-
Feature
-
Resolution: Unresolved
-
Critical
-
None
-
None
-
BU Product Work
-
False
-
-
False
-
100% To Do, 0% In Progress, 0% Done
-
8
-
0
Feature Overview (aka. Goal Summary)
Problem 1
- Networking features has to be explicitly configured and that needs to be on the management cluster.
- Not all fields and options on Network.config.openshift.io can be configured on HCP APIs today.
- We need to provide a way for customers to do that.
Problem 2
- Some features in Network.operator.openshift.io would not work on HCP (no-op). Example: Hybrid Networking Configuration in OpenShift.
- For example `internalJoinSubnet` and `internalTransitSwitchSubnet`
- We should identify those features, address or document them
Requirements (aka. Acceptance Criteria):
- The Ability for customers to configure fields relating to networking.config.openshift.io on exposed API (Hosted Cluster).
- Features in network.config.openshift.io that do not work in HCP should be identified
- Features in network.config.openshift.io that do not work in HCP should implemented (and delegated as dependencies if needed).
Deployment Considerations
Deployment configurations | Applicable specific needs |
---|---|
Self-managed, managed, or both | Both |
Classic (standalone cluster) | N/A |
Hosted control planes | Required |
Multi node, Compact (three node), or Single node (SNO), or all | N/A |
Connected / Restricted Network | Both |
Architectures | x86_x64, ARM (aarch64) |
Operator compatibility | Ensure compatibility with Network.operator.openshift.io |
Backport needed | To be determined |
UI need | N/A |
Other | N/A |
Additional Context
Overview:
Customers of HCP and ROSA-HCP will want to be able to configure:
- IPSec (full mode) for node-to-node networking
- The OVN CIDR network - to avoid collision with already used CIDRs.
These will unblock customers who have strict requirements for these features.
Requirements:
ROSA-HCP (hosted cluster) clusters need to offer the following configurables to customers as available in OCP:
- Allow customers to customize OVN internal subnet CIDRs: internalTransitSwitchSubnet & internalJoinSubnet
- Allow customers to connect VPC hosting ROSA clusters with other VPCs already using CIDRs 100.88.0.0/16 and/or 100.64.0.0/16
- ensure changes are in place to accomodate the acceptance criteria in XCMSTRAT-961
- Ability to configure this both during cluster creation (create cluster) and post cluster creation (edit cluster)
- Customers are required an acknowledgement if worker nodes will be rebooted
- Configurations to modify is not simultaneously allowed when a cluster update is either in progress or scheduled
- Ensure the machine CIDR and V4InternalSubnet fields are different
- Existing preflight for these CIDR ranges' use in MachineCIDR is removed
network-verifier is adjusted for any validations - Ability to configure only on versions OCP 4.16+
- is depended on by
-
RFE-6501 HCP support for configuring internal subnets used by OVN
- Accepted
- is related to
-
OCPSTRAT-1618 Ensure IPSec on Hosted Clusters (HCP) is in Parity with Standalone OCP
- In Progress