I added recently a new node to my existing okd 3.9 cluster. I have now an infra_node(master), 3 nodes in primary region and the new_node in a secondary region.The new_node is located at the office under a NAT so i created an ipsec vpn between it and the master. I needed to add some firewall rules to the master and route the traffic to the new_node over the master on the primary_nodes. The node to node connectivity between all the nodes works very fine. I can reach also the new_node from the pods on the other nodes. The problem though is that i can not reach the ssl internal registry from the new_node.`curl -v https://docker-registry.default.svc:5000` results in a timeout. The problem is mention in the documentation. <https://docs.openshift.com/container-platform/3.9/day_two_guide/environment_health_checks.html#day-two-guide-verifying_mtu> I tried to change the MTU size on all nodes to 1388 as mentioned here <https://docs.openshift.com/container-platform/3.9/admin_guide/ipsec.html#admin-guide-ipsec-encrypting-hosts> and i restarted the node service on all nodes but the network breaks completely on the interface tun0. Any help ?
Thanks Alix
_______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
