Available in editions:  EE

The module is not enabled by default in any bundles.

How to explicitly enable the module…

Set the spec.enabled module parameter to true or false in the ModuleConfig/network-gateway resource (create it, if necessary) to explicitly enable or disable the module, or use the deckhouse-controller module command in the d8-system/deckhouse pod.

Example of enabling the module:

  • by using the ModuleConfig resource:

    apiVersion: deckhouse.io/v1alpha1
kind: ModuleConfig
metadata:
  name: network-gateway
spec:
  enabled: true

  • by using the deckhouse-controller command (you need a kubectl, configured to work with the cluster):

    kubectl -ti -n d8-system exec svc/deckhouse-leader -c deckhouse -- deckhouse-controller module enable network-gateway

Example of disabling the module:

  • by using the ModuleConfig resource:

    apiVersion: deckhouse.io/v1alpha1
kind: ModuleConfig
metadata:
  name: network-gateway
spec:
  enabled: false

  • by using the deckhouse-controller command (you need a kubectl, configured to work with the cluster):

    kubectl -ti -n d8-system exec svc/deckhouse-leader -c deckhouse -- deckhouse-controller module disable network-gateway

Settings

The module is configured using the ModuleConfig custom resource named network-gateway (learn more about setting up Deckhouse…).

Example of the ModuleConfig/network-gateway resource for configuring the module:

apiVersion: deckhouse.io/v1alpha1
kind: ModuleConfig
metadata:
  name: network-gateway
spec:
  version: 1
  enabled: true
  settings: # <-- Module parameters from the "Parameters" section below.

Parameters

Schema version: 1

  • settings
    object
    • settings.disableDHCP
      boolean

      Disables the DHCP server.

      Default: false

    • settings.dns
      object

      Settings to pass to clients via DHCP.

      • settings.dns.search
        array of strings

        List of search domains.

        Example:

        search:
- office.example.com
- srv.example.com
      • settings.dns.servers
        array of strings

        List of DNS servers.

        Example:

        servers:
- 4.2.2.2
- 8.8.8.8
    • settings.nodeSelector
      object

      Required value

      Selects nodes that will be used to configure iptables rules and to run the DHCP server.

      The same as in the Pods’ spec.nodeSelector parameter in Kubernetes. Instance Pods inherit this field as is.

      Example:

      nodeSelector:
  type: network-gateway
    • settings.publicAddress
      string

      Required value

      Replaces the src of the packets outgoing from the LAN.

      Pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}$

      Example:

      publicAddress: 10.220.203.240
    • settings.storageClass
      string

      The name of the StorageClass to use for storing the DHCP lease.

      If omitted, the StorageClass of the existing PVC is used. If there is no PVC yet, the StorageClass will be used according to the global storageClass parameter setting.

      The global storageClass parameter is only considered when the module is enabled. Changing the global storageClass parameter while the module is enabled will not trigger disk re-provisioning.

      *Warning.** Specifying a value different from the one currently used (in the existing PVC) will result in disk re-provisioning and all data will be deleted.

      If false is specified, emptyDir will be forced to be used.

      Dnsmasq (underlies our DHCP server) has its own mechanisms for protecting against the duplication of IP addresses if the lease database is lost (but it is better not to lose it).

    • settings.subnet
      string

      Required value

      The address of a local subnet that gateway serves.

      The DHCP options to pass to clients are generated based on this address:

      • Address pool — numbers starting with 50 and up to the last one.
      • Router — the subnet’s first address.

      Pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))$

      Example:

      subnet: 192.168.42.0/24
    • settings.tolerations
      array of objects

      Tolerations for DHCP Pods and iptables managers.

      The same as in the Pods’ spec.tolerations parameter in Kubernetes. The instance’s Pods inherit this field as is.

      • settings.tolerations.effect
        string
      • settings.tolerations.key
        string
      • settings.tolerations.operator
        string
      • settings.tolerations.tolerationSeconds
        integer
      • settings.tolerations.value
        string