Kubernetes NMState Operator는 클러스터 노드에서 다양한 네트워크 인터페이스를 구성하는 기능을 사용자에게 제공한다.
Multiple 네트워크 인터페이스 설정을 구성하고자 할 경우 사용자가 수동으로 CoreOS에서 생성하지 않고 NMState를 사용하여, 네트워크 인터페이스를 설정하도록 한다.
1. Project(namespace) 생성
Kubernetes NMState Operator에서 권장하는 프로젝트(namespace)를 생성한다.
[root@bastion ~]# vi 00_namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
name: openshift-nmstate
annotations:
openshift.io/node-selector: ""
labels:
openshift.io/cluster-monitoring: "true"
---
apiVersion: operators.coreos.com/v1
kind: OperatorGroup
metadata:
name: openshift-nmstate-group
namespace: openshift-nmstate
spec:
targetNamespaces:
- openshift-nmstate
upgradeStrategy: Default
[root@bastion ~]# oc create -f 00_namespace.yaml
2. Subscription 생성
Kubernetes NMState Operator를 설치한다.
[root@bastion ~]# vi 01_subscription.yaml
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
name: kubernetes-nmstate-operator
namespace: openshift-nmstate
spec:
channel: stable
installPlanApproval: Automatic
name: kubernetes-nmstate-operator
source: redhat-operators
sourceNamespace: openshift-marketplace
[root@bastion ~]# oc create -f 01_subscription.yaml
3. NMState Instance 생성
NMState를 사용할 수 있도록 컴포넌트 Pod를 생성한다.
[root@bastion ~]# vi 02_nmstate-instance.yaml
apiVersion: nmstate.io/v1
kind: NMState
metadata:
name: nmstate
spec: {}
[root@bastion ~]# oc create -f 02_nmstate-instance.yaml
4. Node Network Configuration Policy(NNCP) Instance 생성
worker01 노드에 multiple 네트워크 인터페이스 설정을 진행한다.
두번째 NIC에는 IPv6 방식으로 설정하고, 세번째 NIC에는 IPv4 방식으로 설정 한다.
4.1. Worker01 – IPv6 설정
[root@bastion ~]# vi 03_worker01-ipv6-node-network-config-policy.yaml
apiVersion: nmstate.io/v1
kind: NodeNetworkConfigurationPolicy
metadata:
name: worker01-enp8s0
spec:
desiredState:
dns-resolver:
config:
search:
- ocp4.local
server:
- 192.168.0.51
interfaces:
- description: static IP on enp8s0
ipv6:
address:
- ip: '2401:c900:1101::201'
prefix-length: 48
auto-dns: false
dhcp: false
enabled: true
name: enp8s0
state: up
type: ethernet
routes:
config:
- destination: '2401:c900:1101::/48'
metric: 201
next-hop-address: '2401:c900:1101::'
next-hop-interface: enp8s0
table-id: 201
nodeSelector:
kubernetes.io/hostname: worker01.ocp4.local
[root@bastion ~]# oc create -f 03_worker01-ipv6-node-network-config-policy.yaml
4.2. Worker01 – IPv4 설정
[root@bastion ~]# vi 03_worker01-ipv4-node-network-config-policy.yaml
apiVersion: nmstate.io/v1
kind: NodeNetworkConfigurationPolicy
metadata:
name: worker01-enp9s0
spec:
desiredState:
dns-resolver:
config:
search:
- ocp4.local
server:
- 192.168.0.51
interfaces:
- description: static IP on enp9s0
Ipv4:
address:
- ip: '10.30.0.201'
prefix-length: 24
auto-dns: false
dhcp: false
enabled: true
name: enp9s0
state: up
type: ethernet
routes:
config:
- destination: '10.30.0.0/24'
metric: 202
next-hop-address: '10.30.0.1'
next-hop-interface: enp9s0
table-id: 202
nodeSelector:
kubernetes.io/hostname: worker01.ocp4.local
[root@bastion ~]# oc create -f 03_worker01-ipv4-node-network-config-policy.yaml
4.3. Node Network Configuration Policy(NNCP) 생성 확인
worker01 노드에 Multiple NIC 설정이 몇분안에 설정 완료 된다.
- NNCP 설정 중
[root@bastion ~]# oc get nncp
NAME STATUS REASON
worker01-enp8s0 Progressing ConfigurationProgressing
worker01-enp9s0 Progressing ConfigurationProgressing
- NNCP 설정 완료
[root@bastion ~]# oc get nncp
NAME STATUS REASON
worker01-enp8s0 Available SuccessfullyConfigured
worker01-enp9s0 Available SuccessfullyConfigured
4.4. 통신 확인
Bastion에서 worker01로 IPv6 및 IPv4 방식으로 PING 시도를 해본다.
- PING: IPv6
[root@bastion ~]# ping -6 -c 3 2401:c900:1101::201
PING 2401:c900:1101::201(2401:c900:1101::201) 56 data bytes
64 bytes from 2401:c900:1101::201: icmp_seq=1 ttl=64 time=0.471 ms
64 bytes from 2401:c900:1101::201: icmp_seq=2 ttl=64 time=0.278 ms
64 bytes from 2401:c900:1101::201: icmp_seq=3 ttl=64 time=0.255 ms
--- 2401:c900:1101::201 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2077ms
rtt min/avg/max/mdev = 0.255/0.334/0.471/0.099 ms
- PING: IPv4
[root@bastion ~]# ping -4 -c 3 10.30.0.201
PING 10.30.0.201 (10.30.0.201) 56(84) bytes of data.
64 bytes from 10.30.0.201: icmp_seq=1 ttl=64 time=1.00 ms
64 bytes from 10.30.0.201: icmp_seq=2 ttl=64 time=0.346 ms
64 bytes from 10.30.0.201: icmp_seq=3 ttl=64 time=0.414 ms
--- 10.30.0.201 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2004ms
rtt min/avg/max/mdev = 0.346/0.587/1.002/0.295 ms
5. RefURL
[1]: GitHUB – Kubernetes Nmstate Operator
[2]: OpenShift Docs – Kubernetes NMState: Updating node network configuration
끝.