|
| 1 | +// Module included in the following assemblies: |
| 2 | +// |
| 3 | +// * microshift_networking/microshift-disconnected-network-config.adoc |
| 4 | + |
| 5 | +:_mod-docs-content-type: PROCEDURE |
| 6 | +[id="microshift-disconnected-host-network-config_{context}"] |
| 7 | += Configuring the networking settings for fully disconnected hosts |
| 8 | + |
| 9 | +To configure the networking settings for running {microshift-short} on a fully disconnected host, you must prepare the host, update the networking configuration, then restart to apply the new settings. All commands are executed from the host CLI. |
| 10 | + |
| 11 | +.Prerequisites |
| 12 | +* RHEL 9 or newer. |
| 13 | +* {microshift-short} 4.14 or newer. |
| 14 | +* Access to the host CLI. |
| 15 | +* A valid IP address chosen to avoid both internal and potential future external IP conflicts when running {microshift-short}. |
| 16 | +* {microshift-short} networking settings are set to defaults. |
| 17 | +
|
| 18 | +[IMPORTANT] |
| 19 | +==== |
| 20 | +The following procedure is for use cases in which access to the {microshift-short} cluster is not required after devices are deployed in the field. There is no remote cluster access after the network connection is removed. |
| 21 | +==== |
| 22 | + |
| 23 | +.Procedure |
| 24 | + |
| 25 | +. Add a fake IP address to the loopback interface by running the following command: |
| 26 | ++ |
| 27 | +[source,terminal] |
| 28 | +---- |
| 29 | +$ IP="10.44.0.1" <1> |
| 30 | +$ sudo nmcli con add type loopback con-name stable-microshift ifname lo ip4 ${IP}/32 |
| 31 | +---- |
| 32 | +<1> The fake IP address used in this example is “10.44.0.1”. |
| 33 | ++ |
| 34 | +[NOTE] |
| 35 | +==== |
| 36 | +Any valid IP works if it avoids both internal {microshift-short} and potential future external IP conflicts. This can be any subnet that does not collide with the {microshift-short} node subnet or is be accessed by other services on the device. |
| 37 | +==== |
| 38 | + |
| 39 | +. Configure the DNS interface to use the local name server by setting modifying the settings to ignore automatic DNS and reset it to the local name server: |
| 40 | ++ |
| 41 | +.. Bypass the automatic DNS by running the following command: |
| 42 | ++ |
| 43 | +[source,terminal] |
| 44 | +---- |
| 45 | +$ sudo nmcli conn modify stable-microshift ipv4.ignore-auto-dns yes |
| 46 | +---- |
| 47 | ++ |
| 48 | +.. Point the DNS interface to use the local name server: |
| 49 | ++ |
| 50 | +[source,terminal] |
| 51 | +---- |
| 52 | +$ sudo nmcli conn modify stable-microshift ipv4.dns "10.44.1.1" |
| 53 | +---- |
| 54 | + |
| 55 | +. Get the hostname of the device by running the following command: |
| 56 | ++ |
| 57 | +[source,terminal] |
| 58 | +---- |
| 59 | +$ NAME="$(hostnamectl hostname)" |
| 60 | +---- |
| 61 | + |
| 62 | +. Add an entry for the hostname of the node in the `/etc/hosts` file by running the following command: |
| 63 | ++ |
| 64 | +[source,terminal] |
| 65 | +---- |
| 66 | +$ echo "$IP $NAME" | sudo tee -a /etc/hosts >/dev/null |
| 67 | +---- |
| 68 | + |
| 69 | +. Update the {microshift-short} configuration file by adding the following YAML snippet to `/etc/microshift/config.yaml`: |
| 70 | ++ |
| 71 | +[source,terminal] |
| 72 | +---- |
| 73 | +sudo tee /etc/microshift/config.yaml > /dev/null <<EOF |
| 74 | +node: |
| 75 | + hostnameOverride: hostnameOverride: $(echo $NAME) |
| 76 | + nodeIP: $(echo $IP) |
| 77 | +EOF |
| 78 | +---- |
| 79 | + |
| 80 | +. {microshift-short} is now ready to use the loopback device for cluster communications. Finish preparing the device for offline use. |
| 81 | + |
| 82 | +.. If the device currently has a NIC attached, disconnect the device from the network. |
| 83 | +.. Shut down the device and disconnect the NIC. |
| 84 | +.. Restart the device for the offline configuration to take effect. |
| 85 | + |
| 86 | +. Restart the {microshift-short} host to apply the configuration changes by running the following command: |
| 87 | ++ |
| 88 | +[source,terminal] |
| 89 | +---- |
| 90 | +$ sudo systemctl reboot <1> |
| 91 | +---- |
| 92 | +<1> This step restarts the cluster. Wait for the greenboot health check to report the system healthy before implementing verification. |
| 93 | + |
| 94 | +.Verification |
| 95 | + |
| 96 | +At this point, network access to the {microshift-short} host has been severed. If you have access to the host terminal, you can use the host CLI to verify that the cluster has started in a stable state. |
| 97 | + |
| 98 | +. Verify that the {microshift-short} cluster is running by entering the following command: |
| 99 | ++ |
| 100 | +[source,terminal] |
| 101 | +---- |
| 102 | +$ export KUBECONFIG=/var/lib/microshift/resources/kubeadmin/kubeconfig |
| 103 | +$ sudo -E oc get pods -A |
| 104 | +---- |
| 105 | ++ |
| 106 | +.Example output |
| 107 | +[source,terminal] |
| 108 | +---- |
| 109 | +NAMESPACE NAME READY STATUS RESTARTS AGE |
| 110 | +kube-system csi-snapshot-controller-74d566564f-66n2f 1/1 Running 0 1m |
| 111 | +kube-system csi-snapshot-webhook-69bdff8879-xs6mb 1/1 Running 0 1m |
| 112 | +openshift-dns dns-default-dxglm 2/2 Running 0 1m |
| 113 | +openshift-dns node-resolver-dbf5v 1/1 Running 0 1m |
| 114 | +openshift-ingress router-default-8575d888d8-xmq9p 1/1 Running 0 1m |
| 115 | +openshift-ovn-kubernetes ovnkube-master-gcsx8 4/4 Running 1 1m |
| 116 | +openshift-ovn-kubernetes ovnkube-node-757mf 1/1 Running 1 1m |
| 117 | +openshift-service-ca service-ca-7d7c579f54-68jt4 1/1 Running 0 1m |
| 118 | +openshift-storage topolvm-controller-6d777f795b-bx22r 5/5 Running 0 1m |
| 119 | +openshift-storage topolvm-node-fcf8l 4/4 Running 0 1m |
| 120 | +---- |
0 commit comments