netscaler-k8s-node-controller icon indicating copy to clipboard operation
netscaler-k8s-node-controller copied to clipboard

Published 20 hours ago verified publisher icon netscaler

Support for OpenShiftSDN

Open goldyfruit opened this issue 1 year ago • 3 comments

Hi,

I would like to know if there is a roadmap to support OpenShiftSDN CNI (which is the default confgured in OpenShift)?

Thanks :)

goldyfruit avatar Mar 03 '23 15:03 goldyfruit

Hello @goldyfruit thank you for your feedback. May I know your use case details over [email protected] for detailed discussion.

mayurmohanpatil avatar Mar 06 '23 05:03 mayurmohanpatil

Hi @mayurmohanpatil, thanks for your reply.

I can explain my use case here in case someone else is in the same situation.

We have a Citrix ADC VPX and an OpenShift 4.10 platform, we installed the Citrix ingress controller and every thing works fine from a configuration perspective (Content Switch. LoadBalancer, Service Binding, Members, etc...).

But because our pod network is private to OpenShift and not routable, from NetScaler the loadbalancers are DOWN because NetScaler can't directly perform health-checks on the pods.

One solution is to configure our service as NodePort which provision the loadbalancer members with the machine IP address and port, because this network is reachable from the NetScaler, the loadbalancers are UP.

We wanted to test the node controller because from what I understood, an "agent" is deployed on each node which is connected to the existing overlay network (OpenShiftSDN, Calico, etc...) and expose the pod network to the NetScaler via a VxLAN tunnel. By using this method we don't have to use NodePort and can stick to ClusterIP.

I hope you got enough details :+1:

goldyfruit avatar Mar 07 '23 00:03 goldyfruit

Hello Gaetan,

We have seen the NodePort as common deployment for dealing with such connectivity issues. May I know any reason for not going with NodePort solution?

Thanks & Regards, Mayur P.

On Tue, Mar 7, 2023 at 5:33 AM Gaëtan Trellu @.***> wrote:

[CAUTION - EXTERNAL EMAIL] DO NOT reply, click links, or open attachments unless you have verified the sender and know the content is safe.

Hi @mayurmohanpatil https://github.com/mayurmohanpatil, thanks for your reply.

I can explain my use case here in case someone else is in the same situation.

We have a Citrix ADC VPX and an OpenShift 4.10 platform, we installed the Citrix ingress controller and every thing works fine from a configuration perspective (Content Switch. LoadBalancer, Service Binding, Members, etc...).

But because our POD network in private to OpenShift and not routable, from NetScaler the loadbalancers are DOWN because NetScaler can't directly perform health-checks on the PODs.

One solution is to configure our service as NodePort which provision the loadbalancer members with the machine IP address and port, because this network is reachable from the NetScaler, the loadbalancers are UP.

We wanted to test the node controller because from what I understood, an "agent" is deployed on each node which is connected to the existing overlay network (OpenShiftSDN, Calico, etc...) and expose the POD status to the NetScaler via a VxLAN tunnel. By using this method we don't have to use NodePort and can stick to ClusterIP.

— Reply to this email directly, view it on GitHub https://github.com/citrix/citrix-k8s-node-controller/issues/35#issuecomment-1457241705, or unsubscribe https://github.com/notifications/unsubscribe-auth/ALVNSBNAPIDB7MFLDK2CUVTW2Z3N3ANCNFSM6AAAAAAVOYSH3U . You are receiving this because you were mentioned.Message ID: @.***>

mayurmohanpatil avatar Mar 09 '23 06:03 mayurmohanpatil