is it required the PUBLIC IP on MS azure

[Gitesh Chavan]

to build the OKD 4.X cluster on MS azure, is it required the PUBLIC IP on bootstrap & remaining VM.

We are building the cluster through ARM template. 

So main question is, " Can we deploy OKD cluster without provisioning of public IP in azure resource group."

[Michael McCune]

i would think that as long as your installer host (the one where you are running openshift-install) can reach the instances, then you shouldn't /need/ the public ip. but i have not tested this on azure.

peace o/

[Marcel Haerri]

If you do define UserDefinedRouting and setup your Azure Networking that it is able to connect outside through different means, this is possible: https://docs.okd.io/latest/installing/installing_azure/installing-azure-network-customizations.html#installation-configuration-parameters-additional-azure_installing-azure-network-customizations

The important thing to understand is, that with Azure networking, whenever VMs are part of a backend pool for a LB (and with OKD this is every VM) their outgoing traffic is routed through that LB and thus the installer adds a Public IP to the LB so you have something to SNAT outgoing traffic to. If you don't do that (by setting the mode to UserDefinedRouting) it is expected that you set up your Azure Network routes to some other gateway/device that handles outbound connections.

See https://github.com/openshift/enhancements/blob/master/enhancements/installer/azure-internal-with-user-defined-routing.md for background. And

~Marcel

--
You received this message because you are subscribed to the Google Groups "okd-wg" group.
To unsubscribe from this group and stop receiving emails from it, send an email to okd-wg+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/okd-wg/CADE%2BktQ3eBxfR8NPZhCBa%3D%3DdOfGsUZUtUj3FaL%2BskfBTa1DPtw%40mail.gmail.com.