > apiVersion: v1 > kind: Route > metadata: > name: testroute > spec: > host: www.firstroute.com > to: > kind: Service > name: kuryr-demo > EOF $ oc create -f route.yaml 3. Curl L7 router's FIP using specified hostname: .. code-block:: console $ curl --header 'Host: www.firstroute.com' 172.24.4.3 kuryr-demo-1-gzgj2: HELLO, I AM ALIVE!!! $