Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] subnet doesn't support different routable gateway #4728

Open
cybercoder opened this issue Nov 12, 2024 · 3 comments
Open

[BUG] subnet doesn't support different routable gateway #4728

cybercoder opened this issue Nov 12, 2024 · 3 comments
Labels
bug Something isn't working subnet

Comments

@cybercoder
Copy link

cybercoder commented Nov 12, 2024
edited
Loading

Kube-OVN Version

v1.12.28

Kubernetes Version

not important

Operation-system/Kernel Version

not important

Description

Needs to support gateway which has not in the subnet CIDR.

Steps To Reproduce

apiVersion: kubeovn.io/v1
kind: ProviderNetwork
metadata:
  name: external
spec:
  defaultInterface: eth1
---
apiVersion: kubeovn.io/v1
kind: Vlan
metadata:
  name: vlan0
spec:
  id: 0
  provider: external
---
# create a huge fake subnet to carry the traffic.
apiVersion: kubeovn.io/v1
kind: Subnet
metadata:
  name: external
spec:
  protocol: IPv4
  cidrBlock: 192.168.128.0/17
  gateway: 192.168.128.2
  vlan: vlan0
  excludeIps:
  - 192.168.128.1..192.168.128.10

And now create the real external subnets:

apiVersion: kubeovn.io/v1
kind: Subnet
metadata:
  name: subnet-x
spec:
  protocol: IPv4
  cidrBlock: 172.18.0.0/24
  gateway: 192.168.128.2
  vlan: vlan0

Current Behavior

error syncing 'subnet-x':  gateway 192.168.128.2 is not in cidr 172.18.0/24, requeuing

Expected Behavior

need to support another gateway (which is routable).
@cybercoder cybercoder added the bug Something isn't working label Nov 12, 2024
@cybercoder cybercoder changed the title [BUG] [BUG] subnet doesn't support different routable gateway Nov 12, 2024
@dosubot dosubot bot added the subnet label Nov 12, 2024
@dosubot DosuBot
Copy link

dosubot bot commented Nov 12, 2024

The error you're encountering is due to Kube-OVN's current validation logic, which requires the gateway IP to be within the subnet's CIDR block. This is enforced in the ValidateSubnet function, where the gateway IP is checked against the subnet's CIDR using the CIDRContainIP function [1].

Currently, there is no configuration option in Kube-OVN to bypass this validation or support gateways outside the subnet CIDR [1]. The rationale behind this enforcement is to ensure proper network configuration and avoid potential conflicts or misconfigurations [2].

To achieve your desired setup, you might need to modify the validation logic in the codebase or explore alternative network configurations that align with Kube-OVN's current capabilities.

To continue talking to Dosu, mention @dosu.

@oilbeater
Copy link
Collaborator

@cybercoder what do you mean by huge fake subnet and why you need to set another subnet subnet-x with a different cidr.

@cybercoder
Copy link
Author

cybercoder commented Nov 13, 2024
edited
Loading

@cybercoder what do you mean by huge fake subnet and why you need to set another subnet subnet-x with a different cidr.

It allows to assign private IP addresses to the external subnet,
and use multiple subent-x, y , ... to assign public addresses with small CIDR(s) to use with EIP,FIP.

With this approach we can assign multiple Public Subnets to our environment. one /27 another /29 and so on.
There's not a huge public IPv4 address subnet IRL.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working subnet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cybercoder @oilbeater