From 5e858700168125ff7e1ebe1fd73b2aae5225b731 Mon Sep 17 00:00:00 2001 From: Marco Braga Date: Mon, 30 Jan 2023 15:46:19 -0300 Subject: [PATCH] OCPBUGS-6800: change the MTU in Local Zones deployments Add section to change the the cluster network MTU on the manifest stage due the limitation of AWS Local Zones communication with the parent region. Adding OpenShift-SDN and "important" note Apply suggestions from code review Co-authored-by: Kathryn Alexander <37149781+kalexand-rh@users.noreply.github.com> Update modules/installation-localzone-generate-k8s-manifest.adoc Apply suggestions from code review Co-authored-by: Kathryn Alexander <37149781+kalexand-rh@users.noreply.github.com> pr review - making correct reference Update modules/installation-localzone-generate-k8s-manifest.adoc Update modules/installation-localzone-generate-k8s-manifest.adoc PR review for important notes on MTU --- .../installing-aws-localzone.adoc | 6 +++ ...ation-localzone-generate-k8s-manifest.adoc | 47 ++++++++++++++++++- 2 files changed, 52 insertions(+), 1 deletion(-) diff --git a/installing/installing_aws/installing-aws-localzone.adoc b/installing/installing_aws/installing-aws-localzone.adoc index b50c4453beec..8f2082392a17 100644 --- a/installing/installing_aws/installing-aws-localzone.adoc +++ b/installing/installing_aws/installing-aws-localzone.adoc @@ -78,6 +78,12 @@ include::modules/installation-generate-aws-user-infra-install-config.adoc[levelo include::modules/installation-localzone-generate-k8s-manifest.adoc[leveloffset=+2] +[role="_additional-resources"] +.Additional resources + +* xref:../../networking/changing-cluster-network-mtu.adoc#mtu-value-selection_changing-cluster-network-mtu[Changing the MTU for the cluster network] +* xref:../../networking/changing-cluster-network-mtu.adoc#nw-ovn-ipsec-enable_configuring-ipsec-ovn[Enabling IPsec encryption] + include::modules/installation-launching-installer.adoc[leveloffset=+1] include::modules/cli-installing-cli.adoc[leveloffset=+1] diff --git a/modules/installation-localzone-generate-k8s-manifest.adoc b/modules/installation-localzone-generate-k8s-manifest.adoc index 716639d9f193..c2c84a77ccd2 100644 --- a/modules/installation-localzone-generate-k8s-manifest.adoc +++ b/modules/installation-localzone-generate-k8s-manifest.adoc @@ -26,8 +26,53 @@ $ ./openshift-install create manifests --dir <1> <1> For ``, specify the installation directory that contains the `install-config.yaml` file you created. -. Create the machine set manifests for the worker nodes in your Local Zone. +. Set the default Maximum Transmission Unit (MTU) according to the network plugin: ++ +[IMPORTANT] +==== +Generally, the Maximum Transmission Unit (MTU) between an Amazon EC2 instance in a Local Zone and an Amazon EC2 instance in the Region is 1300. See link:https://docs.aws.amazon.com/local-zones/latest/ug/how-local-zones-work.html[How Local Zones work] in the AWS documentation. +The cluster network MTU must be always less than the EC2 MTU to account for the overhead. The specific overhead is determined by your network plugin, for example: + +- OVN-Kubernetes: `100 bytes` +- OpenShift SDN: `50 bytes` + +The network plugin could provide additional features, like IPsec, that also must be decreased the MTU. Check the documentation for additional information. + +==== + +.. If you are using the `OVN-Kubernetes` network plugin, enter the following command: ++ +[source,terminal] +---- +$ cat < /manifests/cluster-network-03-config.yml +apiVersion: operator.openshift.io/v1 +kind: Network +metadata: + name: cluster +spec: + defaultNetwork: + ovnKubernetesConfig: + mtu: 1200 +EOF +---- +.. If you are using the `OpenShift SDN` network plugin, enter the following command: ++ +[source,terminal] +---- +$ cat < /manifests/cluster-network-03-config.yml +apiVersion: operator.openshift.io/v1 +kind: Network +metadata: + name: cluster +spec: + defaultNetwork: + openshiftSDNConfig: + mtu: 1250 +EOF +---- + +. Create the machine set manifests for the worker nodes in your Local Zone. .. Export a local variable that contains the name of the Local Zone that you opted your AWS account into by running the following command: + [source,terminal]