Hi,
Your problem is you had set the same EgressIP to multiple hosts. The
EgressIP will not SNAT the egress traffic if it appears in multiple hosts.
[root@localhost ~]# oc get hostsubnet
NAME HOST HOST IP SUBNET EGRESS IPS
10.160.67.128 10.160.67.128 10.160.67.128 10.130.0.0/23
<http://10.130.0.0/23> *[10.160.67.253]*
10.160.67.192 10.160.67.192 10.160.67.192 10.129.0.0/23
<http://10.129.0.0/23> *[10.160.67.253]*
10.160.67.64 10.160.67.64 10.160.67.64 10.128.0.0/23
<http://10.128.0.0/23> []
Thanks.
On 01/06/2018 06:21 AM, Aditya Somasundara wrote:
I have configured the Egress IPs as mentioned in the link
https://docs.openshift.com/container-platform/latest/admin_guide/managing_networking.html#enabling-static-ips-for-external-project-traffic
<https://docs.openshift.com/container-platform/latest/admin_guide/managing_networking.html#enabling-static-ips-for-external-project-traffic>
but I don't see the server receiving traffic with the NAT'ted source
IP configured. Am I missing some configuration? (pls see details below).
Thanks,
Version
OpenShift Master:
v3.7.9
Kubernetes Master:
v1.7.6+a08f5eeb62
*1.* *[root@localhost ~]# oc get netnamespaces*
oc get hostsubnet
NAME NETID EGRESS IPS
admin 7512341 []
default 0 []
*egress-ip-project *9734640* [10.160.67.253]*
kube-public 4698488 []
kube-service-catalog 0 []
kube-system 4311131 []
logging 11883490 []
management-infra 2810647 []
openshift 3933613 []
openshift-ansible-service-broker 11884716 []
openshift-infra 16683205 []
openshift-node 8520228 []
openshift-template-service-broker 12892895 []
red 15089640 []
someproject 9813566 []
*[root@localhost ~]# oc get hostsubnet*
NAME HOST HOST IP SUBNET EGRESS IPS
*10.160.67.128* 10.160.67.128 10.160.67.128 10.130.0.0/23
<http://10.130.0.0/23> *[10.160.67.253]*
10.160.67.192 10.160.67.192 10.160.67.192 10.129.0.0/23
<http://10.129.0.0/23> [10.160.67.253]
10.160.67.64 10.160.67.64 10.160.67.64 10.128.0.0/23
<http://10.128.0.0/23> []
*[root@localhost ~]# oc get pods -n egress-ip-project -o wide*
NAME READY STATUS RESTARTS AGE IP
NODE
*test-app-1-2gvxs* 1/1 Running 0 6m
10.130.1.39 *10.160.67.128*
test-app-1-52vr2 1/1 Running 0 6m 10.129.1.110
10.160.67.192
*2.* *On Source node *(where test-app-1-2gvxs is running, curl to an
outside IP address as below)*:*
[root@localhost ~]#*docker ps | grep test-app-1-2gvxs*
86cf5969b93e
docker.io/avinetworks/server-os@sha256:b3986cfb559e0df1a234b76e6b5caf003492970d05c749a37e28ef1b9e9951f1
<http://docker.io/avinetworks/server-os@sha256:b3986cfb559e0df1a234b76e6b5caf003492970d05c749a37e28ef1b9e9951f1>
"/bin/server.sh" 8 minutes ago Up 8 minutes
k8s_test-app_test-app-1-2gvxs_egress-ip-project_bb3e2882-f263-11e7-b91a-005056add497_0
6e2520a59826 openshift3/ose-pod:v3.7.9
"/usr/bin/pod" 8 minutes ago Up 8 minutes
k8s_POD_test-app-1-2gvxs_egress-ip-project_bb3e2882-f263-11e7-b91a-005056add497_0
[root@localhost ~]# docker exec -it 86c bash
bash-4.3$* curl 10.160.1.100:8088 <http://10.160.1.100:8088/>*
*<h> Hello from 10.160.1.100 <\h>*
*
*
*3. **On Server 10.160.1.100**:*
*>> 10.160.67.128 *- - [05/Jan/2018 22:08:14] "GET / HTTP/1.1" *200
<<< source IP is 10.160.67.128 instead of 10.160.67.253*
_______________________________________________
dev mailing list
[email protected]
http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
_______________________________________________
dev mailing list
[email protected]
http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
