Using the Egressip Ipam Operator with a Private ARO Cluster
This content is authored by Red Hat experts, but has not yet been tested on every supported configuration.
This guide is only valid for ARO clusters created on version 4.10 or earlier.
Clusters created on version 4.11 and later use OVNKubernetes as their Container Network Interface, and egressip-ipam-operator does not support OVNKubernetes.
In addition, please refer
here
to create a private ARO cluster without using public IP address. This way, you will be using UserDefinedRouting for
egress
.
Prerequisites
- A private ARO cluster that uses OpenShift SDN as its CNI
Deploy the Egressip Ipam Operator
Via GUI
Log into the ARO cluster’s Console
Switch to the Administrator view
Click on Operators -> Operator Hub
Search for “Egressip Ipam Operator”
Install it with the default settings
or
Via CLI
Deploy the
egress-ipam-operator
Configure EgressIP
Create an EgressIPAM resource for your cluster. Update the CIDR to reflect the worker node subnet.
Create test namespaces
Check the namespaces have IPs assigned
The output should look like:
Check they’re actually set as Egress IPs
The output should look like:
Finally check the Host Subnets for Egress IPS
The output should look like:
Test Egress
Log into your jumpbox and allow http into firewall
Install and start apache httpd
Create a index.html
tail apache logs
Start an interactive pod in one of your new namespaces
The output should look the following (the IP should match the egress IP of your namespace):
