I had exactly the same concern and I discovered that inside the heat template there is a bastion mode, which once enabled it doesn’t use floating ip’s any more.
Have a look at https://github.com/openshift/openshift-ansible-contrib/blob/master/playbooks/provisioning/openstack/advanced-configuration.md I think you want openstack_use_bastion: True but I am yet to test it out so I’d recommend checking the heat template to see if it does what I think it does. At the bottom of that advanced page it mentions that in bastion mode scale up doesn’t work for some reason, so I don’t know if that matters for you. Otherwise an alternative is to create a floating ip range that uses private non-routable ip addressees. That’s what we’re using in our on-premise OpenStack. But only because we hadn’t discovered the bastion mode at the time. Hope that helps. On Fri, 5 Jan 2018 at 4:10 am, Tim Dudgeon <tdudgeon...@gmail.com> wrote: > I hope this is the right place to ask questions about the > openshift/openshift-ansible-contrib GitHub repo, and specifically the > playbooks for installing OpenShift on OpenStack: > > https://github.com/openshift/openshift-ansible-contrib/tree/master/playbooks/provisioning/openstack > If not then please redirect me. > > By following the instructions in that link I successfully ran a basic > deployment that involved provisioning the OpenStack servers and the > deploying OpenShift using the byo config.yaml playbook. But in doing so > it's immediately obvious that this approach is not really viable as > public IP addresses are assigned to every node. It should only be > necessary to have public IP addresses for the master and the > infrastructure node hosting the router. > > My expectation is that the best way to handle this would be to: > > 1. provision the basic openstack networking environment plus a bastion > node from outside the openstack environment > 2. from that bastion node provision the nodes that will form the > OpenShift cluster and deploy OpenShift to those. > > Are there any examples along those lines? > > > _______________________________________________ > users mailing list > users@lists.openshift.redhat.com > http://lists.openshift.redhat.com/openshiftmm/listinfo/users >
_______________________________________________ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users
