Skip to content

OCPBUGS#58128: Tweaked the nw-egress-ips-multi-nic-considerations .ad… #95351

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

OCPBUGS#58128: Tweaked the nw-egress-ips-multi-nic-considerations .ad… #95351

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 5 additions & 19 deletions modules/nw-egress-ips-about.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -164,7 +164,7 @@ ifdef::ovn[]
[id="nw-egress-ips-multi-nic-considerations_{context}"]
== Considerations for using an egress IP on additional network interfaces

In {product-title}, egress IPs provide administrators a way to control network traffic. Egress IPs can be used with the `br-ex`, or primary, network interface, which is a Linux bridge interface associated with Open vSwitch, or they can be used with additional network interfaces.
In {product-title}, egress IPs provide administrators a way to control network traffic. Egress IPs can be used with a `br-ex` Open vSwitch (OVS) bridge interface and any physical interface that has IP connectivity enabled.

You can inspect your network interface type by running the following command:

Expand Down Expand Up @@ -192,27 +192,13 @@ OVN-Kubernetes provides a mechanism to control and direct outbound network traff

For users who want an egress IP and traffic to be routed over a particular interface that is not the primary network interface, the following conditions must be met:

* {product-title} is installed on a bare metal cluster. This feature is disabled within cloud or hypervisor environments.
* {product-title} is installed on a bare-metal cluster. This feature is disabled within a cloud or a hypervisor environment.

* Your {product-title} pods are not configured as host-networked.
* Your {product-title} pods are not configured as _host-networked_.

* If a network interface is removed or if the IP address and subnet mask which allows the egress IP to be hosted on the interface is removed, then the egress IP is reconfigured. Consequently, it could be assigned to another node and interface.
* If a network interface is removed or if the IP address and subnet mask which allows the egress IP to be hosted on the interface is removed, the egress IP is reconfigured. Consequently, the egress IP could be assigned to another node and interface.

* IP forwarding must be enabled for the network interface. To enable IP forwarding, you can use the `oc edit network.operator` command and edit the object like the following example:
+
[source,yaml]
----
# ...
spec:
clusterNetwork:
- cidr: 10.128.0.0/14
hostPrefix: 23
defaultNetwork:
ovnKubernetesConfig:
gatewayConfig:
ipForwarding: Global
# ...
----
* If you use an Egress IP address on a secondary network interface card (NIC), you must use the Node Tuning Operator to enable IP forwarding on the secondary NIC.
endif::ovn[]
endif::openshift-rosa[]

Expand Down