From 985996292948495bf37f17e604e136ac26dd741e Mon Sep 17 00:00:00 2001 From: Emilio Garcia Date: Wed, 20 May 2020 12:25:58 -0400 Subject: [PATCH] Don't create router to external network when BYO subnet is set It may not be possible to set a router to the external network, or may not be necessary, depending on how the customer chooses to route their traffic. Since it is very hard to contextually deduce what external routing scheme the customer wants to set up, it is preferrable to just not attempt to automate anything for them, and let them customize it themselves. --- data/data/openstack/topology/private-network.tf | 6 ++++-- docs/user/openstack/customization.md | 2 +- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/data/data/openstack/topology/private-network.tf b/data/data/openstack/topology/private-network.tf index c9035709714..7b280e39c82 100644 --- a/data/data/openstack/topology/private-network.tf +++ b/data/data/openstack/topology/private-network.tf @@ -2,6 +2,7 @@ locals { nodes_cidr_block = var.cidr_block nodes_subnet_id = var.machines_subnet_id != "" ? var.machines_subnet_id : openstack_networking_subnet_v2.nodes[0].id nodes_network_id = var.machines_network_id != "" ? var.machines_network_id : openstack_networking_network_v2.openshift-private[0].id + create_router = var.machines_subnet_id != "" ? 0 : 1 } data "openstack_networking_network_v2" "external_network" { @@ -127,10 +128,10 @@ resource "openstack_networking_floatingip_associate_v2" "api_fip" { count = length(var.lb_floating_ip) == 0 ? 0 : 1 port_id = openstack_networking_port_v2.api_port.id floating_ip = var.lb_floating_ip - depends_on = [openstack_networking_router_interface_v2.nodes_router_interface] } resource "openstack_networking_router_v2" "openshift-external-router" { + count = local.create_router name = "${var.cluster_id}-external-router" admin_state_up = true external_network_id = data.openstack_networking_network_v2.external_network.id @@ -138,6 +139,7 @@ resource "openstack_networking_router_v2" "openshift-external-router" { } resource "openstack_networking_router_interface_v2" "nodes_router_interface" { - router_id = openstack_networking_router_v2.openshift-external-router.id + count = local.create_router + router_id = openstack_networking_router_v2.openshift-external-router[0].id subnet_id = local.nodes_subnet_id } diff --git a/docs/user/openstack/customization.md b/docs/user/openstack/customization.md index f3717a78449..2d12aa9e49e 100644 --- a/docs/user/openstack/customization.md +++ b/docs/user/openstack/customization.md @@ -28,7 +28,7 @@ Beyond the [platform-agnostic `install-config.yaml` properties](../customization * `clusterOSImage` (optional string): Either a URL with `http(s)` or `file` scheme to override the default OS image for cluster nodes or an existing Glance image name. * `apiVIP` (optional string): An IP addresss on the machineNetwork that will be assigned to the API VIP. Be aware that the `10` and `11` of the machineNetwork will be taken by neutron dhcp by default, and wont be available. * `ingressVIP` (optional string): An IP address on the machineNetwork that will be assigned to the ingress VIP. Be aware that the `10` and `11` of the machineNetwork will be taken by neutron dhcp by default, and wont be available. -* `machinesSubnet` (optional string): the UUID of an openstack subnet to install the nodes of the cluster onto. The first CIDR in `networks.machineNetwork` must match the cidr of the `machinesSubnet`. Also note that setting `externalDNS` while setting `machinesSubnet` is invalid usage. If you want to add a DNS to your cluster while using a custom subnet, add it to the subnet in openstack [like this](https://docs.openstack.org/neutron/rocky/admin/config-dns-res.html). +* `machinesSubnet` (optional string): the UUID of an openstack subnet to install the nodes of the cluster onto. The first CIDR in `networks.machineNetwork` must match the cidr of the `machinesSubnet`. In order to support more complex networking configurations, we expect the subnet passed to already be connected to an external network in some way. When this option is set, we will no longer attempt to create a router. Also note that setting `externalDNS` while setting `machinesSubnet` is invalid usage. If you want to add a DNS to your cluster while using a custom subnet, add it to the subnet in openstack [like this](https://docs.openstack.org/neutron/rocky/admin/config-dns-res.html). ## Machine pools