mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
54 lines
1.5 KiB
Plaintext
54 lines
1.5 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * networking/metallb/about-advertising-ipaddresspool.adoc
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="nw-metallb-advertise-ip-pools-to-node-subset_{context}"]
|
|
= Advertising an IP address pool from a subset of nodes
|
|
|
|
[role="_abstract"]
|
|
To restrict IP address advertisements to a specific set of nodes, such as a public-facing subnet, configure the `nodeSelector` parameter in the `BGPAdvertisement` custom resource (CR). When you configure these selectors, {product-title} routes external traffic only through designated network interfaces for improved security and isolation.
|
|
|
|
.Prerequisites
|
|
|
|
* Install the {oc-first}.
|
|
* Log in as a user with `cluster-admin` privileges.
|
|
|
|
.Procedure
|
|
|
|
. Create an IP address pool by using a CR:
|
|
+
|
|
[source,yaml]
|
|
----
|
|
apiVersion: metallb.io/v1beta1
|
|
kind: IPAddressPool
|
|
metadata:
|
|
namespace: metallb-system
|
|
name: pool1
|
|
spec:
|
|
addresses:
|
|
- 4.4.4.100-4.4.4.200
|
|
- 2001:100:4::200-2001:100:4::400
|
|
# ...
|
|
----
|
|
|
|
. Control which cluster nodes advertise the IP address from `pool1` by setting the `.spec.nodeSelector` value in the `BGPAdvertisement` CR. The following example advertises the IP address from `pool1` only from `NodeA` and `NodeB`.
|
|
+
|
|
[source,yaml]
|
|
----
|
|
apiVersion: metallb.io/v1beta1
|
|
kind: BGPAdvertisement
|
|
metadata:
|
|
name: example
|
|
spec:
|
|
ipAddressPools:
|
|
- pool1
|
|
nodeSelector:
|
|
- matchLabels:
|
|
kubernetes.io/hostname: NodeA
|
|
- matchLabels:
|
|
kubernetes.io/hostname: NodeB
|
|
# ...
|
|
----
|
|
|