From 496ba3ce7f916e37bd831b3400a817fe8d0f1b9f Mon Sep 17 00:00:00 2001 From: Yossi Boaron Date: Thu, 28 Jun 2018 16:49:22 +0300 Subject: [PATCH] OCP-Route: configuration and testing documentation This patch adds configuration and testing document for OCP-Route. Closes-Bug: #1779133 Change-Id: Id60bae1adfcf9825a22f0c53544bd239c2118ed6 --- doc/source/installation/index.rst | 1 + doc/source/installation/ocp_route.rst | 145 ++++++++++++++++++++++++++ 2 files changed, 146 insertions(+) create mode 100644 doc/source/installation/ocp_route.rst diff --git a/doc/source/installation/index.rst b/doc/source/installation/index.rst index 235dac000..e45005a21 100644 --- a/doc/source/installation/index.rst +++ b/doc/source/installation/index.rst @@ -40,3 +40,4 @@ This section describes how you can install and configure kuryr-kubernetes testing_connectivity testing_nested_connectivity containerized + ocp_route diff --git a/doc/source/installation/ocp_route.rst b/doc/source/installation/ocp_route.rst new file mode 100644 index 000000000..92a25466e --- /dev/null +++ b/doc/source/installation/ocp_route.rst @@ -0,0 +1,145 @@ +Enable OCP-Router functionality +=============================== + +To enable OCP-Router functionality we should set the following: + +- Setting L7 Router. +- Configure Kuryr to support L7 Router and OCP-Route resources. + +Setting L7 Router +------------------ + +The L7 Router is the ingress point for the external traffic destined +for services in the K8S/OCP cluster. +The next steps are needed for setting the L7 Router: + +1. Create LoadBalancer that will run the L7 loadbalancing:: + + $ openstack loadbalancer create --name kuryr-l7-router --vip-subnet-id k8s-service-subnet + +---------------------+--------------------------------------+ + | Field | Value | + +---------------------+--------------------------------------+ + | admin_state_up | True | + | created_at | 2018-06-28T06:34:15 | + | description | | + | flavor | | + | id | 99f580e6-d894-442a-bc5f-4d14b41e10d2 | + | listeners | | + | name | kuryr-l7-router | + | operating_status | OFFLINE | + | pools | | + | project_id | 24042703aba141b89217e098e495cea1 | + | provider | amphora | + | provisioning_status | PENDING_CREATE | + | updated_at | None | + | vip_address | 10.0.0.171 | + | vip_network_id | 65875d24-5a54-43fb-91a7-087e956deb1a | + | vip_port_id | 42c6062a-644a-4004-a4a6-5a88bf596196 | + | vip_qos_policy_id | None | + | vip_subnet_id | 01f21201-65a3-4bc5-a7a8-868ccf4f0edd | + +---------------------+--------------------------------------+ + $ + + + +2. Create floating IP address that should be accessible from external network:: + + $ openstack floating ip create --subnet public-subnet public + +---------------------+--------------------------------------+ + | Field | Value | + +---------------------+--------------------------------------+ + | created_at | 2018-06-28T06:31:36Z | + | description | | + | dns_domain | None | + | dns_name | None | + | fixed_ip_address | None | + | floating_ip_address | 172.24.4.3 | + | floating_network_id | 3371c2ba-edb5-45f2-a589-d35080177311 | + | id | c971f6d3-ba63-4318-a9e7-43cbf85437c2 | + | name | 172.24.4.3 | + | port_details | None | + | port_id | None | + | project_id | 24042703aba141b89217e098e495cea1 | + | qos_policy_id | None | + | revision_number | 0 | + | router_id | None | + | status | DOWN | + | subnet_id | 939eeb1f-20b8-4185-a6b1-6477fbe73409 | + | tags | [] | + | updated_at | 2018-06-28T06:31:36Z | + +---------------------+--------------------------------------+ + $ + + +3. Bind the floating IP to LB vip:: + + [stack@gddggd devstack]$ openstack floating ip set --port 42c6062a-644a-4004-a4a6-5a88bf596196 172.24.4.3 + + +Configure Kuryr to support L7 Router and OCP-Route resources +------------------------------------------------------------ + +1. Configure the L7 Router by adding the LB UUID at kuryr.conf:: + + [ingress] + l7_router_uuid = 99f580e6-d894-442a-bc5f-4d14b41e10d2 + + +2. Enable the ocp-route and k8s-endpoint handlers. For that you need to add + this handlers to the enabled handlers list at kuryr.conf (details on how + to edit this for containerized deployment can be found + at :doc:`./devstack/containerized`):: + + [kubernetes] + enabled_handlers=vif,lb,lbaasspec,ocproute,ingresslb + +Note: you need to restart the kuryr controller after applying the above +detailed steps. For devstack non-containerized deployments:: + + sudo systemctl restart devstack@kuryr-kubernetes.service + + +And for containerized deployments:: + + kubectl -n kube-system get pod | grep kuryr-controller + kubectl -n kube-system delete pod KURYR_CONTROLLER_POD_NAME + + +For directly enabling both L7 router and OCP-Route handlers when deploying +with devstack, you just need to add the following at local.conf file:: + + KURYR_ENABLE_INGRESS=True + KURYR_ENABLED_HANDLERS=vif,lb,lbaasspec,ocproute,ingresslb + + +Testing OCP-Route functionality +------------------------------- + +1. Create a service:: + + $ oc run --image=celebdor/kuryr-demo kuryr-demo + $ oc scale dc/kuryr-demo --replicas=2 + $ oc expose dc/kuryr-demo --port 80 --target-port 8080 + + +2. Create a Route object pointing to above service (kuryr-demo):: + + $ cat >> route.yaml << EOF + > apiVersion: v1 + > kind: Route + > metadata: + > name: testroute + > spec: + > host: www.firstroute.com + > to: + > kind: Service + > name: kuryr-demo + > EOF + $ oc create -f route.yaml + + +3. Curl L7 router's FIP using specified hostname:: + + $ curl --header 'Host: www.firstroute.com' 172.24.4.3 + kuryr-demo-1-gzgj2: HELLO, I AM ALIVE!!! + $