Skip to content

[OCPBUGS-48096]: HCP proxy docs for mgmt clusters with secondary network #91942

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 22, 2025
Merged

[OCPBUGS-48096]: HCP proxy docs for mgmt clusters with secondary network #91942

merged 1 commit into from
Apr 22, 2025

Conversation

lahinson
Copy link
Contributor

@lahinson lahinson commented Apr 9, 2025
edited
Loading

@openshift-ci openshift-ci bot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Apr 9, 2025
@ocpdocs-previewbot
Copy link

ocpdocs-previewbot commented Apr 9, 2025
edited
Loading

🤖 Mon Apr 21 20:44:01 - Prow CI generated the docs preview:

https://91942--ocpdocs-pr.netlify.app/openshift-enterprise/latest/hosted_control_planes/hcp-networking.html

@lahinson lahinson force-pushed the ocpbugs-48096-hcp-proxy branch 2 times, most recently from 2cb0bce to c4ebe42 Compare April 9, 2025 18:39
@lahinson lahinson added this to the Continuous Release milestone Apr 9, 2025
@lahinson lahinson requested a review from mrobson April 14, 2025 15:37
@lahinson
Copy link
Contributor Author

Hi @mrobson - PTAL when you can. Thanks!

@jiezhao16
Copy link

It should be the secondary network, not the second network

@lahinson lahinson force-pushed the ocpbugs-48096-hcp-proxy branch from c4ebe42 to 961cc17 Compare April 21, 2025 17:13
@jiezhao16
Copy link

lgtm

@lahinson lahinson added the peer-review-needed Signifies that the peer review team needs to review this PR label Apr 21, 2025
@maxwelldb maxwelldb self-requested a review April 21, 2025 18:58
@maxwelldb maxwelldb added the peer-review-in-progress Signifies that the peer review team is reviewing this PR label Apr 21, 2025
maxwelldb
maxwelldb reviewed Apr 21, 2025
View reviewed changes
Copy link
Contributor

@maxwelldb maxwelldb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No big issues. Consider revising the first sentence of the module to reduce complexity.

@maxwelldb maxwelldb added peer-review-done Signifies that the peer review team has reviewed this PR and removed peer-review-in-progress Signifies that the peer review team is reviewing this PR labels Apr 21, 2025
@lahinson
Copy link
Contributor Author

@maxwelldb Thanks for the review! What do you think of this revision? The first sentence is still longer than I'd prefer, but I'm not sure how to cut it down anymore without sacrificing accuracy.

If a management cluster uses a proxy and you are configuring a secondary network but not attaching the default pod network, add the CIDR of the secondary network to the proxy configuration. Specifically, you need to add the CIDR to the noProxy section of the proxy configuration for the management cluster. Otherwise, the Kubernetes API server will route some API requests through the proxy. In the hosted cluster configuration, the CIDR of the secondary network is automatically added to the noProxy section.

@lahinson lahinson removed the peer-review-needed Signifies that the peer review team needs to review this PR label Apr 21, 2025
mrobson
mrobson suggested changes Apr 21, 2025
View reviewed changes
modules/hcp-proxy-addl-network.adoc Outdated

:_mod-docs-content-type: CONCEPT
[id="hcp-proxy-addl-network_{context}"]
= Management cluster with a secondary network and no default pod network
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should actually be: Management cluster using a Proxy and a Hosted Cluster with a secondary network and no default pod network

modules/hcp-proxy-addl-network.adoc Outdated
[id="hcp-proxy-addl-network_{context}"]
= Management cluster with a secondary network and no default pod network

If the management cluster uses a proxy configuration and you are configuring a second network but you are not attaching the default pod network, you need to add the CIDR of the second network to the `noProxy` section of the proxy configuration on the management cluster. Otherwise, the Kubernetes API server will route some API requests through the proxy. In the hosted cluster configuration, the CIDR of the second network is automatically added to the `noProxy` section.
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If the management cluster uses a proxy configuration and you are configuring a Hosted Cluster with a secondary network and you are not attaching the default pod network, you need to add the CIDR of the secondary network to the noProxy .....

hosted_control_planes/hcp-networking.adoc Outdated
@@ -18,6 +18,8 @@ include::modules/hcp-proxy-ignition.adoc[leveloffset=+1]
include::modules/hcp-proxy-api.adoc[leveloffset=+1]
//cp workloads that need access to external services and must use the proxy for the management cluster
include::modules/hcp-proxy-mgmt-cluster.adoc[leveloffset=+1]
//proxy configuration when the mgmt cluster has a second network and no default pod network
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

//proxy configuration on the mgmt cluster when the hosted cluster has a secondary network and no default pod network

@lahinson lahinson force-pushed the ocpbugs-48096-hcp-proxy branch from 961cc17 to 83a5770 Compare April 21, 2025 20:20
@mrobson
Copy link

mrobson commented Apr 21, 2025

lgtm

@lahinson lahinson force-pushed the ocpbugs-48096-hcp-proxy branch from 83a5770 to dfb8005 Compare April 21, 2025 20:37
@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Apr 21, 2025

@lahinson: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@lahinson lahinson merged commit e5a263b into openshift:main Apr 22, 2025
2 checks passed
@lahinson
Copy link
Contributor Author

/cherrypick enterprise-4.18

@lahinson
Copy link
Contributor Author

/cherrypick enterprise-4.19

@openshift-cherrypick-robot
Copy link

@lahinson: new pull request created: #92445

In response to this:

/cherrypick enterprise-4.18

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

This was referenced Apr 22, 2025
Merged
Merged
@openshift-cherrypick-robot
Copy link

@lahinson: new pull request created: #92447

In response to this:

/cherrypick enterprise-4.19

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@maxwelldb maxwelldb maxwelldb left review comments

@mrobson mrobson mrobson requested changes

Assignees
No one assigned
Labels
branch/enterprise-4.18 branch/enterprise-4.19 peer-review-done Signifies that the peer review team has reviewed this PR size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
Continuous Release
Development

Successfully merging this pull request may close these issues.
6 participants
@lahinson @ocpdocs-previewbot @jiezhao16 @mrobson @openshift-cherrypick-robot @maxwelldb