Configure multiple DHCP ranges using Subnet resources

Caution

This feature is available starting from the Container Cloud release 2.13.0.

To facilitate multi-rack and other types of distributed bare metal datacenter topologies, the dnsmasq DHCP server used for host provisioning in Container Cloud supports working with multiple L2 segments through network routers that support DHCP relay.

To configure DHCP ranges for dnsmasq, create the Subnet objects tagged with the ipam/SVC-dhcp-range label while setting up subnets for a managed cluster using CLI.

For every dhcp-range record, Container Cloud also configures the dhcp-option record to pass the default route through the default gateway from the corresponding subnet to all hosts that obtain addresses from that DHCP range. You can also specify DNS server addresses for servers that boot over PXE. They will be configured by Container Cloud using another dhcp-option record.

Note

  • The Subnet objects for DHCP ranges should not reference any specific cluster, as DHCP server configuration is only applicable to the management or regional cluster. The kaas.mirantis.com/region label that specifies the region will be used to determine where to apply the DHCP ranges from the given Subnet object. The Cluster reference will be ignored.

  • The baremetal-operator chart allows using multiple DHCP ranges in the dnsmasq.conf file. The chart iterates over a list of the dhcp-range parameters from its values and adds all items from the list to the dnsmasq configuration.

  • The baremetal-operator chart allows using single DHCP range for backwards compatibility. By default, the KAAS_BM_BM_DHCP_RANGE environment variable is still used to define the DHCP range for a management or regional cluster nodes during provisioning.

To configure DHCP ranges for dnsmasq:

  1. Create the Subnet objects tagged with the ipam/SVC-dhcp-range label.

    To create the Subnet objects, refer to Create subnets.

    Use the following Subnet object example to specify DHCP ranges and DHCP options to pass the default route and DNS server addresses:

    apiVersion: "ipam.mirantis.com/v1alpha1"
    kind: Subnet
    metadata:
      name: mgmt-dhcp-range
      namespace: default
      labels:
        ipam/SVC-dhcp-range: ""
        kaas.mirantis.com/provider: baremetal
        kaas.mirantis.com/region: region-one
    spec:
      cidr: 10.0.0.0/24
      gateway: 10.0.0.1
      includeRanges:
        - 10.0.0.121-10.0.0.125
        - 10.0.0.191-10.0.0.199
      nameservers:
      - 172.118.24.6
      - 8.8.8.8
    

    After creating the above Subnet object, the following dnsmasq parameters will be set using the baremetal-operator Helm chart:

    dhcp-range=set:mgmt-dhcp-range-0,10.0.0.121,10.0.0.125,255.255.255.0
    dhcp-range=set:mgmt-dhcp-range-1,10.0.0.191,10.0.0.199,255.255.255.0
    dhcp-option=tag:mgmt-dhcp-range-0,option:router,10.0.0.1
    dhcp-option=tag:mgmt-dhcp-range-1,option:router,10.0.0.1
    dhcp-option=tag:mgmt-dhcp-range-0,option:dns-server,172.118.24.6,8.8.8.8
    dhcp-option=tag:mgmt-dhcp-range-1,option:dns-server,172.118.24.6,8.8.8.8
    
    The dnsmasq parameters composed from the Subnet object

    Parameter

    Description

    dhcp-range=set:mgmt-dhcp-range-0,10.0.0.121,10.0.0.125,255.255.255.0

    DHCP range is set according to the cidr and includeRanges parameters of the Subnet object. The mgmt-dhcp-range-0 tag is formed from the Subnet object name and address range index within the Subnet object.

    dhcp-option=tag:mgmt-dhcp-range-0,option:router,10.0.0.1

    The default router option is set according to the gateway parameter of the Subnet object. The tag is the same as in the dhcp-range parameter.

    dhcp-option=tag:mgmt-dhcp-range-0,option:dns-server,172.118.24.6,8.8.8.8

    Optional, available when the nameservers parameter is set in the Subnet object. The DNS server option is set according to the nameservers parameter of the Subnet object. The tag is the same as in the dhcp-range parameter.

  2. Verify that the changes are applied to dnsmasq.conf:

    kubectl --kubeconfig <pathToMgmtOrRegionalClusterKubeconfig> \
    -n kaas get cm dnsmasq-config -ojson| jq -r '.data."dnsmasq.conf"'