mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
186 lines
6.4 KiB
Plaintext
186 lines
6.4 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * networking/converting-to-dual-stack.adoc
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="nw-dual-stack-convert_{context}"]
|
|
= Converting to a dual-stack cluster network
|
|
|
|
As a cluster administrator, you can convert your single-stack cluster network to a dual-stack cluster network.
|
|
|
|
[IMPORTANT]
|
|
====
|
|
After converting your cluster to use dual-stack networking, you must re-create any existing pods for them to receive IPv6 addresses, because only new pods are assigned IPv6 addresses.
|
|
====
|
|
|
|
Converting a single-stack cluster network to a dual-stack cluster network consists of creating patches and applying them to the network and infrastructure of the cluster. You can convert to a dual-stack cluster network for a cluster that runs on either installer-provisioned infrastructure or user-provisioned infrastructure.
|
|
|
|
[NOTE]
|
|
====
|
|
Each patch operation that changes `clusterNetwork`, `serviceNetwork`, `apiServerInternalIPs`, and `ingressIP` objects triggers a restart of the cluster. Changing the `MachineNetworks` object does not cause a reboot of the cluster.
|
|
====
|
|
|
|
On installer-provisioned infrastructure only, if you need to add IPv6 virtual IPs (VIPs) for API and Ingress services to an existing dual-stack-configured cluster, you need to patch only the infrastructure and not the network for the cluster.
|
|
|
|
[IMPORTANT]
|
|
====
|
|
If you already upgraded your cluster to {product-title} 4.16 or later and you need to convert the single-stack cluster network to a dual-stack cluster network, you must specify an existing IPv4 `machineNetwork` network configuration from the `install-config.yaml` file for API and Ingress services in the YAML configuration patch file. This configuration ensures that IPv4 traffic exists in the same network interface as the default gateway.
|
|
|
|
.Example YAML configuration file with an added IPv4 address block for the `machineNetwork` network
|
|
[source,yaml]
|
|
----
|
|
- op: add
|
|
path: /spec/platformSpec/baremetal/machineNetworks/- <1>
|
|
value: 192.168.1.0/24
|
|
# ...
|
|
----
|
|
<1> Ensure that you specify an address block for the `machineNetwork` network where your machines operate. You must select both API and Ingress IP addresses for the machine network.
|
|
====
|
|
|
|
.Prerequisites
|
|
|
|
* You installed the OpenShift CLI (`oc`).
|
|
* You are logged in to the cluster with a user with `cluster-admin` privileges.
|
|
* Your cluster uses the OVN-Kubernetes network plugin.
|
|
* The cluster nodes have IPv6 addresses.
|
|
* You have configured an IPv6-enabled router based on your infrastructure.
|
|
|
|
.Procedure
|
|
|
|
. To specify IPv6 address blocks for cluster and service networks, create a YAML configuration patch file that has a similar configuration to the following example:
|
|
+
|
|
[source,yaml]
|
|
----
|
|
- op: add
|
|
path: /spec/clusterNetwork/-
|
|
value: <1>
|
|
cidr: fd01::/48
|
|
hostPrefix: 64
|
|
- op: add
|
|
path: /spec/serviceNetwork/-
|
|
value: fd02::/112 <2>
|
|
----
|
|
<1> Specify an object with the `cidr` and `hostPrefix` parameters. The host prefix must be `64` or greater. The IPv6 Classless Inter-Domain Routing (CIDR) prefix must be large enough to accommodate the specified host prefix.
|
|
<2> Specify an IPv6 CIDR with a prefix of `112`. Kubernetes uses only the lowest 16 bits. For a prefix of `112`, IP addresses are assigned from `112` to `128` bits.
|
|
|
|
. Patch the cluster network configuration by entering the following command in your CLI:
|
|
+
|
|
[source,terminal,subs="+quotes"]
|
|
----
|
|
$ oc patch network.config.openshift.io cluster \// <1>
|
|
--type='json' --patch-file <file>.yaml
|
|
----
|
|
<1> Where `file` specifies the name of your created YAML file.
