-
Feature
-
Resolution: Unresolved
-
Major
-
None
-
None
-
Strategic Portfolio Work
-
False
-
-
False
-
OCPSTRAT-848Consistent Ingress/Egress into OpenShift clusters across providers
-
33% To Do, 0% In Progress, 67% Done
-
S
-
0
-
Backlog Refinement
Feature Overview (aka. Goal Summary)
Add support to the Installer to disable SNAT for outbound traffic at install time on Azure
Goals (aka. expected user outcomes)
As a user I want to disable SNAT on Azure for outbound traffic so I can scale past the 59 worker node limit on private clusters with a LoadBalancer outbound type
Requirements (aka. Acceptance Criteria):
- Ability to set disableOutboundSNAT in the install-config
- Adding additional IP addresses to the outbound rule rather than using the default
Background
When using SNAT for outbound traffic in OpenShift on Azure there is a point where port exhaustion is reached and additional compute nodes can't be added to the cluster. Removing SNAT usage for outbound traffic will remove this limit.
SNAT is being replaced by NAT Gateways from 4.14 OCPSTRAT-578 but the ARO team still needs this option to disable SNAT and configure LBs for outbound traffic.
Customer Considerations
This feature is mainly to be used for ARO customers
Documentation Considerations
Usual documentation to instruct the user on how to use the feature will be required
Implementation Considerations
Terraform is used for setting up and referencing networking in Azure
- is related to
-
OCPSTRAT-1448 Eliminate installer-aro fork of OpenShift Installer (Phase I)
- In Progress