Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

✨ Use IPAM solution for node ips #130

Closed
Mattes83 opened this issue May 22, 2024 · 3 comments
Closed

✨ Use IPAM solution for node ips #130

Mattes83 opened this issue May 22, 2024 · 3 comments
Labels
enhancement New feature or request kind/feature Categorizes issue or PR as related to a new feature.
Milestone
v0.5.0

Comments

@Mattes83
Copy link
Contributor

Describe the solution you'd like:
We are using third party systems outside of kubernetes which only accept incoming traffic from certain ip ranges.
Therefore we need static node ips.

CAPV for example allows to use an IPAM provider like https://github.com/kubernetes-sigs/cluster-api-ipam-provider-in-cluster
The proposal would be to add an optional reference to an IPAddressPools in the IonosCloudMachineSpec.
The IonosCloudMachineController would create an IPAddressClaim and wait for an IPAM provider to create an IPAddress from the IPAddressClaim. When the IPAddress is created it can request the ionos api to create the server with this IP.
If there is no reference we use DHCP just like before.

type IonosCloudMachineSpec struct {
	
	// PrimaryAddressFrom is an IPAddressPools that should be assigned
	// to an IPAddressClaims.
	// +optional
	PrimaryAddressFrom *corev1.TypedLocalObjectReference `json:"primaryAddressFrom,omitempty"`
}

What do you think about the api change? If you agree I'd like to implement it.
@Mattes83 Mattes83 added enhancement New feature or request kind/feature Categorizes issue or PR as related to a new feature. labels May 22, 2024
@farodin91
Copy link
Contributor

In the future, it would be good, if IONOS has it's on pool implementation to use IONOS IP Block directly.

@piepmatz
Copy link
Contributor

We'll need something like this, too. I'll collect some more information and get back to you later this week.

@piepmatz
Copy link
Contributor

I'm not sure about the PrimaryAddressFrom name, but we don't need to decide that now. The general idea sounds fine, so go for it! :)

I have doubts whether our general network design of having some fields related to the primary NIC only and AdditionalNetworks separated from it was a good idea. Supporting IP pools for those additional networks would be benefical, too, but that's out of scope for now and will likely be part of another API version.

Two things to keep in mind for the implementation, though:

  • We want to support dual-stack from the start, IPv6 is enabled by default, also for the primary NIC. Can the IP pool feature be done in a dual-stack way with only one IPAddressPools or would we need to allow referencing two separate ones?
  • This provider is aiming for feature parity with our Managed K8s offering. That involves offering private node pools, i.e. the nodes are only connected to a private network, unexposed to the Internet. However, they are behind a NAT gateway to have Internet access. In such a setup we also need IPAM to determine the node IPs in that private network. When adding that feature in this provider, the required IP pool reference(s?) will be on the IonosCloudCluster CRD. In consequence, the logic you build for this issue should be not too coupled to IonosCloudMachines, but be somewhat reusable for that future use case.

@Mattes83 Mattes83 mentioned this issue Jun 6, 2024
Merged
4 tasks
lubedacht pushed a commit that referenced this issue Aug 30, 2024
@Mattes83
✨ Add IPAM for nodes (#142)
075f649 
**What is the purpose of this pull request/Why do we need it?**
We would like to get IPs from a fixed pool of IPs instead of relying on
the DHCP.


**Issue #, if available:**
#130

**Description of changes:**
- added IPv4PoolRef/IPv6PoolRef to both IonosCloudMachine and Network
- workflow: IonosCloudMachine controller checks for PoolRefs and creates
IPAddressClaims when needed. It then waits for an external controller to
create IPAddress objects from the IPAddressClaim. Then it uses the IP
from the IPAddress object to create a server via Ionos cloud api.

**Special notes for your reviewer:**
I did not write tests yet as I am waiting for #137 to be merged and I'd
like to get some feedback about this PR first.
I am also unsure where I should put the docs, I did not find anything
for the other api stuff beside the api definition itself. Maybe this is
already enough?

**Checklist:**
- [ ] Documentation updated
- [x] Unit Tests added
- [ ] E2E Tests added
- [x] Includes
[emojis](https://github.com/kubernetes-sigs/kubebuilder-release-tools?tab=readme-ov-file#kubebuilder-project-versioning)
@lubedacht lubedacht added this to the v0.5.0 milestone Sep 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request kind/feature Categorizes issue or PR as related to a new feature.
Projects
None yet
Milestone
v0.5.0
Development

No branches or pull requests
4 participants
@farodin91 @piepmatz @Mattes83 @lubedacht