No route to service with nsx-t

openshift / openshift-ansible-contrib

Additional roles and playbooks for OpenShift installation and management

https://www.openshift.com

Apache License 2.0

283 stars 372 forks source link

No route to service with nsx-t #1097

Closed hniedlich closed 3 years ago

hniedlich commented 5 years ago

Hello,

I need help with integrating openshift with NSX-T. I'm trying versions: openshift 3.11 nsx-t 2.4 ansible 2.8.1

I'm doing exacly as it is said in in https://docs.vmware.com/en/VMware-NSX-T-Data-Center/2.4/nsxt_24_ncp_openshift.pdf -create bare metal transport nodes -create every resource needed by installer -run playbook deploy_cluster.yml

I'm facing issue with "no route to host" when pods want to access for example kubernetes service on ip 172.30.0.1:443, and installation hangs with deploy error on router, registry etc.

Anyone know how to perform proper install with nsx-t? Can't find similar errors via google.

dav1x commented 5 years ago

Howdy @hniedlich let me see if I can get an NSX expert to look.

yasensim commented 4 years ago

@hniedlich bare metal is a bit tricky since the management of the BM servers are usually not connected to NSX. You need to make sure that bi-directional routing is possible between the openshift nodes and the pods without nat. This means you need to configure NOSNAT rules on the T0 for the traffic from POD subnet to the nodes management subnet. Also you need routing on the underlay network, so nodes can reach the PODs.

openshift-bot commented 3 years ago

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale. Stale issues rot after an additional 30d of inactivity and eventually close. Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale

openshift-bot commented 3 years ago

Stale issues rot after 30d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle rotten. Rotten issues close after an additional 30d of inactivity. Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle rotten /remove-lifecycle stale

yasensim commented 3 years ago

/close

openshift-ci-robot commented 3 years ago

@yasensim: Closing this issue.

In response to [this](https://github.com/openshift/openshift-ansible-contrib/issues/1097#issuecomment-715655116): >/close Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.