OpenShift v4.x - Kubernetes NMState Operator 구성

ocp4-kubernetes-nmstate-operator-nncp-ipv6-ipv4.md

Kubernetes NMState Operator 구성

Kubernetes NMState Operator는 클러스터 노드에서 다양한 네트워크 인터페이스를 구성하는 기능을 사용자에게 제공한다.
Multiple 네트워크 인터페이스 설정을 구성하고자 할 경우 사용자가 수동으로 CoreOS에서 생성하지 않고 NMState를 사용하여, 네트워크 인터페이스를 설정하도록 한다.

1. Project(namespace) 생성

Kubernetes NMState Operator에서 권장하는 프로젝트(namespace)를 생성한다.

[root@bastion ~]# vi 00_namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
  name: openshift-nmstate
  annotations:
    openshift.io/node-selector: ""
  labels:
    openshift.io/cluster-monitoring: "true"
---
apiVersion: operators.coreos.com/v1
kind: OperatorGroup
metadata:
  name: openshift-nmstate-group
  namespace: openshift-nmstate
spec:
  targetNamespaces:
    - openshift-nmstate
upgradeStrategy: Default
[root@bastion ~]# oc create -f 00_namespace.yaml

2. Subscription 생성

Kubernetes NMState Operator를 설치한다.

[root@bastion ~]# vi 01_subscription.yaml
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
  name: kubernetes-nmstate-operator
  namespace: openshift-nmstate
spec:
  channel: stable
  installPlanApproval: Automatic
  name: kubernetes-nmstate-operator
  source: redhat-operators
sourceNamespace: openshift-marketplace
[root@bastion ~]# oc create -f 01_subscription.yaml

3. NMState Instance 생성

NMState를 사용할 수 있도록 컴포넌트 Pod를 생성한다.

[root@bastion ~]# vi 02_nmstate-instance.yaml
apiVersion: nmstate.io/v1
kind: NMState
metadata:
  name: nmstate
spec: {}
[root@bastion ~]# oc create -f 02_nmstate-instance.yaml

4. Node Network Configuration Policy(NNCP) Instance 생성

worker01 노드에 multiple 네트워크 인터페이스 설정을 진행한다.
두번째 NIC에는 IPv6 방식으로 설정하고, 세번째 NIC에는 IPv4 방식으로 설정 한다.

4.1. Worker01 - IPv6 설정

[root@bastion ~]# vi 03_worker01-ipv6-node-network-config-policy.yaml
apiVersion: nmstate.io/v1
kind: NodeNetworkConfigurationPolicy
metadata:
  name: worker01-enp8s0
spec:
  desiredState:
    dns-resolver:
      config:
        search:
          - ocp4.local
        server:
          - 192.168.0.51
    interfaces:
      - description: static IP on enp8s0
        ipv6:
         address:
           - ip: '2401:c900:1101::201'
             prefix-length: 48
         auto-dns: false
         dhcp: false
         enabled: true
        name: enp8s0
        state: up
        type: ethernet
    routes:
      config:
        - destination: '2401:c900:1101::/48'
          metric: 201
          next-hop-address: '2401:c900:1101::'
          next-hop-interface: enp8s0
          table-id: 201
  nodeSelector:
    kubernetes.io/hostname: worker01.ocp4.local
[root@bastion ~]# oc create -f 03_worker01-ipv6-node-network-config-policy.yaml

4.2. Worker01 – IPv4 설정

[root@bastion ~]# vi 03_worker01-ipv4-node-network-config-policy.yaml
apiVersion: nmstate.io/v1
kind: NodeNetworkConfigurationPolicy
metadata:
  name: worker01-enp9s0
spec:
  desiredState:
    dns-resolver:
      config:
        search:
          - ocp4.local
        server:
          - 192.168.0.51
    interfaces:
      - description: static IP on enp9s0
        Ipv4:
         address:
           - ip: '10.30.0.201'
             prefix-length: 24
         auto-dns: false
         dhcp: false
         enabled: true
        name: enp9s0
        state: up
        type: ethernet
    routes:
      config:
        - destination: '10.30.0.0/24'
          metric: 202
          next-hop-address: '10.30.0.1'
          next-hop-interface: enp9s0
          table-id: 202
  nodeSelector:
    kubernetes.io/hostname: worker01.ocp4.local
[root@bastion ~]# oc create -f 03_worker01-ipv4-node-network-config-policy.yaml

4.3. Node Network Configuration Policy(NNCP) 생성 확인

worker01 노드에 Multiple NIC 설정이 몇분안에 설정 완료 된다.

• NNCP 설정 중

[root@bastion ~]# oc get nncp
NAME              STATUS        REASON
worker01-enp8s0   Progressing   ConfigurationProgressing
worker01-enp9s0   Progressing   ConfigurationProgressing

• NNCP 설정 완료

[root@bastion ~]# oc get nncp
NAME              STATUS      REASON
worker01-enp8s0   Available   SuccessfullyConfigured
worker01-enp9s0   Available   SuccessfullyConfigured

4.4. 통신 확인

Bastion에서 worker01로 IPv6 및 IPv4 방식으로 PING 시도를 해본다.

• PING: IPv6

[root@bastion ~]# ping -6 -c 3 2401:c900:1101::201
PING 2401:c900:1101::201(2401:c900:1101::201) 56 data bytes
64 bytes from 2401:c900:1101::201: icmp_seq=1 ttl=64 time=0.471 ms
64 bytes from 2401:c900:1101::201: icmp_seq=2 ttl=64 time=0.278 ms
64 bytes from 2401:c900:1101::201: icmp_seq=3 ttl=64 time=0.255 ms

--- 2401:c900:1101::201 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2077ms
rtt min/avg/max/mdev = 0.255/0.334/0.471/0.099 ms

• PING: IPv4

[root@bastion ~]# ping -4 -c 3 10.30.0.201
PING 10.30.0.201 (10.30.0.201) 56(84) bytes of data.
64 bytes from 10.30.0.201: icmp_seq=1 ttl=64 time=1.00 ms
64 bytes from 10.30.0.201: icmp_seq=2 ttl=64 time=0.346 ms
64 bytes from 10.30.0.201: icmp_seq=3 ttl=64 time=0.414 ms

--- 10.30.0.201 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2004ms
rtt min/avg/max/mdev = 0.346/0.587/1.002/0.295 ms

5. RefURL

[1]: GitHUB - Kubernetes Nmstate Operator
[2]: OpenShift Docs - Kubernetes NMState: Updating node network configuration

끝.