IP Address Management

Mirantis Container Cloud on bare metal uses IP Address Management (IPAM) to keep track of the network addresses allocated to bare metal hosts. This is necessary to avoid IP address conflicts and expiration of address leases to machines through DHCP.

Note

Only IPv4 address family is currently supported by Container Cloud and IPAM. IPv6 is not supported and not used in Container Cloud.

IPAM is provided by the kaas-ipam controller. Its functions include:

  • Allocation of IP address ranges or subnets to newly created clusters using SubnetPool and Subnet resources.

  • Allocation IP addresses to machines and cluster services at the request of baremetal-provider using the IpamHost and IPaddr resources.

  • Creation and maintenance of host networking configuration on the bare metal hosts using the IpamHost resources.

The IPAM service can support different networking topologies and network hardware configurations on the bare metal hosts.

In the most basic network configuration, IPAM uses a single L3 network to assign addresses to all bare metal hosts, as defined in Managed cluster networking.

You can apply complex networking configurations to a bare metal host using the L2 templates. The L2 templates imply multihomed host networking and enable you to create a managed cluster where nodes use separate host networks for different types of traffic. Multihoming is required to ensure the security and performance of a managed cluster.

Warning

  • Starting from Container Cloud 2.17.0, modification of L2 templates in use is prohibited in the API to prevent accidental cluster failures due to unsafe changes. The list of risks posed by modifying L2 templates includes:

    • Services running on hosts cannot reconfigure automatically to switch to the new IP addresses and/or interfaces.

    • Connections between services are interrupted unexpectedly, which can cause data loss.

    • Incorrect configurations on hosts can lead to irrevocable loss of connectivity between services and unexpected cluster partition or disassembly.

  • Starting from Container Cloud 2.19.0, modification of L2 templates in use is allowed with a mandatory validation step from the Infrastructure Operator. For details, see Modify network configuration on an existing machine since 2.19.0.

See also

Add a managed baremetal cluster