From 1c8f8fdc4a2d35ff5350375659b6a102c0d1835d Mon Sep 17 00:00:00 2001 From: bobz965 Date: Tue, 8 Aug 2023 13:56:48 +0800 Subject: [PATCH] =?UTF-8?q?=E7=AE=80=E5=8C=96=20oeip=20=E7=B1=BB=E5=9E=8B,?= =?UTF-8?q?=E6=94=AF=E6=8C=81=20lrp=20=E7=B1=BB=E5=9E=8B=E8=A2=AB=20nat=20?= =?UTF-8?q?=E5=A4=8D=E7=94=A8=20(#111)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- docs/advance/ovn-eip-fip-snat.en.md | 15 ++++++++------- docs/advance/ovn-eip-fip-snat.md | 16 ++++++++-------- docs/advance/ovn-l3-ha-based-ecmp-with-bfd.en.md | 8 ++++---- docs/advance/ovn-l3-ha-based-ecmp-with-bfd.md | 8 ++++---- 4 files changed, 24 insertions(+), 23 deletions(-) diff --git a/docs/advance/ovn-eip-fip-snat.en.md b/docs/advance/ovn-eip-fip-snat.en.md index 42381d3a3..74b7e56e6 100644 --- a/docs/advance/ovn-eip-fip-snat.en.md +++ b/docs/advance/ovn-eip-fip-snat.en.md @@ -188,7 +188,7 @@ This function is designed and used in the same way as iptables-eip, ovn-eip curr - nat: indicates ovn dnat, fip, and snat. These nat types are recorded in status - lrp: indicates the resource used to connect a vpc to the public network -- node-ext-gw: applies to ovn BFD-based ecmp static route scenario +- lsp: In the ovn BFD-based ecmp static route scenario, an ovs internal port is provided on the gateway node as the next hop of the ecmp route ``` bash --- @@ -198,9 +198,9 @@ metadata: name: eip-static spec: externalSubnet: external204 - type: fip + type: nat -# Dynamically allocate an eip resource that is reserved for fip scenarios +# Dynamically allocate an eip resource that is reserved for fip dnat_and_snat scenarios ``` ### 2.1 Create an fip for pod @@ -222,7 +222,7 @@ metadata: name: eip-static spec: externalSubnet: external204 - type: fip + type: nat --- kind: OvnFip @@ -297,7 +297,7 @@ metadata: name: eip-for-vip spec: externalSubnet: external204 - type: fip + type: nat --- kind: OvnFip @@ -370,7 +370,7 @@ metadata: name: snat-for-subnet-in-vpc spec: externalSubnet: external204 - type: snat + type: nat --- kind: OvnSnatRule @@ -395,7 +395,7 @@ metadata: name: snat-for-pod-vpc-ip spec: externalSubnet: external204 - type: snat + type: nat --- kind: OvnSnatRule @@ -502,6 +502,7 @@ metadata: name: eip-static spec: externalSubnet: underlay + type: nat --- kind: OvnDnatRule apiVersion: kubeovn.io/v1 diff --git a/docs/advance/ovn-eip-fip-snat.md b/docs/advance/ovn-eip-fip-snat.md index 4d8d70be3..28b6a5cb4 100644 --- a/docs/advance/ovn-eip-fip-snat.md +++ b/docs/advance/ovn-eip-fip-snat.md @@ -50,7 +50,7 @@ Pod 基于 FIP 出公网的大致流程,最后可以基于本地节点的公 - 基于该配置项可以对接到 provider network,vlan,subnet 的资源。 - 基于该配置项可以将默认 vpc enable_eip_snat 功能对接到已有的 vlan,subnet 资源,同时支持公网 ip 的 ipam。 -- 如果仅使用默认 vpc 的 enable_eip_snat 模式, 且仅使用旧的基于 pod annotaion 的 eip fip snat,那么这个配置无需配置。 +- 如果仅使用默认 vpc 的 enable_eip_snat 模式, 且仅使用旧的基于 pod annotaion 的 fip snat,那么这个配置无需配置。 - 基于该配置可以不使用默认 vpc enable_eip_snat 流程,仅通过对应到 vlan,subnet 流程,可以兼容仅自定义 vpc 使用 eip snat 的使用场景。 ### 1.1 准备 underlay 公网网络 @@ -185,8 +185,8 @@ Route Table
