RED HAT CERTIFIED SPECIALIST IN OPENSHIFT ADMINISTRATION EXAM NOTES PART 4
Troubleshoot Software Defined Networking
Openshift 4 has many Openshift projects to handle all the necessary requirements for running Openshift. One of the important projects is the openshift-network-operator. This is controlled by the CNO (Cluster Network Operator) Some commands to help troubleshoot networking. nude video Mads-girl nextdoor ur fav brunette
oc get -n openshift-network-operator deployment/network-operator
oc get clusteroperator/network
oc describe network.config/cluster
oc logs --namespace=openshift-network-operator deployment/network-operatorThis can show you the current status of the CNO and see if therre are any errors. We can also check the DNS operator and its setup.
oc get -n openshift-dms-operator deployment/dns-operator
oc get clusteroperator/dns
oc describe clusteroperator/dns
oc logs --namespace=openshift-dns-operator deployment/dns-operatorAfter checking the DNS setup we can look at routes and services
oc get endpoints -n <project>
oc get pods -n <project> --template'{{range.items}}HostIP:{{.status.hostIP}} Pod:IP {{.status.podIP}}{{"/n"}}{{end}}'
oc get route -n <project>
oc get servers -n <project>The line with the .status will list the Pod ips and the associated Host it is located on. Or you can do
oc get pods -n <project> -o wideWhat about routes and how do we create external routes? One thing I have noticed in Openshift 4 compared to Openshift 3.11 is Openshift 4 has Ingress and Routes in its admin menu. The one thing that I liked about Openshift is that it made creating routes easy. Kubernetes you had to install an ingress controller such as ingress-nginx. You would need to know how to annotate the Ingress yaml to get the routes to come up. With Openshift, you did not have to worry about this. It had the ingress controller and you just defined a route.
Now in Openshift 4 you have bot a route or ingress yaml setup to provide the route you want. If you define the ingress, Openshift creates a route or you can just define a route. You can define a route by exposing a service.
oc expose service <service-name>
oc expose service <service-name> -l name=<label> --name=<route-name>
oc expose service <service-name> --name=<route-name> --port=<port> --protocol="<protocal>" --generator="service/v2"
oc expose service <service-name> --port=<port> --generator="route/v1"
oc expose service <service-name> --path=<path>
oc expose service <service-name> --hostname=<dns-host-name.com>
There are a lot of options for ‘oc expose service’. I would suggest you look at the help menu on it and get familiar with it. Multiple labels can be added by inserting a comma inbetween.
Ex. ‘-l name=testroute,env=dev,app=mobile’
The routes can be modified by using the ‘oc annotate’ command
oc annotate route <route> --overwrite haproxy.route.openshift.io/timeout=<timeout><time_unit>
oc annotate route <route> --overwrite route.openshift.io/<cookie_name>="-<cookie-annotation>"
You can find other route-specific annotations here https://docs.openshift.com/container-platform/4.6/networking/routes/route-configuration.html
Now lets get into the Ingress. The Ingress Operator implements the ingress controller. The Ingress API is the component responsible for enabling external access to OpenShift Container Platform cluster services. the Ingress Operator manages one or more haproxy based ingress controllers. The OpenShift ingress controller implementation is designed to watch ingress objects and create one or more routes to fulfill the conditions specified. Here is a basic ingress yaml file
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: example
namespace: <project>
spec:
rules:
- host: example.com
http:
paths:
- path: /path
backend:
serviceName: test
servicePort: 80You should have all routes using TLS termination. This means you should put certificates in your routes to secure them. Once you have your certs you can add them to the route with
oc create route edge --service=frontend --cert=tls.crt --key=tls.key --hostname=www.example.comRelated Posts
About The Author
