To enable OCP-Router functionality we should set the following:
The L7 Router is the ingress point for the external traffic destined for services in the K8S/OCP cluster. The next steps are needed for setting the L7 Router:
Create LoadBalancer that will run the L7 loadbalancing:
$ openstack loadbalancer create --name kuryr-l7-router --vip-subnet-id k8s-service-subnet
+---------------------+--------------------------------------+
| Field | Value |
+---------------------+--------------------------------------+
| admin_state_up | True |
| created_at | 2018-06-28T06:34:15 |
| description | |
| flavor | |
| id | 99f580e6-d894-442a-bc5f-4d14b41e10d2 |
| listeners | |
| name | kuryr-l7-router |
| operating_status | OFFLINE |
| pools | |
| project_id | 24042703aba141b89217e098e495cea1 |
| provider | amphora |
| provisioning_status | PENDING_CREATE |
| updated_at | None |
| vip_address | 10.0.0.171 |
| vip_network_id | 65875d24-5a54-43fb-91a7-087e956deb1a |
| vip_port_id | 42c6062a-644a-4004-a4a6-5a88bf596196 |
| vip_qos_policy_id | None |
| vip_subnet_id | 01f21201-65a3-4bc5-a7a8-868ccf4f0edd |
+---------------------+--------------------------------------+
$
Create floating IP address that should be accessible from external network:
$ openstack floating ip create --subnet public-subnet public
+---------------------+--------------------------------------+
| Field | Value |
+---------------------+--------------------------------------+
| created_at | 2018-06-28T06:31:36Z |
| description | |
| dns_domain | None |
| dns_name | None |
| fixed_ip_address | None |
| floating_ip_address | 172.24.4.3 |
| floating_network_id | 3371c2ba-edb5-45f2-a589-d35080177311 |
| id | c971f6d3-ba63-4318-a9e7-43cbf85437c2 |
| name | 172.24.4.3 |
| port_details | None |
| port_id | None |
| project_id | 24042703aba141b89217e098e495cea1 |
| qos_policy_id | None |
| revision_number | 0 |
| router_id | None |
| status | DOWN |
| subnet_id | 939eeb1f-20b8-4185-a6b1-6477fbe73409 |
| tags | [] |
| updated_at | 2018-06-28T06:31:36Z |
+---------------------+--------------------------------------+
$
Bind the floating IP to LB vip:
[stack@gddggd devstack]$ openstack floating ip set --port 42c6062a-644a-4004-a4a6-5a88bf596196 172.24.4.3
Configure the L7 Router by adding the LB UUID at kuryr.conf:
[ingress]
l7_router_uuid = 99f580e6-d894-442a-bc5f-4d14b41e10d2
Enable the ocp-route and k8s-endpoint handlers. For that you need to add this handlers to the enabled handlers list at kuryr.conf (details on how to edit this for containerized deployment can be found at Containerized installation):
[kubernetes]
enabled_handlers=vif,lb,lbaasspec,ocproute,ingresslb
Note: you need to restart the kuryr controller after applying the above detailed steps. For devstack non-containerized deployments:
sudo systemctl restart devstack@kuryr-kubernetes.service
And for containerized deployments:
kubectl -n kube-system get pod | grep kuryr-controller
kubectl -n kube-system delete pod KURYR_CONTROLLER_POD_NAME
For directly enabling both L7 router and OCP-Route handlers when deploying with devstack, you just need to add the following at local.conf file:
KURYR_ENABLE_INGRESS=True
KURYR_ENABLED_HANDLERS=vif,lb,lbaasspec,ocproute,ingresslb
Create a service:
$ oc run --image=celebdor/kuryr-demo kuryr-demo
$ oc scale dc/kuryr-demo --replicas=2
$ oc expose dc/kuryr-demo --port 80 --target-port 8080
Create a Route object pointing to above service (kuryr-demo):
$ cat >> route.yaml << EOF
> apiVersion: v1
> kind: Route
> metadata:
> name: testroute
> spec:
> host: www.firstroute.com
> to:
> kind: Service
> name: kuryr-demo
> EOF
$ oc create -f route.yaml
Curl L7 router’s FIP using specified hostname:
$ curl --header 'Host: www.firstroute.com' 172.24.4.3
kuryr-demo-1-gzgj2: HELLO, I AM ALIVE!!!
$
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.