Red Hat Summit3.3. Configuring router ingress
If your MicroShift applications need to listen only for data traffic, you can configure the listenAddress setting to isolate your devices. You can also configure specific ports and IP addresses for network connections. Use the combination required to customize the endpoint configuration for your use case.
3.3.1. Configuring router ports
You can control which ports your devices use by configuring the router ingress fields.
Prerequisites
- You installed MicroShift.
-
You created a MicroShift
config.yamlfile. -
The OpenShift CLI (
oc) is installed.
If you complete all the configurations that you need to make in the MicroShift config.yaml file at the same time, you can minimize system restarts.
Procedure
Update the MicroShift
config.yamlport values in theingress.ports.httpandingress.ports.httpsfields to the ports you want to use:Example
config.yamlrouter settings# ... ingress: ports:1 http: 80 https: 443 routeAdmissionPolicy: namespaceOwnership: InterNamespaceAllowed status: Managed2 # ...Restart the MicroShift service by running the following command:
$ sudo systemctl restart microshift
3.3.2. Configuring router IP addresses
You can restrict the network traffic to the router by configuring specific IP addresses. For example:
- Use cases where the router is reachable only on internal networks, but not on northbound public networks
- Use cases where the router is reachable only by northbound public networks, but not on internal networks
- Use cases where the router is reachable by both internal networks and northbound public networks, but on separate IP addresses
Prerequisites
- You installed MicroShift.
-
You created a MicroShift
config.yamlfile. -
The OpenShift CLI (
oc) is installed.
If you complete all the configurations that you need to make in the MicroShift config.yaml file at the same time, you can minimize system restarts.
Procedure
Update the list in the
ingress.listenAddressfield in the MicroShiftconfig.yamlaccording to your requirements and as shown in the following examples:Default router IP address list
# ... ingress: listenAddress: - "<host_network>"1 # ...- 1
- The
ingress.listenAddressvalue defaults to the entire network of the host. To continue to use the default list, remove thelisten.Addressfield from the MicroShiftconfig.yamlfile. To customize this parameter, use a list. The list can contain either a single IP address or NIC name or multiple IP addresses and NIC names.
重要You must either remove the
listenAddressparameter or add values to it in the form of a list when using theconfig.yamlfile. Do not leave the field empty or MicroShift crashes on restart.Example router setting with a single host IP address
# ... ingress: listenAddress: - 10.2.1.100 # ...Example router setting with a combination of IP addresses and NIC names
# ... ingress: listenAddress: - 10.2.1.100 - 10.2.2.10 - ens3 # ...Restart the MicroShift service by running the following command:
$ sudo systemctl restart microshift
Verification
-
To verify that your settings are applied, make sure that the
ingress.listenAddressIP addresses are reachable, then you cancurlthe route with the destination to one of these load balancer IP address.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}