how to seperate traffic in Rook
AFAIK ceph have 2 specific trafic path:
- Traffic between client and ceph nodes,
- Traffic between ceph nodes (Inter Ceph-node).
So, let say my network is like this
Note :
- Kube-node-4 is a kubernet worker that do not take part as rook node. Just a ceph-client
- Red, Green and blue line is a seperate ethernet network.
Can I do trafic seperation like this using Rook? Is there any documentation on how to do it?
Sincerely
-bino-
Check out the ceph docs, what you describe is the separation of public and cluster networks. Cluster network is used for OSD <--> OSD traffic only (replication of PGs) while the public network is for Ceph clients as well as the other Ceph daemons (MON, MGR, etc). I'm not familiar with rook but according to the guide you have to override the config, to get the current config map run:
kubectl -n rook-ceph get ConfigMap rook-config-override -o yaml
Enable the hostNetwork setting in the Ceph Cluster CRD configuration. For example,
network:
provider: host
and then
Define the subnets to use for public and private OSD networks. Edit the rook-config-override configmap to define the custom network configuration:
kubectl -n rook-ceph edit configmap rook-config-override
In the editor, add a custom configuration to instruct ceph which subnet is the public network and which subnet is the private network. For example:
apiVersion: v1
data:
config: |
[global]
public network = 10.0.7.0/24
cluster network = 10.0.10.0/24
public addr = ""
cluster addr = ""
After applying the updated rook-config-override configmap, it will be necessary to restart the OSDs by deleting the OSD pods in order to apply the change. Restart the OSD pods by deleting them, one at a time, and running ceph -s between each restart to ensure the cluster goes back to "active/clean" state.
- Error configuring TLS error: secret xxx does not exist
- Is there an imperative command to create daemonsets in kubernetes?
- Mongo DB deployment not working in kubernetes because processor doesn't have AVX support
- Nginx Ingress Controller - Failed Calling Webhook
- Easily detect deprecated resources on Kubernetes
- How to configure a Kubernetes Multi-Pod Deployment
- Difference between targetPort and port in Kubernetes Service definition
- Failed to load module script: Expected a JavaScript module script but the server responded with a MIME type of "text/html"
- Can't install Kubernetes on Vagrant
- How do I force Kubernetes to re-pull an image?
- no endpoints available for service \"kubernetes-dashboard\"
- Cannot install kubernetes helm chart Error: cannot re-use a name that is still in use
- helm error "Error: This command needs 2 arguments: release name, chart path"
- Helm --set with > as special Charcater at the end
- kubernetes dashboard (web ui) has nothing to display
- k8s CRD definition: 4 mutually exclusive optional fields
- failed calling webhook "vingress.elbv2.k8s.aws"
- Minikube with ingress example not working
- How to configure a kubernetes bare-metal ingress controller to listen to port 80?
- How to replicate the RuntimeDefault seccompProfile in Kubernetes to run in Docker?
- Add extra custom labels to existing helm chart
- Requirements for installing a Helm chart on a multi-cluster Kubernetes platform
- Can I guarantee the "kubernetes" Service will retain a consistent ClusterIP following cluster creation even if I attempt to modify or recreate it?
- Why should we set -XX:InitialRAMPercentage and -XX:MaxRAMPercentage to the same value for cloud environment?
- BadRequest error on deployment of yaml file
- How to switch kubectl clusters between gcloud and minikube
- How to find master node from worker node in Kubernetes
- Difference between deploying an app in kubernetes cluster and a normal droplet?
- Is "current-context" a mandatory key in a kubeconfig file?
- kubernetes cluster cant intilized