Page MenuHomePhabricator
Create Task
Maniphest T165732

Assigning IP space for kubernetes IPs
Closed, ResolvedPublic
Actions

Description

Up to now we 've been using 192.168/16 IPs for kubernetes in production. That was fine during the initial phases but we should migrate to a better scheme and assign IPs in the 10/8 space. Also we should assign IPv6 addresses and we should do this for all 3 clusters (eqiad, codfw and staging).

An interesting question is what we should end up doing with Service IPs. Service IPs are never seen on the network (on the physical wire) due to the various NATs so we could use whatever we want. However, it might make sense to have an assignment documented so at least it's easy to look up the used IPs.

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
Specify the correct service IPs for kubernetes clustersoperations/puppetproduction+2 -2
Utilize the allocated service ips in kubernetesoperations/puppetproduction+6 -5
Assign the kubernetes pod IPs in DNSoperations/dnsmaster+61 -0
Customize query in gerrit

Related Objects
Search...

Event Timeline

akosiaris created this task.May 19 2017, 10:16 AM
akosiaris updated the task description. (Show Details)May 19 2017, 10:20 AM
gerritbot subscribed.May 19 2017, 11:06 AM

Change 341794 had a related patch set uploaded (by Alexandros Kosiaris; owner: Alexandros Kosiaris):
[operations/dns@master] Assign the kubernetes pod IPs in DNS

https://gerrit.wikimedia.org/r/341794

gerritbot added a project: Patch-For-Review.May 19 2017, 11:06 AM
akosiaris added subscribers: Joe, faidon, mark.May 19 2017, 11:12 AM

With the patch above we have:

  • production clusters (codfw + eqiad) IPv4, IPv6 pod IPs assigned
  • staging cluster (eqiad) IPv4, IPv6 pod IPs assigned
  • production clusters (codfw + eqiad) IPv4, IPv6 service IPs assigned
  • staging cluster (eqiad) IPv4, IPv6 service IPs assigned
gerritbot added a comment.May 29 2017, 12:30 PM

Change 341794 merged by Alexandros Kosiaris:
[operations/dns@master] Assign the kubernetes pod IPs in DNS

https://gerrit.wikimedia.org/r/341794

Stashbot subscribed.May 29 2017, 12:31 PM

Mentioned in SAL (#wikimedia-operations) [2017-05-29T12:31:22Z] <akosiaris> update kubernetes policy-options on cr{1,2}-{eqiad,codfw}. T165732

akosiaris renamed this task from Assigning IP space for kubernetes pod IPs to Assigning IP space for kubernetes IPs.May 29 2017, 12:32 PM
akosiaris updated the task description. (Show Details)

In the interest of having this documented and not use some 192.168/16 IP space I 've assigned IP spaces for the service IPs ranges as well

gerritbot added a comment.May 29 2017, 1:27 PM

Change 356039 had a related patch set uploaded (by Alexandros Kosiaris; owner: Alexandros Kosiaris):
[operations/puppet@production] Utilize the allocated service ips in kubernetes

https://gerrit.wikimedia.org/r/356039

gerritbot added a comment.May 29 2017, 1:52 PM

Change 356039 merged by Alexandros Kosiaris:
[operations/puppet@production] Utilize the allocated service ips in kubernetes

https://gerrit.wikimedia.org/r/356039

gerritbot added a comment.May 29 2017, 2:23 PM

Change 356050 had a related patch set uploaded (by Alexandros Kosiaris; owner: Alexandros Kosiaris):
[operations/puppet@production] Specify the correct service IPs for kubernetes clusters

https://gerrit.wikimedia.org/r/356050

gerritbot added a comment.May 29 2017, 2:26 PM

Change 356050 merged by Alexandros Kosiaris:
[operations/puppet@production] Specify the correct service IPs for kubernetes clusters

https://gerrit.wikimedia.org/r/356050

akosiaris closed this task as Resolved.May 30 2017, 2:44 PM
akosiaris claimed this task.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits