Comments (7)
batistein
commented on May 22, 2024
This feature is not implemented yet. Since we had several problems with the private network in the past (very high ping, interruptions, etc.), we do not use it for our offers, so it has less prio from our side.
But I would love to see any contribution on it.
from cluster-api-provider-hetzner.
shurshun
commented on May 22, 2024
Hi there! I would like to say thank you for such a handy product! I would also like to agree with the topic starter on the issue of private network support: we plan to order a set-up with a private network between servers (without the cloud) and, unfortunately, this is the only factor limiting the use of this provider :(
from cluster-api-provider-hetzner.
mads-sogaard
commented on May 22, 2024
Hi just for my understanding, is it possible to use CAPI to provision and manage a bare metal only cluster, and then use a dedicated switch as private network (which can also be ordered from Hetzner)? I know pucilpet asks for a hybrid setup :-)
from cluster-api-provider-hetzner.
batistein
commented on May 22, 2024
@mads-sogaard we didn't implemented the private network stuff on Hetzner Dedicated. In our production cluster we use the konnectivity-service, Cilium Host Firewall and run mTLS everywhere so we do not have the use case for private network. But of course anyone is welcome to contribute a PR.
from cluster-api-provider-hetzner.
mstarostik
commented on May 22, 2024
I also figured the private networks aren't of that much use unless and until they offer more advanced routing setup between different private networks, NAT to public or the likes.
Anyway, one thing using a private network turned out to be still very useful to me is so I can get a known (private) IP for the API Server LB to pass as k8sServiceHost to Cilium when enabling its kube-proxy replacement. I'd be happy to simplify the setup some but haven't figured a way to pull the public IP for the LB into the ArgoCD app that provisions Cilium on newly created clusters.
from cluster-api-provider-hetzner.
batistein
commented on May 22, 2024
@mstarostik I would recommend to use a domain in a production setup, this way you also solve your problem because you always know the k8sServiceHost in advance.
from cluster-api-provider-hetzner.
mstarostik
commented on May 22, 2024
@batistein this might help a little, however it shifts the problem from
provision LB and nodes => get their IP(s) into config => provision Cilium
to
provision LB and nodes => get their IP(s) into DNS => provision Cilium
the middle part is not something easily done when going for a purely declarative setup. ExternalDNS might help when using a DNS name, but isn't up and running at the time the CNI config needs the info already. There sure are ways to implement this, but for my setup the stable and pre-known API server private IP helps a lot.
YMMV for sure
from cluster-api-provider-hetzner.
Related Issues (20)
- Controller should not pick hbmh with one disk, if swraid=true
- Better structure of CapH docs HOT 5
- Understanding CapH docs from a high level perspective
- Improve Hetzner guide HOT 1
- Handle robot_unavailable errors when creating load balancers or adding targets to a load balancer
- git based management with flux not possible HOT 5
- Test CAPH with changing API token
- switch to python3
- Remove server from load balancer after node is drained
- Add control planes as targets to load balancer only when they are reachable
- Test new logic of addition/removal of servers in the load balancer
- Custom resource definitions for CAPH HOT 3
- Customize LoadBalancer Name HOT 3
- :bug: bare-metal server get re-provisioning on expected drive new caph release. Can lead to data loss! HOT 1
- Add webhooks for ProviderMachineTemplate objects
- Validate HBMH before using it
- Update information of Hetzner secret in workload / target cluster
- Choose HetznerBareMetalHosts with RootDeviceHints set over those ones without
- Condition for missing `rootDeviceHints` of `HetznerBareMetalHost`
- Update the quickstart guide
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cluster-api-provider-hetzner.