Skip to content

Commit

Permalink
update ip english doc (#155)
Browse files Browse the repository at this point in the history 
* up ip english doc

Signed-off-by: bobz965 <[email protected]>

* update

Signed-off-by: bobz965 <[email protected]>

* fix lint

Signed-off-by: bobz965 <[email protected]>

---------

Signed-off-by: bobz965 <[email protected]>
Co-authored-by: Oilbeater <[email protected]>
  • Loading branch information
@zbb88888 @oilbeater
zbb88888 and oilbeater authored Jan 30, 2024
1 parent f841364 commit 4534245
Show file tree
Hide file tree
Showing 2 changed files with 330 additions and 18 deletions.
184 changes: 184 additions & 0 deletions docs/guide/ip.en.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,184 @@
# Reserved IP for Specific Resources

IP is used to maintain the IP address of Pod or VirtualMachine (VM). The lifecycle maintenance of IP includes the following business scenarios:

- 1. IP is created with Pod and deleted with Pod.
- 2. VM IP is retained by configuring ENABLE_KEEP_VM_IP. This type of IP is created with VM Pod, but not deleted with VM Pod.
- 3. Statefulset Pod IP will automatically decide whether to retain Pod IP based on the capacity of Statefulset and the sequence number of Pod.

In actual business use, it is often necessary to reserve IP resources in advance. The business scenarios for reserving IP include the following two types:

- 4. Pod or VM has been created and needs to reserve IP
- 5. Pod or VM has not been created yet and needs to reserve IP

In the above scenarios, the naming correspondence between IP and Pod remains consistent:

- Naming format of Pod IP: Pod-name.Pod-namespace(.subnet-provider)
- Naming format of VM Pod IP: vm-name.Pod-namespace.(subnet-provider)

If you are unsure about these parameters and just want to simply reserve IP, please use IP Pool.

Specifically, this function is to reserve IP for specific Pod or VM. In the creation process of reserved IP, it is necessary to specify resource name, resource type, namespace, subnet and other necessary parameters. For fixed IP reservation, it is necessary to specify IP address and MAC address (if necessary).

Note: The previous implementation of Pod using vip to occupy IP is deprecated. (These two functions overlap)

## 1. Create Reserved IP

- Pod or VM has been created and needs to reserve IP
- Pod or VM has not been created yet and needs to reserve IP

Reserving IP is just an extended function, which supports Pod to use the reserved IP, but the usage method, naming rules and business logic of IP created with Pod are consistent.
Therefore, when creating a reserved IP, it is necessary to clearly know what resources will use this IP in the future, and the type, Pod name or VM name, namespace, subnet and other information must be accurately filled in.
When using this IP, the business needs to verify whether the Pod and VM bound to the IP are consistent with the attributes of the IP itself, otherwise the Pod or VM cannot use this IP.

The creation process of IP CR controller only handles the business scenario of reserving IP, and does not handle the IP resources created with Pod. In the process of IP resources created with Pod, the creation of LSP is before the creation of IP CR, so it can be judged based on whether LSP exists. In the processing process of IP CR controller, it will first judge whether LSP exists. If it exists, it will not handle this business logic: the business logic of IP created with Pod. The creation of reserved IP supports automatic allocation of IP and manual specification of IP. The creation process of IP will only implement IP occupation, but will not create LSP. The creation of LSP is still maintained in the process of Pod creation. The creation process of IP CR is just to reserve IP. This kind of IP will automatically add a keep-ip label, indicating that it is permanently reserved and will not be cleaned up with the deletion of Pod. This kind of reserved IP needs to be managed by the business or administrator, and GC will not automatically handle this IP.

### 1.1 Auto Allocate Address for Reserved IP

If you just want to reserve some IPs and have no requirements for the IP address itself, you can use the following yaml to create:

```yaml

# cat 01-dynamic.yaml

apiVersion: kubeovn.io/v1
kind: IP
metadata:
name: vm-dynamic-01.default
spec:
subnet: ovn-default
podType: "VirtualMachine"
namespace: default
podName: vm-dynamic-01

```

- `subnet`: The IP address is reserved from the Subnet.
- `podType`: Used to specify the Owner type of the Pod: "StatefulSet", "VirtualMachine".
- `podName`: Pod name or VirtualMachine name.
- `namespace`: Used to specify the namespace where the IP resource resides,Pod namespace or VirtualMachine namespace.

