Skip to content

Commit

Permalink
feat: support expose pod ip to external network
Browse files Browse the repository at this point in the history
  • Loading branch information
oilbeater committed May 16, 2019
1 parent ab07016 commit 2e41451
Show file tree
Hide file tree
Showing 3 changed files with 27 additions and 14 deletions.
19 changes: 14 additions & 5 deletions docs/gateway.md
Original file line number Diff line number Diff line change
@@ -1,10 +1,18 @@
# Gateways

A Gateway is used to enable external network connectivity for Pods within the OVN Virtual Network. Kube-OVN supports two kinds of Gateways: the distributed Gateway and the centralized Gateway.
A Gateway is used to enable external network connectivity for Pods within the OVN Virtual Network.

For a distributed Gateway, outgoing traffic from Pods within the OVN network to external destinations will be masqueraded with the Node IP address where the Pod is hosted.
Kube-OVN supports two kinds of Gateways: the distributed Gateway and the centralized Gateway. Also user can expose pod ip directly to external network.

For a centralized gateway, outgoing traffic from Pods within the OVN network to external destinations will be masqueraded with the Gateway Node IP address for the Namespace.
For a distributed Gateway, outgoing traffic from Pods within the OVN network to external destinations will go through the Node where the Pod is hosted.

For a centralized gateway, outgoing traffic from Pods within the OVN network to external destinations will go through Gateway Node for the Namespace.

Use the following annotations in namespace to configure gateway:

- `ovn.kubernetes.io/gateway_type`: `distributed` or `centralized`, default is `distributed`.
- `ovn.kubernetes.io/gateway_node`: when `ovn.kubernetes.io/gateway_type` is `centralized` used this annotation to specify which node act as the namespace gateway.
- `ovn.kubernetes.io/gateway_nat`: `true` or `false`, whether pod ip need to be masqueraded when go through gateway. When `false`, pod ip will be exposed to external network directly, default `true`.

## Example

Expand All @@ -16,8 +24,9 @@ kind: Namespace
metadata:
name: testns
annotations:
ovn.kubernetes.io/gateway_type: centralized // or distributed by default
ovn.kubernetes.io/gateway_node: node1 // specify this if using a centralized Gateway
ovn.kubernetes.io/gateway_type: centralized
ovn.kubernetes.io/gateway_node: node1
ovn.kubernetes.io/gateway_nat: "true"
```
Create some Pods:
Expand Down
21 changes: 12 additions & 9 deletions pkg/daemon/gateway.go
Original file line number Diff line number Diff line change
Expand Up @@ -129,15 +129,18 @@ func (c *Controller) getLocalPodIPsNeedNAT() ([]string, error) {
continue
}
nsGWType := ns.Annotations[util.GWTypeAnnotation]
switch nsGWType {
case "", util.GWDistributedMode:
if pod.Spec.NodeName == hostname {
localPodIPs = append(localPodIPs, pod.Status.PodIP)
}
case util.GWCentralizedMode:
gwNode := ns.Annotations[util.GWNode]
if gwNode == hostname {
localPodIPs = append(localPodIPs, pod.Status.PodIP)
nsGWNat := ns.Annotations[util.GWNat]
if nsGWNat == "" || nsGWNat == "true" {
switch nsGWType {
case "", util.GWDistributedMode:
if pod.Spec.NodeName == hostname {
localPodIPs = append(localPodIPs, pod.Status.PodIP)
}
case util.GWCentralizedMode:
gwNode := ns.Annotations[util.GWNode]
if gwNode == hostname {
localPodIPs = append(localPodIPs, pod.Status.PodIP)
}
}
}
}
Expand Down
1 change: 1 addition & 0 deletions pkg/util/const.go
Original file line number Diff line number Diff line change
Expand Up @@ -31,4 +31,5 @@ const (
GWDistributedMode = "distributed"
GWCentralizedMode = "centralized"
GWNode = "ovn.kubernetes.io/gateway_node"
GWNat = "ovn.kubernetes.io/gateway_nat"
)

1 comment on commit 2e41451

@wuyuechengoo
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

good

Please sign in to comment.