From ceae2adb3dc42f6477f8da19c891575e1661e161 Mon Sep 17 00:00:00 2001 From: Petsy Mathew Date: Fri, 12 Sep 2025 00:25:09 +0000 Subject: [PATCH] StarlingX Doc Updates: Platform Network Address Reduction Update 2: Updated Network Addressing Requirement Table based on latest inputs Update 1: Addressed all JIRA comments. Story: 2011191 Task: 52120 Change-Id: Ied433e92d786a378acb56232839a4727b76dd232 Signed-off-by: Petsy Mathew --- ...rs-for-a-standalone-aiosx-18c7aaace64d.rst | 2 - ...gement-network-parameters-ffde7da356dc.rst | 2 - ...an-aiosx-subcloud-to-an-aiodx-subcloud.rst | 240 ++++++++++++------ ...bcloud-network-parameters-b76377641da4.rst | 16 +- ...k-addressing-requirements-2fac0035b878.rst | 136 +++++++++- .../dual-stack-support-318550fd91b5.rst | 31 ++- 6 files changed, 325 insertions(+), 102 deletions(-) diff --git a/doc/source/dist_cloud/kubernetes/manage-management-network-parameters-for-a-standalone-aiosx-18c7aaace64d.rst b/doc/source/dist_cloud/kubernetes/manage-management-network-parameters-for-a-standalone-aiosx-18c7aaace64d.rst index 917b312a8..84e0db7eb 100644 --- a/doc/source/dist_cloud/kubernetes/manage-management-network-parameters-for-a-standalone-aiosx-18c7aaace64d.rst +++ b/doc/source/dist_cloud/kubernetes/manage-management-network-parameters-for-a-standalone-aiosx-18c7aaace64d.rst @@ -46,8 +46,6 @@ standalone |AIO-SX|. --network 192.168.207.0 \ --prefix 24 \ --floating-address 192.168.207.2 \ - --controller0-address 192.168.207.3 \ - --controller1-address 192.168.207.4 \ --gateway-address 192.168.207.1 \ --ranges 192.168.207.1-192.168.207.50 diff --git a/doc/source/dist_cloud/kubernetes/manage-subcloud-management-network-parameters-ffde7da356dc.rst b/doc/source/dist_cloud/kubernetes/manage-subcloud-management-network-parameters-ffde7da356dc.rst index e02fd7509..f1c4aa4a8 100644 --- a/doc/source/dist_cloud/kubernetes/manage-subcloud-management-network-parameters-ffde7da356dc.rst +++ b/doc/source/dist_cloud/kubernetes/manage-subcloud-management-network-parameters-ffde7da356dc.rst @@ -62,8 +62,6 @@ This task is required only if the management network needs to be changed for an --network 192.168.103.0 \ --prefix 26 \ --floating-address 192.168.103.2 \ - --controller0-address 192.168.103.3 \ - --controller1-address 192.168.103.4 \ --gateway-address 192.168.103.1 \ --ranges 192.168.103.1-192.168.103.50 diff --git a/doc/source/dist_cloud/kubernetes/migrate-an-aiosx-subcloud-to-an-aiodx-subcloud.rst b/doc/source/dist_cloud/kubernetes/migrate-an-aiosx-subcloud-to-an-aiodx-subcloud.rst index fc05004cf..94bfb0971 100644 --- a/doc/source/dist_cloud/kubernetes/migrate-an-aiosx-subcloud-to-an-aiodx-subcloud.rst +++ b/doc/source/dist_cloud/kubernetes/migrate-an-aiosx-subcloud-to-an-aiodx-subcloud.rst @@ -18,15 +18,21 @@ A distributed cloud system is setup with at least a system controller and an Both the management network and cluster-host network need to be configured and cannot be on the loopback interface. --------------------------------------- -Reconfigure the Cluster-Host Interface --------------------------------------- +---------------------------------------- +Reconfigure Loopback Assigned Interfaces +---------------------------------------- -If the cluster-host interface is on the loopback interface, use the following -procedure to reconfigure the cluster-host interface on to a physical interface. +If any interface is on the loopback interface, use the following