: 该功能和 iptables-eip 设计和使用方式基本一致,ovn-eip 目前有三种 type - nat: 用于 ovn dnat,fip, snat, 这些 nat 类型会记录在 status 中 -- lrp: 用于 vpc 和公网相连的资源 -- node-ext-gw: 用于 ovn 基于 bfd 的 ecmp 静态路由场景 +- lrp: Resources connected to the public network from a vpc can be used by nat +- lsp: 用于 ovn 基于 bfd 的 ecmp 静态路由场景,在网关节点上提供一个 ovs internal port 作为 ecmp 路由的下一跳 ``` bash --- @@ -196,7 +196,7 @@ metadata: name: eip-static spec: externalSubnet: external204 - type: fip + type: nat # 动态分配一个 eip 资源,该资源预留用于 fip 场景 ``` @@ -220,7 +220,7 @@ metadata: name: eip-static spec: externalSubnet: external204 - type: fip + type: nat --- kind: OvnFip @@ -296,7 +296,7 @@ metadata: name: eip-for-vip spec: externalSubnet: external204 - type: fip + type: nat --- kind: OvnFip @@ -369,7 +369,7 @@ metadata: name: snat-for-subnet-in-vpc spec: externalSubnet: external204 - type: snat + type: nat --- kind: OvnSnatRule @@ -394,7 +394,7 @@ metadata: name: snat-for-pod-vpc-ip spec: externalSubnet: external204 - type: snat + type: nat --- kind: OvnSnatRule diff --git a/docs/advance/ovn-l3-ha-based-ecmp-with-bfd.en.md b/docs/advance/ovn-l3-ha-based-ecmp-with-bfd.en.md index e0b77361c..ee249656f 100644 --- a/docs/advance/ovn-l3-ha-based-ecmp-with-bfd.en.md +++ b/docs/advance/ovn-l3-ha-based-ecmp-with-bfd.en.md @@ -15,7 +15,7 @@ external-subnet-->gw-node3-ovnext0--> node3-external-switch This functions basically the same as [ovn-eip-fip-snat.md](./ovn-eip-fip-snat.md) . -As for the different parts, which will be specified in the following sections, mainly including the creation of ovn-eip of node-ext-gw type and the automatic maintenance of bfd as well as ecmp static routes based on vpc enable_bfd. +As for the different parts, which will be specified in the following sections, mainly including the creation of ovn-eip of lsp type and the automatic maintenance of bfd as well as ecmp static routes based on vpc enable_bfd. ## 1. Deployment @@ -41,7 +41,7 @@ metadata: name: pc-node-1 spec: externalSubnet: external204 - type: node-ext-gw + type: lsp --- kind: OvnEip @@ -50,7 +50,7 @@ metadata: name: pc-node-2 spec: externalSubnet: external204 - type: node-ext-gw + type: lsp --- kind: OvnEip @@ -59,7 +59,7 @@ metadata: name: pc-node-3 spec: externalSubnet: external204 - type: node-ext-gw + type: lsp ``` Since this scenario is currently designed for vpc ecmp out of the public network, the gateway node above will not trigger the creation of a gateway NIC when there is no vpc enabled bfd, i.e. when there is no ovn eip (lrp) with enable bfd labeled, and will not be able to successfully start listening to the bfd session on the other side. diff --git a/docs/advance/ovn-l3-ha-based-ecmp-with-bfd.md b/docs/advance/ovn-l3-ha-based-ecmp-with-bfd.md index aa9f1741b..790b874fe 100644 --- a/docs/advance/ovn-l3-ha-based-ecmp-with-bfd.md +++ b/docs/advance/ovn-l3-ha-based-ecmp-with-bfd.md @@ -15,7 +15,7 @@ external-subnet-->gw-node3-ovnext0--> node3-external-switch 该功能的使用方式和[ovn-eip-fip-snat.md](./ovn-eip-fip-snat.md) 基本一致,一致的部分包括 install.sh 的部署部分,provider-network,vlan,subnet 的准备部分。 -至于不相同的部分,会在以下部分具体阐述,主要包括 node-ext-gw 类型的 ovn-eip 的创建,以及基于 vpc enable_bfd 自动维护 bfd 以及 ecmp 静态路由。 +至于不相同的部分,会在以下部分具体阐述,主要包括 lsp 类型的 ovn-eip 的创建,以及基于 vpc enable_bfd 自动维护 bfd 以及 ecmp 静态路由。 ## 1. 部署 @@ -38,7 +38,7 @@ metadata: name: pc-node-1 spec: externalSubnet: external204 - type: node-ext-gw + type: lsp --- kind: OvnEip @@ -47,7 +47,7 @@ metadata: name: pc-node-2 spec: externalSubnet: external204 - type: node-ext-gw + type: lsp --- kind: OvnEip @@ -56,7 +56,7 @@ metadata: name: pc-node-3 spec: externalSubnet: external204 - type: node-ext-gw + type: lsp ``` 由于这个场景目前设计上是供 vpc ecmp 出公网使用,所以以上在没有 vpc 启用 bfd 的时候,即不存在带有 enable bfd 标签的 lrp 的 ovn eip 的时候,网关节点不会触发创建网关网卡,也无法成功启动对端 bfd 会话的监听。