> Note: These IP properties are not allowed to change
Query the IP address after the IP address is created:

```bash

# kubectl get subnet ovn-default
NAME PROVIDER VPC PROTOCOL CIDR PRIVATE NAT DEFAULT GATEWAYTYPE V4USED V4AVAILABLE V6USED V6AVAILABLE EXCLUDEIPS U2OINTERCONNECTIONIP
ovn-default ovn ovn-cluster IPv4 10.16.0.0/16 false true true distributed 7 65526 0 0 ["10.16.0.1"]

# kubectl get ip vm-dynamic-01.default -o yaml
apiVersion: kubeovn.io/v1
kind: IP
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"kubeovn.io/v1","kind":"IP","metadata":{"annotations":{},"name":"vm-dynamic-01.default"},"spec":{"namespace":"default","podName":"vm-dynamic-01","podType":"VirtualMachine","subnet":"ovn-default"}}
creationTimestamp: "2024-01-29T03:05:40Z"
finalizers:
- kube-ovn-controller
generation: 2
labels:
ovn.kubernetes.io/ip_reserved: "true" # reserved ip
ovn.kubernetes.io/node-name: ""
ovn.kubernetes.io/subnet: ovn-default
name: vm-dynamic-01.default
resourceVersion: "1571"
uid: 89d05a26-294a-450b-ab63-1eaa957984d7
spec:
attachIps: []
attachMacs: []
attachSubnets: []
containerID: ""
ipAddress: 10.16.0.13
macAddress: 00:00:00:86:C6:36
namespace: default
nodeName: ""
podName: vm-dynamic-01
podType: VirtualMachine
subnet: ovn-default
v4IpAddress: 10.16.0.13
v6IpAddress: ""

# kubectl ko nbctl show ovn-default | grep vm-dynamic-01.default
# The reserved IP address is assigned only in the IPAM, and the LSP is not created. Therefore, you cannot view the IP address

```

### 1.2 Specifies the reserved IP address

If there is a need for the IP address of the reserved IP, the following yaml can be used for fixed allocation:

```yaml
# cat 02-static.yaml

apiVersion: kubeovn.io/v1
kind: IP
metadata:
name: pod-static-01.default
spec:
subnet: ovn-default
podType: ""
namespace: default
podName: pod-static-01
v4IpAddress: 10.16.0.3
v6IpAddress:

# kubectl get ip pod-static-01.default -o yaml
apiVersion: kubeovn.io/v1
kind: IP
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"kubeovn.io/v1","kind":"IP","metadata":{"annotations":{},"name":"pod-static-01.default"},"spec":{"namespace":"default","podName":"pod-static-01","podType":"","subnet":"ovn-default","v4IpAddress":"10.16.0.3","v6IpAddress":null}}
creationTimestamp: "2024-01-29T03:08:28Z"
finalizers:
- kube-ovn-controller
generation: 2
labels:
ovn.kubernetes.io/ip_reserved: "true"
ovn.kubernetes.io/node-name: ""
ovn.kubernetes.io/subnet: ovn-default
name: pod-static-01.default
resourceVersion: "1864"
uid: 11fc767d-f57d-4520-89f9-448f9b272bca
spec:
attachIps: []
attachMacs: []
attachSubnets: []
containerID: ""
ipAddress: 10.16.0.3
macAddress: 00:00:00:4D:B4:36
namespace: default
nodeName: ""
podName: pod-static-01
podType: ""
subnet: ovn-default
v4IpAddress: 10.16.0.3
v6IpAddress: ""

```

- `v4IpAddress`: Specify an IPv4 address that is within the CIDR range of the subnet.
- `v6IpAddress`: Specify an IPv6 address that is within the CIDR range of the subnet.

### [Pod use reserved IP](../guide/ip.en.md)

> Note: The Pod(VMS) name and namespace must be the same as the reserved IP address, otherwise the Pod(VMS) cannot use the IP address.
After a Pod or VM is deleted, the IP CR remains.

```bash

root@base:~/test/ip# kubectl get po -n default -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod-static-01 1/1 Running 0 30s 10.16.0.3 kube-ovn-worker <none> <none>

```

## 2. Delete

The kube-ovn-controller GC process does not clean up individual IP resources. To clear an IP address and its LSPS, delete the IP CR resource.

The IP deletion process formats the ipam key and LSP name based on the podName, namespace, and subnet provider in the IP attribute, releases the IPAM slot, deletes the LSP, and clears the Finalizer of the IP.
164 changes: 146 additions & 18 deletions docs/guide/ip.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,44 +16,172 @@ IP 用于维护 Pod 或者 VirtualMachine(VM) 的 IP 地址。IP 的生命周期
- Pod IP 的命名格式: Pod-name.Pod-namespace(.subnet-provider)
- VM Pod IP 的命名格式: vm-name.Pod-namespace.(subnet-provider)

如果不确定这些参数,只是想简单预留 IP,请使用 IP Pool。

具体来说,这个功能是指定 Pod 或者 VM 预留 IP, 在预留 IP 的创建流程中,需要指定资源名,资源类型,命名空间,子网等必要参数。固定 IP 预留,需要指定 ip 地址,MAC 地址(如有需要)。

