Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature]: document public IP topology #377

Open
pierreozoux opened this issue Sep 23, 2024 · 8 comments
Open

[Feature]: document public IP topology #377

pierreozoux opened this issue Sep 23, 2024 · 8 comments
Labels
enhancement New feature or request
Milestone
v0.5.0

Comments

@pierreozoux
Copy link
Contributor

Explain problem to solve

I want to deploy a kubernetes cluster for "visio" workload, and we'd like to have each node born with a public IP.

Describe the solution you would like

Have a flag and/or documentation for doing so.

Additional context

.

Environment

.
@pierreozoux pierreozoux added the enhancement New feature or request label Sep 23, 2024
@pierreozoux
Copy link
Contributor Author

I saw this issue, #323 about public IP of control plane, I don't want public IP for CP, but for workers.

@pierreozoux
Copy link
Contributor Author

In the contexxt of SecNumCloud, the ccm needs access to outscale API.

We are currently testing, with manually attached IPs, and we see this:

kube-system                            osc-cloud-controller-manager-cgg2c                                0/1     CrashLoopBackOff   65 (2m35s ago)   8d
...

k logs -n kube-system                            osc-cloud-controller-manager-cgg2c
F1120 08:13:56.269856       1 main.go:75] Cloud provider could not be initialized: could not init cloud provider "osc": error finding instance i-9d23d7d6: "error listing instances: \"401 Unauthorized\" (Status:401 Unauthorized)"

There are 2 possibilities:

  • allowList the node IPs in outscale API
  • modify the route table to tell the node that for outscale API IP, use the private IP

I think 2nd option is the best.

Could you tell us what is this IP, and do you have some guidelines to do that?

Thanks for your help!

@pierreozoux
Copy link
Contributor Author

Just discovered that with this tag:
osc.fcu.eip.auto-attach

We could automatically attach a preprovisionned IP to a VM.

https://docs.outscale.com/fr/userguide/Configurer-une-VM-avec-les-user-data-et-les-tags-OUTSCALE.html

This was referenced Feb 4, 2025
Closed
Open
@pierreozoux
Copy link
Contributor Author

Wondering if https://github.com/kubernetes-sigs/cluster-api-ipam-provider-in-cluster could help solve this issue.

@pierreozoux
Copy link
Contributor Author

Or maybe more generally:
https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20220125-ipam-integration.md#ipaddressclaim-1

@jfbus
Copy link
Contributor

jfbus commented Feb 4, 2025

I don't see how IPAM would help. IPAM is designed to allocate primary/local IP addresses in on-prem setups.

The osc.fcu.eip.auto-attach is the simplest way of statically attaching fixed public IP addresses on Outscale VMs (another one being using NICs, but it is more complicated).

I'll look into it.

@jfbus
Copy link
Contributor

jfbus commented Feb 4, 2025

Can you clarify your network requirements ? Do you need predefined IPs ? e.g. because of firewall rules restricting access to the cluster

@pierreozoux
Copy link
Contributor Author

Yes, I'd need predefined IPs.

@jfbus jfbus modified the milestones: release-to-do, v0.5.0 Feb 19, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Milestone
v0.5.0
Development

No branches or pull requests
3 participants
@jfbus @pierreozoux @outscale-hmi