99b33d0aa2
Story: 2011127 Task: 52808 Change-Id: Ib04943a119b807912e55314b168f381c6644c3c2 Signed-off-by: Ngairangbam Mili <ngairangbam.mili@windriver.com>
39 lines
1.4 KiB
ReStructuredText
39 lines
1.4 KiB
ReStructuredText
.. WARNING: Add no lines of text between the label immediately following
|
||
.. and the title.
|
||
|
||
.. _install-ipsec-policy-operator-system-application-95ae437a67e2:
|
||
|
||
================================================
|
||
Install IPsec Policy Operator System Application
|
||
================================================
|
||
|
||
The ipsec-policy-operator system application is managed by the system
|
||
application framework and will be automatically uploaded after the system is
|
||
deployed. It can be installed by applying the system application and running
|
||
the following command:
|
||
|
||
.. code:: none
|
||
|
||
~(keystone_admin)$ system application-apply ipsec-policy-operator
|
||
|
||
Once the system application is installed, ``ipsecpolicies.starlingx.io`` |CRD|
|
||
will be created.
|
||
|
||
.. note::
|
||
|
||
Configuring IPSec policies on pod‑to‑pod traffic may degrade the CPU
|
||
performance. Refer to the following approximate pod and node impacts for
|
||
both transmitting and receiving sides based on the traffic rate between 25
|
||
Mbps and 500 Mbps.
|
||
|
||
+-----+--------------+-------------+
|
||
| | Transmit | Receive |
|
||
+-----+--------------+-------------+
|
||
| Pod | 50-100% | 0% |
|
||
+-----+--------------+-------------+
|
||
| Node| 30-90% | 5-40% |
|
||
+-----+--------------+-------------+
|
||
|
||
Ensure that adequate resources are available to support sustained and peak
|
||
inter‑node traffic.
|