注意:之前实现的 Pod 使用 vip 占用 IP 的方式弃用。(这两种功能重叠)
> 注意:之前实现的 Pod 使用 vip 占用 IP 的方式弃用。(这两种功能重叠)
如果不确定这些参数,只是想简单预留 IP,请使用 IP Pool。
## 一、创建预留 IP

## 一、创建
- Pod 或者 VM 已经创建,需要预留 IP
- Pod 或者 VM 尚未创建,需要预留 IP

IP CR 控制器的创建过程仅处理预留 IP 业务场景(4, 5),不处理随 Pod 创建的 IP 资源。
随 Pod 创建的 IP 资源流程中,LSP 的创建在 IP CR 的创建之前,所以可以基于 LSP 有无来判断,在 IP CR 控制器的处理过程中,会先判断是否存在 LSP,如果存在则不处理该场景:IP 随 Pod 创建的流程。
预留 IP 只是一个扩展功能,支持 Pod 使用预留的 IP,但是使用方式,命名规则和 IP 随 Pod 而创建的业务逻辑一致。
所以预留 IP 创建时需要明确该 IP 后续被什么资源使用,必须准确填写类型,Pod 名或者 VM 名,namespace,子网等信息。
当使用这个 IP 的时候,业务需要校验 IP 绑定到的 Pod 和 VM 是否和 IP 本身的属性一致,否则 Pod 或者 VM 无法使用该 IP。

IP CR 控制器的创建过程仅处理预留 IP 业务场景,不处理随 Pod 创建的 IP 资源。
随 Pod 创建的 IP 资源流程中,LSP 的创建在 IP CR 的创建之前,所以可以基于 LSP 有无来判断,在 IP CR 控制器的处理过程中,会先判断是否存在 LSP,如果存在则不处理该业务逻辑:IP 随 Pod 创建的业务逻辑。
预留 IP 的创建支持自动分配 IP 以及手动指定 IP,IP 的创建过程中只会实现 IP 占位,而不会创建 LSP。 LSP 的创建还是维护在 Pod 创建流程中。
IP CR 的创建过程也就是仅实现 IP 的预留,这种 IP 会自动添加一个 keep-ip 的 label,表明永久预留不会随 Pod 删除而清理。需要业务或者管理员来管理这种预留 IP 的清理,GC 不会自动处理该 IP。

IP CR 的创建过程也就是仅实现 IP 的预留,这种 IP 会自动添加一个 keep-ip 的 label,表明永久预留不会随 Pod 删除而清理,需要业务来管理这种预留 IP 的清理。GC 不会自动处理该 IP。
### 1.1 预留 IP 自动分配地址

### 1.1 Pod 或者 VM 已经创建,需要预留 IP
如果只是为了预留若干 IP 而对 IP 地址本身没有要求可以使用下面的 yaml 进行创建:

目前支持用户手动创建 IP 资源,以便预留 IP。用户也可以手动删除 IP 资源。
```yaml

支持 Pod 使用预留的 IP,而且同时兼容之前 IP 随 Pod 而创建的流程。
# cat 01-dynamic.yaml

### 1.2 Pod 或者 VM 尚未创建,需要预留 IP
apiVersion: kubeovn.io/v1
kind: IP
metadata:
name: vm-dynamic-01.default
spec:
subnet: ovn-default
podType: "VirtualMachine"
namespace: default
podName: vm-dynamic-01

这个场景,Pod 或者 VM 尚未创建,IP 预留信息需要填写 Pod 名或者 VM 名, namespace,子网等信息。IP 的命名由这些信息格式化出来。当使用这个 IP 的时候,业务需要校验 IP 绑定到的 Pod 和 VM 是否和 IP 本身的属性一致,否则 Pod 或者 VM 无法使用该 IP。
```

```yaml
- `subnet`: 将从该 Subnet 中预留 IP。
- `podType`: 用于指定 Pod 的 Owner 类型: "StatefulSet", "VirtualMachine"。
- `podName`: IP 属性中的 podName 用于指定使用该 IP 资源的名字,Pod 或者 VirtualMachine 的名字。
- `namespace`: 用于指定使用该 IP 资源所在的 namespace,Pod 或者 VirtualMachine namespace。

注意: 这些 IP 属性不允许变更

创建成功后查询该 IP:

```bash

# kubectl get subnet ovn-default
NAME PROVIDER VPC PROTOCOL CIDR PRIVATE NAT DEFAULT GATEWAYTYPE V4USED V4AVAILABLE V6USED V6AVAILABLE EXCLUDEIPS U2OINTERCONNECTIONIP
ovn-default ovn ovn-cluster IPv4 10.16.0.0/16 false true true distributed 7 65526 0 0 ["10.16.0.1"]

# kubectl get ip vm-dynamic-01.default -o yaml
apiVersion: kubeovn.io/v1
kind: IP
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"kubeovn.io/v1","kind":"IP","metadata":{"annotations":{},"name":"vm-dynamic-01.default"},"spec":{"namespace":"default","podName":"vm-dynamic-01","podType":"VirtualMachine","subnet":"ovn-default"}}
creationTimestamp: "2024-01-29T03:05:40Z"
finalizers:
- kube-ovn-controller
generation: 2
labels:
ovn.kubernetes.io/ip_reserved: "true" # 预留 IP 标识
ovn.kubernetes.io/node-name: ""
ovn.kubernetes.io/subnet: ovn-default
name: vm-dynamic-01.default
resourceVersion: "1571"
uid: 89d05a26-294a-450b-ab63-1eaa957984d7
spec:
attachIps: []
attachMacs: []
attachSubnets: []
containerID: ""
ipAddress: 10.16.0.13
macAddress: 00:00:00:86:C6:36
namespace: default
nodeName: ""
podName: vm-dynamic-01
podType: VirtualMachine
subnet: ovn-default
v4IpAddress: 10.16.0.13
v6IpAddress: ""

# kubectl ko nbctl show ovn-default | grep vm-dynamic-01.default
# 预留 IP,仅在 IPAM 中分配地址,不创建 LSP,所以查看不到

```

# 预留 IP 创建 Yaml 示例
### 1.2 指定地址预留 IP

如对预留的 IP 的 IP 地址有需求可使用下面的 yaml 进行固定分配:

```yaml
# cat 02-static.yaml

apiVersion: kubeovn.io/v1
kind: IP
metadata:
name: pod-static-01.default
spec:
subnet: ovn-default
podType: ""
namespace: default
podName: pod-static-01
v4IpAddress: 10.16.0.3
v6IpAddress:

# kubectl get ip pod-static-01.default -o yaml
apiVersion: kubeovn.io/v1
kind: IP
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"kubeovn.io/v1","kind":"IP","metadata":{"annotations":{},"name":"pod-static-01.default"},"spec":{"namespace":"default","podName":"pod-static-01","podType":"","subnet":"ovn-default","v4IpAddress":"10.16.0.3","v6IpAddress":null}}
creationTimestamp: "2024-01-29T03:08:28Z"
finalizers:
- kube-ovn-controller
generation: 2
labels:
ovn.kubernetes.io/ip_reserved: "true"
ovn.kubernetes.io/node-name: ""
ovn.kubernetes.io/subnet: ovn-default
name: pod-static-01.default
resourceVersion: "1864"
uid: 11fc767d-f57d-4520-89f9-448f9b272bca
spec:
attachIps: []
attachMacs: []
attachSubnets: []
containerID: ""
ipAddress: 10.16.0.3
macAddress: 00:00:00:4D:B4:36
namespace: default
nodeName: ""
podName: pod-static-01
podType: ""
subnet: ovn-default
v4IpAddress: 10.16.0.3
v6IpAddress: ""

```

- IP 属性中的 podType 用于指定 Pod 或者 VirtualMachine 的类型
- IP 属性中的 podName 用于指定使用该 IP 资源的名字,Pod 或者 VirtualMachine
- IP 属性中的 namespace 用于指定使用该 IP 资源的 namespace
- `v4IpAddress`: 指定 IPv4 地址,该地址需在 `subnet` 的 CIDR 范围内。
- `v6IpAddress`: 指定 IPv6 地址,该地址需在 `subnet` 的 CIDR 范围内。

### [Pod 使用预留 IP](../guide/ip.md)

> 注意: Pod 的名字以及 namespace 必须和预留 IP 的属性一致,否则 Pod 无法使用该 IP。VM 也是如此。
IP 属性更新:如果使用 IP 的 Pod 或者 VM 发生变化,则会随之变更
删除 Pod 或者 VM 后, 该 IP CR 依然保留。

```bash

root@base:~/test/ip# kubectl get po -n default -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod-static-01 1/1 Running 0 30s 10.16.0.3 kube-ovn-worker <none> <none>

```

## 二、删除

GC 流程不会清理独立的 IP 资源。如果需要清理 IP 以及它的 LSP,请直接删除 IP CR 资源。
kube-ovn-controller GC 流程不会清理独立的 IP 资源。如果需要清理 IP 以及它的 LSP,请直接删除 IP CR 资源。

IP 的删除流程会基于 IP 属性中的 podName 和 namespace 以及 subnet provider 格式化出 ipam key,LSP 名,释放 IPAM 占位,删除 LSP,以及清理 IP 本身的 Finalizer。

0 comments on commit 4534245

Please sign in to comment.