ironcore
ironcore copied to clipboard
ironcore-dev
Consistently implement an interface to provide a `Virtual IP` resource to be consumed across all networking resources
Summary
A NetworkInterface exposes the possibility to configure either a predefined Virtual IPresource or have it ephemerally managed by a template configuration (see https://github.com/ironcore-dev/ironcore/blob/main/api/networking/v1alpha1/networkinterface_types.go#L50-L56).
Other Networking resources such as Loadbalancers or NATGateways do not expose such an interface and therefore it is not possible to attach a predefined Virtual IP to said resources. Here we request to introduce the same contract consistently across relevant Networking resources.
Basic example
This example shows the configuration for a NATGateway to define an ephemerally managed Virtual IP. This definition is the same as omitting the configuration altogether as a NATGateway always has a public IP address allocated. The difference here is that claiming this public IP address is done by creating and claiming a Virtual IP resource.
apiVersion: networking.ironcore.dev/v1alpha1
kind: NATGateway
metadata:
name: nat-gw
spec:
ipFamily: IPv4
networkRef:
name: network
portsPerNetworkInterface: 1024
type: Public
virtualIP:
ephemeral:
virtualIPTemplate:
metadata:
creationTimestamp: null
spec:
ipFamily: IPv4
type: Public
The next example shows the configuration of a predefined Virtual IP resource named vip:
apiVersion: networking.ironcore.dev/v1alpha1
kind: NATGateway
metadata:
name: nat-gw
spec:
ipFamily: IPv4
networkRef:
name: network
portsPerNetworkInterface: 1024
type: Public
virtualIP:
virtualIPRef:
name: vip
Motivation
Very strict configuration for e.g. VPN setups with well-defined IP addresses require the possibility to configure an exact prefix for Networking resources.