procedure to +reconfigure it on to a physical interface. .. rubric:: |proc| +#. List interfaces assigned to loopback. + + .. code-block:: none + + ~(keystone_admin)$ system interface-network-list 1 | awk '$6 == "lo" { print $8 }' + #. Lock the active controller. .. code-block:: none @@ -39,19 +45,21 @@ procedure to reconfigure the cluster-host interface on to a physical interface. ~(keystone_admin)$ system host-if-modify controller-0 lo -c none -#. Delete the current cluster-host interface-network configuration +#. For each network listed in the first step, delete its interface-network + configuration. For example, for cluster-host: .. code-block:: none ~(keystone_admin)$ IFNET_UUID=$(system interface-network-list controller-0 | awk '{if ($8 =="cluster-host") print $4;}') ~(keystone_admin)$ system interface-network-remove $IFNET_UUID -#. Assign the cluster-host network to the new interface. This example assumes - the interface name is mgmt0. +#. For each network listed in the first step, assign it to the new interface. + This example assumes the network is cluster-host and the interface name is + mgmt0. .. code-block:: none - ~(keystone_admin)$ system interface-network-assign controller-0 mgmt0 cluster-host + ~(keystone_admin)$ system interface-network-assign controller-0 mgmt0 cluster-host .. rubric:: |postreq| @@ -82,24 +90,59 @@ using the ansible playbook. .. rubric:: |proc| -#. Use the :command:`ansible-vault create migrate-subcloud1-overrides-EXAMPLE.yml` - command to securely specify the |OAM| unit IP addresses and the ansible - ssh password. The existing |OAM| IP address of the |AIO-SX| system will be - used as the |OAM| floating IP address of the new |AIO-DX| system. - - In the following example, 10.10.10.13 and 10.10.10.14 are the new |OAM| unit - IP addresses for controller-0 and controller-1 respectively. +#. Use the :command:`ansible-vault create migrate-subcloud1-overrides-EXAMPLE.yml` command to securely specify the |OAM| unit IP addresses and the ansible ssh password. The existing |OAM| IP address of the |AIO-SX| system will be used as the |OAM| floating IP address of the new |AIO-DX| system. + + In the following example, 10.10.10.13 and 10.10.10.14 are the new |OAM| + unit IP addresses for controller-0 and controller-1 respectively and + oam-ipv4 is the current OAM address-pool name. The same logic applies to + management, cluster-host and pxeboot networks. .. code-block:: none - { - "ansible_ssh_pass": "St8rlingXCloud*", - "external_oam_node_0_address": "10.10.10.13", - "external_oam_node_1_address": "10.10.10.14", - } + { + "ansible_ssh_pass": "St8rlingXCloud*", + "ansible_become_pass": "St8rlingXCloud*", + "external_oam_node_0_address": "10.10.10.13", + "external_oam_node_1_address": "10.10.10.14", + "external_oam_addrpool_name": "oam-ipv4", + "management_node_0_address": "192.168.204.3", + "management_node_1_address": "192.168.204.4", + "management_addrpool_name": "management-ipv4", + "cluster_host_node_0_address": "192.168.206.2", + "cluster_host_node_1_address": "192.168.206.3", + "cluster_host_addrpool_name": "cluster-host-subnet-ipv4", + "pxeboot_node_0_address": "169.254.202.2", + "pxeboot_node_1_address": "169.254.202.3", + "pxeboot_addrpool_name": "pxeboot", + } - Use the :command:`ansible-vault edit migrate-subcloud1-overrides-EXAMPLE.yml` - command if the file needs to be edited after it is created. + All network parameters in the previous example