|
|
+
|
|
.Example output
|
|
[source,text]
|
|
----
|
|
network.config.openshift.io/cluster patched
|
|
----
|
|
|
|
. On installer-provisioned infrastructure where you added IPv6 VIPs for API and Ingress services, complete the following steps:
|
|
+
|
|
.. Specify IPv6 VIPs for API and Ingress services for your cluster. Create a YAML configuration patch file that has a similar configuration to the following example:
|
|
+
|
|
[source,yaml]
|
|
----
|
|
- op: add
|
|
path: /spec/platformSpec/baremetal/machineNetworks/- <1>
|
|
value: fd2e:6f44:5dd8::/64
|
|
- op: add
|
|
path: /spec/platformSpec/baremetal/apiServerInternalIPs/- <2>
|
|
value: fd2e:6f44:5dd8::4
|
|
- op: add
|
|
path: /spec/platformSpec/baremetal/ingressIPs/-
|
|
value: fd2e:6f44:5dd8::5
|
|
----
|
|
<1> Ensure that you specify an address block for the `machineNetwork` network where your machines operate. You must select both API and Ingress IP addresses for the machine network.
|
|
<2> Ensure that you specify each file path according to your platform. The example demonstrates a file path on a bare-metal platform.
|
|
+
|
|
.. Patch the infrastructure by entering the following command in your CLI:
|
|
+
|
|
[source,terminal,subs="+quotes"]
|
|
----
|
|
$ oc patch infrastructure cluster \
|
|
--type='json' --patch-file <file>.yaml
|
|
----
|
|
+
|
|
Where:
|
|
+
|
|
<file>:: Specifies the name of your created YAML file.
|
|
+
|
|
.Example output
|
|
[source,text]
|
|
----
|
|
infrastructure/cluster patched
|
|
----
|
|
|
|
.Verification
|
|
|
|
. Show the cluster network configuration by entering the following command in your CLI:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc describe network
|
|
----
|
|
|
|
. Verify the successful installation of the patch on the network configuration by checking that the cluster network configuration recognizes the IPv6 address blocks that you specified in the YAML file.
|
|
+
|
|
.Example output
|
|
[source,text]
|
|
----
|
|
# ...
|
|
Status:
|
|
Cluster Network:
|
|
Cidr: 10.128.0.0/14
|
|
Host Prefix: 23
|
|
Cidr: fd01::/48
|
|
Host Prefix: 64
|
|
Cluster Network MTU: 1400
|
|
Network Type: OVNKubernetes
|
|
Service Network:
|
|
172.30.0.0/16
|
|
fd02::/112
|
|
# ...
|
|
----
|
|
|
|
. Complete the following additional tasks for a cluster that runs on installer-provisioned infrastructure:
|
|
+
|
|
.. Show the cluster infrastructure configuration by entering the following command in your CLI:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc describe infrastructure
|
|
----
|
|
+
|
|
.. Verify the successful installation of the patch on the cluster infrastructure by checking that the infrastructure recognizes the IPv6 address blocks that you specified in the YAML file.
|
|
+
|
|
.Example output
|
|
[source,text]
|
|
----
|
|
# ...
|
|
spec:
|
|
# ...
|
|
platformSpec:
|
|
baremetal:
|
|
apiServerInternalIPs:
|
|
- 192.168.123.5
|
|
- fd2e:6f44:5dd8::4
|
|
ingressIPs:
|
|
- 192.168.123.10
|
|
- fd2e:6f44:5dd8::5
|
|
status:
|
|
# ...
|
|
platformStatus:
|
|
baremetal:
|
|
apiServerInternalIP: 192.168.123.5
|
|
apiServerInternalIPs:
|
|
- 192.168.123.5
|
|
- fd2e:6f44:5dd8::4
|
|
ingressIP: 192.168.123.10
|
|
ingressIPs:
|
|
- 192.168.123.10
|
|
- fd2e:6f44:5dd8::5
|
|
# ...
|
|
----
|