External IP remapping
You can use Liqo to map external IPs and make them reachable from a peered cluster. You can configure the external IP remapping using the IP CRD. This can be useful if you want to make a server (for example a legacy database) running outside the cluster, reachable from a peered cluster.
Warning
This feature is available only if network module is enabled.
Check the figure below to understand how the external IP remapping works. We are going to make the external host reachable from cluster 1.
Forge an IP CRD
The IP CRD allows you to remap an external IP to a new IP belonging to the External CIDR.
Export the kubeconfig file of cluster 2:
export KUBECONFIG=./cluster2-kubeconfig
First of all, you need to create a file called ip.yaml.
apiVersion: ipam.liqo.io/v1alpha1
kind: IP
metadata:
name: external-ip-remap
spec:
ip: <EXTERNAL_IP>
Replace <EXTERNAL_IP>
with the external host you want to map.
Now, apply the IP CRD:
kubectl apply -f ip.yaml
Check the status of the IP CRD:
kubectl get ip external-ip-remap -o yaml
If everything went successfully, the status should be similar to the following:
apiVersion: ipam.liqo.io/v1alpha1
kind: IP
...
status:
ipMappings:
cluster1: <REMAPPED_IP>
The status field shows how the external host IP has been remapped. It is an IP belonging to the External CIDR.
We are going to use the remapped IP on cluster 1 to reach the external host.
Connect to the external host
If cluster 1 and cluster 2 have different External CIDRs (it can be customized at installation time), you can skip this section and use the IP obtianed in the previous section to reach the external host.
However, in most cases, the External CIDRs are the same, we need to get how the remote external CIDR has been remapped and forge the IP to reach the external host.
First of all, export the kubeconfig file of cluster 1:
export KUBECONFIG=./cluster1-kubeconfig
Get the configuration CRD for cluster 2:
kubectl get configuration -n liqo-tenant-cluster2 -o yaml cluster2
The output should be similar to the following:
apiVersion: networking.liqo.io/v1beta1
kind: Configuration
metadata:
labels:
configuration.liqo.io/configured: "true"
liqo.io/remote-cluster-id: cluster2
name: cluster2
namespace: liqo-tenant-cluster2
spec:
...
status:
remote:
cidr:
external: <REMAPPED_EXT_CIDR>
pod: <REMAPPED_POD_CIDR>
Let’s focus on the REMAPPED_EXT_CIDR
value. Keep the prefix of that CIDR and replace it inside the REMAPPED_IP
found in the IP CRD status (check the previous section).
For example, if the REMAPPED_EXT_CIDR
is 10.81.0.0/16 and the REMAPPED_IP
is 10.70.0.1 the final IP will be 10.81.0.1.
Now, you can use the forged IP to reach the external host from cluster 1.