are required. In case there + is an admin or a storage network configured, each one needs to be added to + the overrides file as well. For admin network, add: + + .. code-block:: none + + "admin_node_0_address": "192.168.210.3", + "admin_node_1_address": "192.168.210.4", + "admin_addrpool_name": "admin-ipv4", + + For storage network, add: + + .. code-block:: none + + "storage_node_0_address": "10.10.20.2", + "storage_node_1_address": "10.10.20.3", + "storage_addrpool_name": "storage-pool", + + .. note:: + + When dual-stack network is configured, use comma separated values for the primary and secondary networks. For example: + + .. code-block:: none + + "management_node_0_address": "192.168.204.3,fd01::3", + "management_node_1_address": "192.168.204.4,fd01::4", + "management_addrpool_name": "management-ipv4,management-ipv6", #. On the system controller, run the ansible playbook to migrate the |AIO-SX| subcloud to an |AIO-DX|. @@ -189,85 +232,114 @@ commands on the |AIO-SX| subcloud. ~(keystone_admin)$ system modify --system_mode=duplex -#. Add the |OAM| unit IP addresses of controller-0 and controller-1. +#. Add the node IP addresses (controller-0 and controller-1) to the address + pool for the required networks. - For example, the |OAM| subnet is 10.10.10.0/24 and uses 10.10.10.13 and - 10.10.10.14 for the unit IP addresses of controller-0 and controller-1 - respectively. The existing |OAM| IP address of the |AIO-SX| system will be - used as the OAM floating IP address of the new |AIO-DX| system. + For example, if the OAM subnet is 10.20.2.0/24 and AIO-SX system's OAM IP + address is 10.20.2.3, this address will continue being used as the floating + address and 10.20.2.4 and 10.20.2.5 could be used for controller-0 and + controller-1 respectively. The same logic applies to management, admin, + cluster-host, pxeboot and storage networks. The address pool modification + is always required for OAM, management, cluster-host and pxeboot. If the + system is suing admin and storage networks they need to be changed as well. + Please note that when using dual-stack, two address pools exist for each + network, one for IPv4 and one for IPv6, with the exception of pxeboot that + works only with IPv4. .. note:: - Only specifying oam_c0_ip and oam_c1_ip is necessary to configure the - OAM unit IPs to transition to Duplex. However, oam_c0_ip and oam_c1_ip - cannot equal the current or specified value for oam_floating_ip. + The node addresses for controller-0 and controller-1 have to be + different from each other and from the floating address. + + To find all address pools that need to be changed, first using 'system + network-addrpool-list' command list the address poll names filtered by the + network names: .. code-block:: none - ~(keystone_admin)$ OAM_POOL=$(system network-list --nowrap | awk '$8 == "oam" { print $12 }') && system addrpool-modify "${OAM_POOL}" --controller0-address 10.10.10.13 --controller1-address 10.10.10.14 + ~(keystone_admin)$ system network-addrpool-list | awk -F'[| ]+' ' NR > 3 && !