How to identify the allocated IP addresses in the Floating IP Pool in Enterprise PKS
search cancel

How to identify the allocated IP addresses in the Floating IP Pool in Enterprise PKS

book

Article ID: 319527

calendar_today

Updated On:

Products

VMware Cloud PKS

Issue/Introduction

This article provides steps that can be used to identify the IP addresses in use from the Floating IP Pool.

Environment

VMware PKS 1.x

Resolution

Enterprise PKS has multiple places which will allocate an IP address from the Floating IP Pool:
  1. For each cluster, by default, Enterprise PKS creates a Load Balancer and creates a virtual server to handle load balancing among primary VMs. IP addresses will be allocated from the Floating IP Pool for this virtual server:
curl -s -X GET -k -u '<username>:<password>' https://<NSX-T Manager IP/FQDN>/api/v1/search?query=resource_type%3ALbVirtualServer%20%20tags.scope%3A%22pks/cluster%22%20 | jq -r ".results[] | .ip_address" | sort | uniq
  1. NCP creates two virtual servers for ingress, which share the FIP. Also, for each kubernetes service type of Load Balancer, NCP creates virtual server and allocates a FIP for it:
curl -s -X GET -k -u '<username>:<password>' https://<NSX-T Manager IP/FQDN>/api/v1/search?query=resource_type%3ALbVirtualServer%20%20tags.scope%3A%22ncp/cluster%22%20 | jq -r ".results[] | .ip_address" | sort | uniq
  1. When a cluster network is created and if NAT mode is enabled (configured from the PKS tile), a FIP is allocated and an SNAT rule is created and tagged with {“scope”: “pks/floating_ip”, “tag”: <the fip>}, so this command searches for this type of FIP:
curl -s -X GET -k -u '<username>:<password>' https://<NSX-T Manager IP/FQDN>/api/v1/search?query=resource_type%3ANatRule%20tags.scope%3A%22pks/cluster%22%20 | jq -r ".results[] | .translated_network"
  1. NCP allocates a FIP and creates NAT rule when a namespace is created:
curl -s -X GET -k -u '<username>:<password>' https://<NSX-T Manager IP/FQDN>/api/v1/search?query=%20tags.scope%3A%22ncp/snat%22%20 | jq -r ".results[] | .translated_network"


Additional Information

Note :

These API calls are not documented by NSX-T so it cannot be officially supported. 

Also jq package (`sudo apt-get install jq`) is needed before running below commands


Powered by Wolken Software