红帽全球峰会3.5. Cluster Network Operator configuration
The configuration for the cluster network is specified as part of the Cluster Network Operator (CNO) configuration and stored in a CR object that is named cluster. The CR specifies the parameters for the Network API in the operator.openshift.io API group.
You can specify the cluster network configuration for your OpenShift Container Platform cluster by setting the parameter values for the defaultNetwork parameter in the CNO CR. The following CR displays the default configuration for the CNO and explains both the parameters you can configure and the valid parameter values:
Cluster Network Operator CR
apiVersion: operator.openshift.io/v1 kind: Network metadata: name: cluster spec: clusterNetwork: 1 - cidr: 10.128.0.0/14 hostPrefix: 23 serviceNetwork: 2 - 172.30.0.0/16 defaultNetwork: 3 ... kubeProxyConfig: 4 iptablesSyncPeriod: 30s 5 proxyArguments: iptables-min-sync-period: 6 - 0s
- 1
- A list specifying the blocks of IP addresses from which pod IP addresses are allocated and the subnet prefix length assigned to each individual node.
- 2
- A block of IP addresses for services. The OpenShift SDN Container Network Interface (CNI) network provider supports only a single IP address block for the service network.
- 3
- Configures the default CNI network provider for the cluster network.
- 4
- The parameters for this object specify the Kubernetes network proxy (kube-proxy) configuration. If you are using the OVN-Kubernetes default CNI network provider, the kube-proxy configuration has no effect.
- 5
- The refresh period for
iptablesrules. The default value is30s. Valid suffixes includes,m, andhand are described in the Go time package documentation.注意Because of performance improvements introduced in OpenShift Container Platform 4.3 and greater, adjusting the
iptablesSyncPeriodparameter is no longer necessary. - 6
- The minimum duration before refreshing
iptablesrules. This parameter ensures that the refresh does not happen too frequently. Valid suffixes includes,m, andhand are described in the Go time package.
3.5.1. Configuration parameters for the OpenShift SDN default CNI network provider
The following YAML object describes the configuration parameters for the OpenShift SDN default Container Network Interface (CNI) network provider.
You can only change the configuration for your default CNI network provider during cluster installation.
defaultNetwork: type: OpenShiftSDN 1 openshiftSDNConfig: 2 mode: NetworkPolicy 3 mtu: 1450 4 vxlanPort: 4789 5
- 1
- The default CNI network provider plug-in that is used.
- 2
- OpenShift SDN specific configuration parameters.
- 3
- The network isolation mode for OpenShift SDN.
- 4
- The maximum transmission unit (MTU) for the VXLAN overlay network. This value is normally configured automatically.
- 5
- The port to use for all VXLAN packets. The default value is
4789.
3.5.2. Configuration parameters for the OVN-Kubernetes default CNI network provider
The following YAML object describes the configuration parameters for the OVN-Kubernetes default CNI network provider.
You can only change the configuration for your default CNI network provider during cluster installation.
defaultNetwork: type: OVNKubernetes 1 ovnKubernetesConfig: 2 mtu: 1400 3 genevePort: 6081 4
3.5.3. Cluster Network Operator example configuration
A complete CR object for the CNO is displayed in the following example:
Cluster Network Operator example CR
apiVersion: operator.openshift.io/v1
kind: Network
metadata:
name: cluster
spec:
clusterNetwork:
- cidr: 10.128.0.0/14
hostPrefix: 23
serviceNetwork:
- 172.30.0.0/16
defaultNetwork:
type: OpenShiftSDN
openshiftSDNConfig:
mode: NetworkPolicy
mtu: 1450
vxlanPort: 4789
kubeProxyConfig:
iptablesSyncPeriod: 30s
proxyArguments:
iptables-min-sync-period:
- 0s
