Red Hat Summit Red Hat SummitSupportoConsoleSviluppatoriInizia una provaContatti

Questo contenuto non è disponibile nella lingua selezionata.

Chapter 7. Configuring gateway mode

As a cluster administrator you can configure the gatewayConfig object to manage how external traffic leaves the cluster. You do so by setting the routingViaHost spec to true for local mode or false for shared mode.

In local gateway mode, traffic is routed through the host and is consequently applied to the routing table of the host. In shared gateway mode, traffic is not routed through the host. Instead, traffic the Open vSwitch (OVS) outputs traffic directly to the node IP interface.

7.1. Setting local and shared gateway modes
Copia collegamento

As a cluster administrator you can configure the gateway mode using the gatewayConfig spec in the Cluster Network Operator. The following procedure can be used to set the routingViaHost field to true for local mode or false for shared mode.

You can follow the optional step 4 to enable IP forwarding alongside local gateway mode if you need the host network of the node to act as a router for traffic not related to OVN-Kubernetes. For example, possible use cases for combining local gateway mode with IP forwarding include:

  • Configuring all pod egress traffic to be forwarded via the node’s IP
  • Integrating OVN-Kubernetes CNI with external network address translation (NAT) devices
  • Configuring OVN-Kubernetes CNI to use a kernel routing table

Prerequisites

  • You are logged in as a user with admin privileges.

Procedure

  1. Back up the existing network configuration by running the following command: 

    $ oc get network.operator cluster -o yaml > network-config-backup.yaml
    Copy to Clipboard Toggle word wrap

  2. Set the routingViaHost paramemter to true for local gateway mode by running the following command: 

    $ oc patch networks.operator.openshift.io cluster --type=merge -p '{"spec":{"defaultNetwork":{"ovnKubernetesConfig":{"gatewayConfig":{"routingViaHost": true}}}}}'
    Copy to Clipboard Toggle word wrap

  3. Verify that local gateway mode has been set by running the following command: 

    $ oc get networks.operator.openshift.io cluster -o yaml | grep -A 5 "gatewayConfig"
    Copy to Clipboard Toggle word wrap

    Example output

    apiVersion: operator.openshift.io/v1
kind: Network
metadata:
  name: cluster
# ...
gatewayConfig:
        ipv4: {}
        ipv6: {}
        routingViaHost: true
    1 
    
      genevePort: 6081
      ipsecConfig:
# ...
    Copy to Clipboard Toggle word wrap

    1
    A value of true sets local gateway mode and a value of false sets shared gateway mode. In local gateway mode, traffic is routed through the host. In shared gateway mode, traffic is not routed through the host.

  4. Optional: Enable IP forwarding globally by running the following command: 

    $ oc patch network.operator cluster --type=merge -p '{"spec":{"defaultNetwork":{"ovnKubernetesConfig":{"gatewayConfig":{"ipForwarding": "Global"}}}}}'
    Copy to Clipboard Toggle word wrap

    1. Verify that the ipForwarding spec has been set to Global by running the following command: 

      $ oc get networks.operator.openshift.io cluster -o yaml | grep -A 5 "gatewayConfig"
      Copy to Clipboard Toggle word wrap

      Example output

      apiVersion: operator.openshift.io/v1
kind: Network
metadata:
  name: cluster
# ...
gatewayConfig:
        ipForwarding: Global
        ipv4: {}
        ipv6: {}
        routingViaHost: true
      genevePort: 6081
# ...
      Copy to Clipboard Toggle word wrap

Torna in cima
Red Hat logoGithubredditYoutubeTwitter

Formazione

Prova, acquista e vendi

Community

Informazioni sulla documentazione di Red Hat

Aiutiamo gli utenti Red Hat a innovarsi e raggiungere i propri obiettivi con i nostri prodotti e servizi grazie a contenuti di cui possono fidarsi. Esplora i nostri ultimi aggiornamenti.

Rendiamo l’open source più inclusivo

Red Hat si impegna a sostituire il linguaggio problematico nel codice, nella documentazione e nelle proprietà web. Per maggiori dettagli, visita il Blog di Red Hat.

Informazioni su Red Hat

Forniamo soluzioni consolidate che rendono più semplice per le aziende lavorare su piattaforme e ambienti diversi, dal datacenter centrale all'edge della rete.

Theme

© 2025 Red Hat