/^+--/ && $3 ~ "(oam|mgmt|admin|cluster-host|pxeboot|storage-net)" { print $3,"|",$4}' | column -t + admin admin-ipv4 + admin admin-ipv6 + cluster-host cluster-host-subnet-ipv4 + cluster-host cluster-host-subnet-ipv6 + mgmt management-ipv4 + mgmt management-ipv6 + oam oam-ipv4 + oam oam-ipv6 + pxeboot pxeboot + storage-net storage-pool-ipv4 + storage-net storage-pool-ipv6 - If the |OAM| interface is dual-stack (IPv4 and IPv6), perform the same - configuration on the secondary pool. To get the pool's UUID, run the following command: + In this example, the non-required admin and storage networks are present. + Then find the address pool's UUIDs of the required pools by listing all + address pools and filtering the entries according to the second column in + the previous example. Please note that some of your address pool names + could be different, so change the command accordingly. .. code-block:: none - ~(keystone_admin)$ system network-addrpool-list | grep "oam" - | e2052bfe-e17e-4a5c-888c-cf4c96593aa6 | oam | oam-ipv6 | - | 7307b3e2-037a-44f3-a589-11aaa7ff4f11 | oam | oam-ipv4 | + ~(keystone_admin)$ system addrpool-list --nowrap | grep -E "(oam-|management|admin|cluster-host|pxeboot|storage)" + | 68817b0b-01ed-46cd-98ef-25f4d23bef9b | cluster-host-subnet-ipv4 | 192.168.206.0 | 24 | random | ['192.168.206.1-192.168.206.50'] | 192.168.206.1 | None | None | None | + | 3cfd5254-a543-4b17-bfac-c2cde950f152 | cluster-host-subnet-ipv6 | fd02:: | 64 | random | ['fd02::1-fd02::50'] | fd02::1 | None | None | None | + | 866cef95-e95f-4ad4-be87-f8716fdfee7e | management-ipv4 | 192.168.204.0 | 24 | random | ['192.168.204.2-192.168.204.50'] | 192.168.204.2 | None | None | 192.168.204.1 | + | fa6d8ce8-4e65-43e0-895c-326b029e68e6 | management-ipv6 | fd01:: | 64 | random | ['fd01::2-fd01::50'] | fd01::2 | None | None | fd01::1 | + | 01b44ff2-0961-41a5-873c-eed95525988c | oam-ipv4 | 10.20.2.0 | 24 | random | ['10.20.2.1-10.20.2.254'] | 10.20.2.3 | None | None | 10.20.2.1 | + | 8e2cc358-af2c-4bfe-bd20-32caf3b675d2 | oam-ipv6 | fd00:: | 64 | random | ['fd00::1-fd00::ffff:ffff:ffff:ffff'] | fd00::a14:203 | None | None | fd00::1 | + | cfb5bea9-f12f-4ac7-b612-cc63a2fe278b | pxeboot | 169.254.202.0 | 24 | random | ['169.254.202.1-169.254.202.254'] | 169.254.202.1 | None | None | None | - The primary pool name can be identified with: + # In case admin and/or storage pools are configured they will also appear in the previous output: + | e5f4f7b7-f388-4733-b91d-61864126cead | admin-ipv4 | 192.168.210.0 | 24 | random | ['192.168.210.2-192.168.210.50'] | 192.168.210.2 | None | None | 192.168.210.1 | + | 3c5ccebb-b13b-4a89-b86e-1fdfc2e75d40 | admin-ipv6 | fdff:: | 64 | random | ['fdff::2-fdff::50'] | fdff::2 | None | None | fdff::1 | + | ea9a6a9a-f96b-4d52-a22c-1922b2bb77a2 | storage-pool-ipv4 | 10.10.20.0 | 24 | random | ['10.10.20.1-10.10.20.100'] | 10.10.20.1 | None | None | None | + | 47553723-b090-4324-bd6e-d4cc7e212da4 | storage-pool-ipv6 | fdfe:: | 64 | random | ['fdfe::1-fdfe::100'] | fdfe::1 | None | None | None | + + Now add the node addresses for each of listed address pool entries: .. code-block:: none - ~(keystone_admin)$ OAM_POOL=$(system network-list --nowrap | awk '$8 == "oam" { print $12 }') && system addrpool-show "${OAM_POOL}" | grep "name" - | name | oam-ipv4 | + ### IPv4 pools + POOL=$(system addrpool-list --nowrap | awk '$4 == "oam-ipv4" { print $2 }') && \ + system addrpool-modify "${POOL}" --controller0-address 10.20.2.4 --controller1-address 10.20.2.5 + POOL=$(system addrpool-list --nowrap | awk '$4 == "management-ipv4" { print $2 }') && \ + system addrpool-modify "${POOL}" --controller0-address 192.168.204.3 --controller1-address 192.168.204.4 + POOL=$(system addrpool-list --nowrap | awk '$4 == "cluster-host-subnet-ipv4" { print $2 }') && \ + system addrpool-modify "${POOL}" --controller0-address 192.168.206.2 --controller1-address 192.168.206.3 + POOL=$(system addrpool-list --nowrap | awk '$4 == "pxeboot" { print $2 }') && \ + system addrpool-modify "${POOL}" --controller0-address 169.254.202.2 --controller1-address 169.254.202.3 + # In case admin and/or storage pools are configured: + POOL=$(system addrpool-list --nowrap | awk '$4 == "admin-ipv4" { print $2 }') && \ + system addrpool-modify "${POOL}" --controller0-address 192.168.210.3 --controller1-address 192.168.210.4 + POOL=$(system addrpool-list --nowrap | awk '$4 == "storage-pool-ipv4" { print $2 }') && \ + system addrpool-modify "${POOL}" --controller0-address 10.10.20.2 --controller1-address 10.10.20.3 - In the following example, you need to edit `oam-ipv6`: + ### IPv6 pools + POOL=$(system addrpool-list --nowrap | awk '$4 == "oam-ipv6" { print $2 }') && \ + system addrpool-modify "${POOL}" --controller0-address fd00::a14:204 --controller1-address fd00::a14:205 + POOL=$(system addrpool-list --nowrap | awk '$4 == "management-ipv6" { print $2 }') && \ + system addrpool-modify "${POOL}" --controller0-address fd01::3 --controller1-address fd01::4 + POOL=$(system addrpool-list --nowrap | awk '$4 == "cluster-host-subnet-ipv6" { print $2 }') && \ + system addrpool-modify "${POOL}" --controller0-address fd02::2 --controller1-address fd02::3 + # In case admin and/or storage pools are configured: + POOL=$(system addrpool-list --nowrap | awk '$4 == "admin-ipv6" { print $2 }') && \ + system addrpool-modify "${POOL}" --controller0-address fdff::3 --controller1-address fdff::4 + POOL=$(system addrpool-list --nowrap | awk '$4 == "storage-pool-ipv6" { print $2 }') && \ + system addrpool-modify "${POOL}" --controller0-address fdfe::2 --controller1-address fdfe::3 - .. code-block:: none + ### Check if the node all node addresses were added correctly: + ~(keystone_admin)$ system addrpool-list --nowrap | grep -E "(oam-|management|admin|cluster-host|pxeboot|storage)" + | 68817b0b-01ed-46cd-98ef-25f4d23bef9b | cluster-host-subnet-ipv4 | 192.168.206.0 | 24 | random | ['192.168.206.1-192.168.206.50'] | 192.168.206.1 | 192.168.206.2 | 192.168.206.3 | None | + | 3cfd5254-a543-4b17-bfac-c2cde950f152 | cluster-host-subnet-ipv6 | fd02:: | 64 | random | ['fd02::1-fd02::50'] | fd02::1 | fd02::2 | fd02::3 | None | + | 866cef95-e95f-4ad4-be87-f8716fdfee7e | management-ipv4 | 192.168.204.0 | 24 | random | ['192.168.204.2-192.168.204.50'] | 192.168.204.2 | 192.168.204.3 | 192.168.204.4 | 192.168.204.1 | + | fa6d8ce8-4e65-43e0-895c-326b029e68e6 | management-ipv6 | fd01:: | 64 | random | ['fd01::2-fd01::50'] | fd01::2 | fd01::3 | fd01::4 | fd01::1 | + | 01b44ff2-0961-41a5-873c-eed95525988c | oam-ipv4 | 10.20.2.0 | 24 | random | ['10.20.2.1-10.20.2.254'] | 10.20.2.3 | 10.20.2.4 | 10.20.2.5 | 10.20.2.1 | + | 8e2cc358-af2c-4bfe-bd20-32caf3b675d2 | oam-ipv6 | fd00:: | 64 | random | ['fd00::1-fd00::ffff:ffff:ffff:ffff'] | fd00::a14:203 | fd00::a14:204 | fd00::a14:205 | fd00::1 | + | cfb5bea9-f12f-4ac7-b612-cc63a2fe278b | pxeboot | 169.254.202.0 | 24 | random | ['169.254.202.1-169.254.202.254'] | 169.254.202.1 | 169.254.202.2 | 169.254.202.3 | None | - ~(keystone_admin)$ OAM_POOL=$(system addrpool-list --nowrap | awk '$4 == "oam-ipv6" { print $2 }') && system addrpool-modify "${OAM_POOL}" --controller0-address fd00::a14:104 --controller1-address fd00::a14:105 - -#. Unlock the controller. - - .. code-block:: none - - ~(keystone_admin)$ system host-unlock controller-0 - - Wait for the controller to reset and come back up to an operational state. - -#. Config and enable IPsec on the controller. - - .. code-block:: none - - ~(keystone_admin)$ sudo ipsec-client pxecontroller - - This is only needed on controller-0. - The command should complete successfully as following: - - .. code-block:: none - - ~(keystone_admin)$ sudo ipsec-client pxecontroller - - 2024-08-07 20:43:28.622 182204 INFO sysinv.ipsec_auth.client.client [-] Connecting to pxecontroller port 64764 - 2024-08-07 20:43:28.630 182204 INFO sysinv.ipsec_auth.client.client [-] Sending IPSec Auth request - 2024-08-07 20:43:36.521 182204 INFO sysinv.ipsec_auth.client.client [-] Received IPSec Auth response - 2024-08-07 20:43:36.765 182204 INFO sysinv.ipsec_auth.client.client [-] Generate RSA Private Key (PRK2). - 2024-08-07 20:43:37.029 182204 INFO sysinv.ipsec_auth.client.client [-] Generate AES Key (AK1). - 2024-08-07 20:43:37.029 182204 INFO sysinv.ipsec_auth.client.client [-] Generate Certificate Signing Request (CSR). - 2024-08-07 20:43:37.033 182204 INFO sysinv.ipsec_auth.client.client [-] Encrypt CSR w/ AK1. - 2024-08-07 20:43:37.035 182204 INFO sysinv.ipsec_auth.client.client [-] Encrypt AK1 and IV w/ PUK1 - 2024-08-07 20:43:37.038 182204 INFO sysinv.ipsec_auth.client.client [-] Hash OTS Token, eAK1 and eCSR. - 2024-08-07 20:43:37.041 182204 INFO sysinv.ipsec_auth.client.client [-] Sending IPSec Auth CSR request - 2024-08-07 20:43:38.541 182204 INFO sysinv.ipsec_auth.client.client [-] Received IPSec Auth CSR response - 2024-08-07 20:43:38.544 182204 INFO sysinv.ipsec_auth.client.client [-] Generating config files and restart ipsec - 2024-08-07 20:43:53.141 182204 INFO sysinv.ipsec_auth.client.client [-] Shutting down - - -#. Software install and configure the second controller for the subcloud. - - For instructions on installing and configuring controller-1 in an - |AIO-DX| setup to continue with the migration, see |inst-doc|. + # In case admin and/or storage pools are configured they will also appear in the previous output: + | e5f4f7b7-f388-4733-b91d-61864126cead | admin-ipv4 | 192.168.210.0 | 24 | random | ['192.168.210.2-192.168.210.50'] | 192.168.210.2 | 192.168.210.3 | 192.168.210.4 | 192.168.210.1 | + | 3c5ccebb-b13b-4a89-b86e-1fdfc2e75d40 | admin-ipv6 | fdff:: | 64 | random | ['fdff::2-fdff::50'] | fdff::2 | fdff::3 | fdff::4 | fdff::1 | + | ea9a6a9a-f96b-4d52-a22c-1922b2bb77a2 | storage-pool-ipv4 | 10.10.20.0 | 24 | random | ['10.10.20.1-10.10.20.100'] | 10.10.20.1 | 10.10.20.2 | 10.10.20.3 | None | + | 47553723-b090-4324-bd6e-d4cc7e212da4 | storage-pool-ipv6 | fdfe:: | 64 | random | ['fdfe::1-fdfe::100'] | fdfe::1 | fdfe::2 | fdfe::3 | None | ************************************** Additional Steps for Ceph Installation diff --git a/doc/source/dist_cloud/kubernetes/update-a-subcloud-network-parameters-b76377641da4.rst b/doc/source/dist_cloud/kubernetes/update-a-subcloud-network-parameters-b76377641da4.rst index e6659baa6..0846f8ec5 100644 --- a/doc/source/dist_cloud/kubernetes/update-a-subcloud-network-parameters-b76377641da4.rst +++ b/doc/source/dist_cloud/kubernetes/update-a-subcloud-network-parameters-b76377641da4.rst @@ -79,6 +79,20 @@ performed only on the subcloud. #. Create an admin network address pool. + For AIO-SX subcloud: + + .. code-block:: none + + ~(keystone_admin)]$ system addrpool-add --floating-address --gateway-address + + For example: + + .. code-block:: none + + ~(keystone_admin)]$ system addrpool-add --floating-address 192.168.102.2 --gateway-address 192.168.102.1 admin 192.168.102.0 24 + + For AIO-DX/Standard subcloud: + .. code-block:: none ~(keystone_admin)]$ system addrpool-add --floating-address --controller0-address --controller1-address --gateway-address @@ -138,8 +152,6 @@ procedure is performed only on the subcloud. ~(keystone_admin)]$ system addrpool-modify \ --network 192.168.103.0 --prefix 24 \ --floating-address 192.168.103.2 \ - --controller0-address 192.168.103.3 \ - --controller1-address 192.168.103.4 \ --gateway-address 192.168.103.1 #. On the system controller, perform the following: diff --git a/doc/source/planning/kubernetes/network-addressing-requirements-2fac0035b878.rst b/doc/source/planning/kubernetes/network-addressing-requirements-2fac0035b878.rst index 79944f70f..6b318cd32 100644 --- a/doc/source/planning/kubernetes/network-addressing-requirements-2fac0035b878.rst +++ b/doc/source/planning/kubernetes/network-addressing-requirements-2fac0035b878.rst @@ -14,6 +14,8 @@ a |prod-long| installation. If the default subnets of cluster-pod and cluster-service are not changed, ensure that no IP overlaps with other provisioned subnets. +AIO-SX: + .. _minimum_subnet_sizes-simpletable-kfn-qwk-nx: .. list-table:: IPv4 Network Addressing Requirements @@ -25,9 +27,107 @@ a |prod-long| installation. - Minimum Hosts - Maximum Hosts - Default Subnets Assigned - * - oam + * - oam [#f1]_ - 24 - - 3 + - 2 + - 2\ :superscript:`24` + - 10.10.10.0/24 + * - pxeboot + - 24 + - 1 + - 2\ :superscript:`24` + - 169.254.202.0/24 + * - management [#f2]_ + - 24 + - 1 (2) + - 2\ :superscript:`24` + - 192.168.204.0/24 + * - admin [#f1]_ + - 24 + - 2 + - 2\ :superscript:`24` + - none + * - multicast + - 28 + - 4 + - 2\ :superscript:`8` + - 239.1.1.0/28 + * - cluster-host + - 24 + - 1 + - 2\ :superscript:`24` + - 192.168.206.0/24 + * - cluster-pod + - 16 + - 65536 + - 2\ :superscript:`24` + - 172.16.0.0/16 + * - cluster-service + - 12 + - 65536 + - 2\ :superscript:`20` + - 10.96.0.0/12 + +.. list-table:: IPv6 Network Addressing Requirements + :header-rows: 1 + :stub-columns: 1 + + * - Network + - Recommended Prefix Length + - Minimum Hosts + - Maximum Hosts + - Example + * - oam [#f1]_ + - 64 + - 2 + - 2\ :superscript:`64` + - 2001:db8:1::/64 + * - management [#f2]_ + - 64 + - 1 (2) + - 2\ :superscript:`64` + - 2001:db8:2::/64 + * - admin [#f1]_ + - 64 + - 2 + - 2\ :superscript:`64` + - 2001:db8:6::/64 + * - multicast + - 124 + - 4 + - 2\ :superscript:`8` + - ff08::1:1:0/124 + * - cluster-host + - 64 + - 1 + - 2\ :superscript:`64` + - 2001:db8:3::/64 + * - cluster-pod + - 64 + - 65536 + - 2\ :superscript:`64` + - 2001:db8:4::/64 + * - cluster-service + - 112 + - 65536 + - 2\ :superscript:`20` + - 2001:db8:5::/112 + + +AIO-DX/Standard: + +.. list-table:: IPv4 Network Addressing Requirements + :header-rows: 1 + :stub-columns: 1 + + * - Network + - Recommended Prefix Length + - Minimum Hosts + - Maximum Hosts + - Default Subnets Assigned + * - oam [#f1]_ + - 24 + - 4 - 2\ :superscript:`24` - 10.10.10.0/24 * - pxeboot @@ -35,11 +135,16 @@ a |prod-long| installation. - 3 - 2\ :superscript:`24` - 169.254.202.0/24 - * - management + * - management [#f2]_ + - 24 + - 3 (4) + - 2\ :superscript:`24` + - 192.168.204.0/24 + * - admin [#f1]_ - 24 - 4 - 2\ :superscript:`24` - - 192.168.204.0/24 + - none * - multicast - 28 - 4 @@ -70,16 +175,21 @@ a |prod-long| installation. - Minimum Hosts - Maximum Hosts - Example - * - oam - - 64 - - 3 - - 2\ :superscript:`64` - - 2001:db8:1::/64 - * - management + * - oam [#f1]_ - 64 - 4 - 2\ :superscript:`64` + - 2001:db8:1::/64 + * - management [#f2]_ + - 64 + - 3 (4) + - 2\ :superscript:`64` - 2001:db8:2::/64 + * - admin [#f1]_ + - 64 + - 4 + - 2\ :superscript:`64` + - 2001:db8:6::/64 * - multicast - 124 - 4 @@ -100,3 +210,9 @@ a |prod-long| installation. - 65536 - 2\ :superscript:`20` - 2001:db8:5::/112 + +.. rubric:: Footnotes + +.. [#f1] The oam and admin network requires an extra gateway address. +.. [#f2] The management network requires an extra gateway address when the admin network is not used. + diff --git a/doc/source/system_configuration/kubernetes/dual-stack-support-318550fd91b5.rst b/doc/source/system_configuration/kubernetes/dual-stack-support-318550fd91b5.rst index 174c88daf..a5b69394b 100644 --- a/doc/source/system_configuration/kubernetes/dual-stack-support-318550fd91b5.rst +++ b/doc/source/system_configuration/kubernetes/dual-stack-support-318550fd91b5.rst @@ -253,10 +253,21 @@ dual-stack and then start by adding the correspondent pools: ~(keystone_admin)]$ system addrpool-add cluster-pod-subnet-ipv4 172.16.0.0 16 --order random --ranges 172.16.0.1-172.16.254.254 ~(keystone_admin)]$ system addrpool-add cluster-service-subnet-ipv4 10.96.0.0 12 --order random --ranges 10.96.0.1-10.96.254.254 + +For AIO-SX: + +.. code-block:: + + ~(keystone_admin)]$ system addrpool-add cluster-host-subnet-ipv4 192.168.204.0 24 --order random --ranges 192.168.204.1-192.168.204.254 --floating-address 192.168.204.1 + +For AIO-DX/Standard: + +.. code-block:: + ~(keystone_admin)]$ system addrpool-add cluster-host-subnet-ipv4 192.168.204.0 24 --order random --ranges 192.168.204.1-192.168.204.254 --floating-address 192.168.204.1 --controller0-address 192.168.204.2 --controller1-address 192.168.204.3 -Then associate the new pools to each network (there is no preferred order -among the three networks): +Then associate the new pools to each network (there is no preferred order among +the three networks): .. code-block:: @@ -275,6 +286,14 @@ Configure Management Network As stated, the internal communication is done through the primary pool, but it is possible to add dual-stack configuration by first adding the new pool: +For AIO-SX: + +.. code-block:: + + ~(keystone_admin)]$ system addrpool-add management-ipv4 20.20.20.0 24 --order random --ranges 20.20.20.1-20.20.20.254 --floating-address 20.20.20.1 + +For AIO-DX/Standard: + .. code-block:: ~(keystone_admin)]$ system addrpool-add management-ipv4 20.20.20.0 24 --order random --ranges 20.20.20.1-20.20.20.254 --floating-address 20.20.20.1 --controller0-address 20.20.20.2 --controller1-address 20.20.20.3 @@ -295,6 +314,14 @@ This network is used by subclouds to communicate with its system-controller and that is done through the primary pool. To add a dual-stack configuration start with a new pool: +For AIO-SX: + +.. code-block:: + + ~(keystone_admin)]$ system addrpool-add admin-ipv4 30.30.30.0 24 --order random --ranges 30.30.30.1-30.30.30.254 --floating-address 30.30.30.1 + +For AIO-DX: + .. code-block:: ~(keystone_admin)]$ system addrpool-add admin-ipv4 30.30.30.0 24 --order random --ranges 30.30.30.1-30.30.30.254 --floating-address 30.30.30.1 --controller0-address 30.30.30.2 --controller1-address 30.30.30.3