From addbbc8a5fbfc2eb907dd8cedd7c679983d2e8ef Mon Sep 17 00:00:00 2001 From: Tom Pantelis Date: Thu, 26 Sep 2024 11:31:23 -0400 Subject: [PATCH] Add docs for clusterset IP feature User guide and subctl commands. Signed-off-by: Tom Pantelis --- .../operations/deployment/subctl/_index.en.md | 25 +++++++++++-------- src/content/operations/usage/_index.en.md | 11 ++++++++ 2 files changed, 26 insertions(+), 10 deletions(-) diff --git a/src/content/operations/deployment/subctl/_index.en.md b/src/content/operations/deployment/subctl/_index.en.md index be862b7ca..ef388d431 100644 --- a/src/content/operations/deployment/subctl/_index.en.md +++ b/src/content/operations/deployment/subctl/_index.en.md @@ -73,16 +73,18 @@ contains the following details: #### `deploy-broker` flags -| Flag | Description -|:--------------------------------------|:---------------------------------------------------------------------------------------------------| -| `--repository` `` | The repository from where the various Submariner images will be sourced (default `quay.io/submariner`) -| `--version` `` | Image version (defaults to the subctl version) -| `--components ` | Comma-separated list of components to be installed - any of `service-discovery`,`connectivity`. The default is: `service-discovery`,`connectivity` -| `--globalnet` | Enable support for overlapping Cluster/Service CIDRs in connecting clusters (default disabled) -| `--globalnet-cidr-range` `` | Global CIDR supernet range for allocating GlobalCIDRs to each cluster (default "242.0.0.0/8") -| `--globalnet-cluster-size` `` | Default cluster size for GlobalCIDR allocated to each cluster (amount of global IPs) (default 65536) -| `--ipsec-psk-from` `` | Import IPsec PSK from existing Submariner broker file, like broker-info.subm (default `broker-info.subm`) -| `--broker-namespace` `` | Namespace on the Broker used for synchronizing resources between clusters (default `submariner-k8s-broker`) +| Flag | Description +|:-------------------------------------|:---------------------------------------------------------------------------------------------------| +| `--repository` `` | The repository from where the various Submariner images will be sourced (default `quay.io/submariner`) +| `--version` `` | Image version (defaults to the subctl version) +| `--components ` | Comma-separated list of components to be installed - any of `service-discovery`,`connectivity`. The default is: `service-discovery`,`connectivity` +| `--globalnet` | Enable support for overlapping Cluster/Service CIDRs in connecting clusters (default disabled) +| `--globalnet-cidr-range` `` | Global CIDR supernet range for allocating GlobalCIDRs to each cluster (default "242.0.0.0/8") +| `--globalnet-cluster-size` `` | Default cluster size for GlobalCIDR allocated to each cluster (amount of global IPs) (default 65536) +| `--ipsec-psk-from` `` | Import IPsec PSK from existing Submariner broker file, like broker-info.subm (default `broker-info.subm`) +| `--broker-namespace` `` | Namespace on the Broker used for synchronizing resources between clusters (default `submariner-k8s-broker`) +| `--enable-clusterset-ip` | Set default support for use of cluster set IP for exported services in connecting clusters (default disabled) +| `--clusterset-ip-cidr-range` `` | Cluster set IP CIDR supernet range for allocating cluster set IP CIDRs to each cluster ### `export` @@ -97,6 +99,7 @@ discoverable from other clusters in the Submariner deployment. | Flag | Description |:-------------------------|:-------------------| | `--namespace` `` | Namespace to use +| `--use-clusterset-ip` `` | Use cluster set IP for this service (true or false) If no `namespace` flag is specified, it uses the default namespace from the current context, if present, otherwise it uses `default`. @@ -142,6 +145,8 @@ deployment. | `--preferred-server` | Enable this cluster as a preferred IPsec server for dataplane connections (only available with libreswan cable driver) | `--pod-debug` | Enable Submariner pod debugging (verbose logging in the deployed pods) | `--servicecidr` | Specifies the cluster's CIDR used to generate Service IP addresses. If not specified, `subctl` will try to discover it and if unable to do so, it will prompt the user +| `--enable-clusterset-ip` | Set default support for use of cluster set IP for exported services in connecting clusters (default disabled) +| `--clusterset-ip-cidr` `` | Cluster set IP CIDR to be allocated to the cluster #### `join` flags (Globalnet) diff --git a/src/content/operations/usage/_index.en.md b/src/content/operations/usage/_index.en.md index bc075e228..ff43b5d10 100644 --- a/src/content/operations/usage/_index.en.md +++ b/src/content/operations/usage/_index.en.md @@ -684,6 +684,17 @@ are ignored. always returns the ClusterIP Service on **cluster2**. Similarly, `cluster3.nginx.nginx-test.svc.clusterset.local` always returns the ClusterIP Service on **cluster3**. +##### Cluster Set Virtual IP + +Submariner can also allocate a cluster set virtual IP for an exported service that is stored in the `ServiceImport` resource. This is +an opt-in feature that can be enabled per service via the `lighthouse.submariner.io/use-clusterset-ip` annotation on the `ServiceExport` +or automatically for all services via the `enable-clusterset-ip` option on `subctl deploy-broker`. Submariner will allocate a virtual IP +from a pool of IP addresses based on a configurable CIDR assigned to the cluster from a global CIDR range. The first cluster to export +a service will allocate and assign the virtual IP. + +Lighthouse DNS will return the cluster set virtual IP from queries instead of a constituent cluster IP address. However, Submariner +does not route this virtual IP and relies on some external component to do so. + #### Test StatefulSet and Headless Service Submariner also supports Headless Services with StatefulSets, making it possible to access individual Pods via their stable DNS name.