Create an L2 template for a Kubernetes manager node¶
Caution
Modification of L2 templates in use is only allowed with a mandatory validation step from the infrastructure operator to prevent accidental cluster failures due to unsafe changes. The list of risks posed by modifying L2 templates includes:
Services running on hosts cannot reconfigure automatically to switch to the new IP addresses and/or interfaces.
Connections between services are interrupted unexpectedly, which can cause data loss.
Incorrect configurations on hosts can lead to irrevocable loss of connectivity between services and unexpected cluster partition or disassembly.
For details, see Modify network configuration on an existing machine.
According to the reference architecture, the Kubernetes manager nodes in the MOSK cluster must be connected to the following networks:
PXE network
API/LCM network (if you configure ARP announcement of the load-balancer IP address for the MOSK cluster API)
LCM network (if you configure BGP announcement of the load-balancer IP address for the MOSK cluster API)
Kubernetes workloads network
Caution
If you plan to deploy MOSK cluster with the compact control plane option, skip this section entirely and proceed with Create an L2 template for a MOSK controller node.
To create L2 templates for Kubernetes manager nodes:
Create or open the
mosk-l2templates.ymlfile that contains the L2 templates you are preparing.Add L2 templates using the following example. Adjust the values of specific parameters according to the specifications of your environment, specifically the name of your project (namespace) and cluster, IP address ranges and networks, subnet names.
L2 template example for Kubernetes manager node¶apiVersion: ipam.mirantis.com/v1alpha1 kind: L2Template metadata: labels: kaas.mirantis.com/provider: baremetal kaas.mirantis.com/region: region-one cluster.sigs.k8s.io/cluster-name: mosk-cluster-name rack1-mosk-manager: "true" name: rack1-mosk-manager namespace: mosk-namespace-name spec: autoIfMappingPrio: - provision - eno - ens - enp l3Layout: - subnetName: api-lcm scope: namespace - subnetName: rack1-k8s-pods scope: namespace npTemplate: |- version: 2 ethernets: {{nic 0}}: dhcp4: false dhcp6: false match: macaddress: {{mac 0}} set-name: {{nic 0}} mtu: 9000 {{nic 1}}: dhcp4: false dhcp6: false match: macaddress: {{mac 1}} set-name: {{nic 1}} mtu: 9000 {{nic 2}} dhcp4: false dhcp6: false match: macaddress: {{mac 2}} set-name: {{nic 2}} mtu: 9000 {{nic 3}}: dhcp4: false dhcp6: false match: macaddress: {{mac 3}} set-name: {{nic 3}} mtu: 9000 bonds: bond0: mtu: 9000 parameters: mode: 802.3ad mii-monitor-interval: 100 interfaces: - {{nic 0}} - {{nic 1}} vlans: k8s-lcm-v: id: 403 link: bond0 mtu: 9000 k8s-pods-v: id: 408 link: bond0 mtu: 9000 bridges: k8s-lcm: interfaces: [k8s-lcm-v] addresses: - {{ ip "k8s-lcm:api-lcm" }} nameservers: addresses: {{nameservers_from_subnet "api-lcm"}} gateway4: {{ gateway_from_subnet "api-lcm" }} k8s-pods: interfaces: [k8s-pods-v] addresses: - {{ip "k8s-pods:rack1-k8s-pods"}} mtu: 9000 routes: - to: 10.199.0.0/22 # aggregated address space for Kubernetes workloads via: {{gateway_from_subnet "rack1-k8s-pods"}}
Note
The
kaas.mirantis.com/regionlabel is removed from all MOSK objects in 24.1. Therefore, do not add the label starting with this release. On existing clusters updated to this release, or if added manually, MOSK ignores this label.Note
Before MOSK 23.3, an L2 template requires
clusterRef: <clusterName>in thespecsection. Since MOSK 23.3, this parameter is deprecated and automatically migrated to thecluster.sigs.k8s.io/cluster-name: <clusterName>label.To create L2 templates for other racks, change the rack identifier in the names and labels above.
Proceed with Create an L2 template for a MOSK controller node. The resulting L2 templates will be used to render the netplan configuration for the managed cluster machines.