OpenShift Network Plugins: Difference between revisions
Line 26: | Line 26: | ||
==multitenant== | ==multitenant== | ||
The "ova-multitenant" is a plug-in that provides project-level isolation for pods and services. Each project gets a unique Virtual Network ID (VNID) | The "ova-multitenant" is a plug-in that provides project-level isolation for pods and services. Each project gets a unique [[#Virtual_Network_ID_.28VNID.29|Virtual Network ID (VNID)]] | ||
===Virtual Network ID (VNID)=== | ===Virtual Network ID (VNID)=== |
Revision as of 19:04, 17 October 2017
External
- https://docs.openshift.com/container-platform/3.5/architecture/additional_concepts/sdn.html
- https://docs.openshift.com/container-platform/3.5/install_config/configuring_sdn.html
Internal
Overview
TODO: unify with the upper layer OpenShift_Concepts#SDN.2C_Overlay_Network
Pods get IP addresses from the cluster network, and the address allocation and packet routing is provided by a software-defined network (SDN), implemented using Open vSwitch (OVS). A specific behavior is provided by the SDN plug-in chosen at installation: subnet, multitenant and networkpolicy.
SDN Plug-Ins
subnet
The "ova-subnet" plug-in provides a "flat" network: every pod in the cluster can communicate with every other pod and service, regardless of the project (namespace).
Ansible configuration file:
os_sdn_network_plugin_name='redhat/openshift-ovs-subnet'
multitenant
The "ova-multitenant" is a plug-in that provides project-level isolation for pods and services. Each project gets a unique Virtual Network ID (VNID)
Virtual Network ID (VNID)
Configuration
Ansible configuration file:
os_sdn_network_plugin_name='redhat/openshift-ovs-multitenant'
networkpolicy
Operations
Information about the network plugin and network status:
Information about virtual networks assigned to each project: