Cloud Pak for Data

Deploy CPD with a cost-effective IP topology

Each organization has its own unique IT environment, and sometimes it will not fit within the network configuration which Red Hat OpenShift sets by default. Thus, it becomes essential to customize the installation for the target environment. In this blog we are going to showcase how to deploy CPD with a cost-effective IP topology.

Background

There are scenarios where customers have multiple network needs. In most on-premise customer environments, there are multiple networks for isolating the networks dedicated for different purpose due to security concerns. A typical scenario is like this: There are front-end network and back-end network in customer environment. The front-end network is used for accepting end users’ access request sent from an application and then route it to the back-end network so that the request to the back-end data (Databases, Hadoop, etc) could be done.

To address the multiple network scenario in your OCP 4 deployment, you can simply specify multiple network interfaces by specifying multiple ip= entries when setting up CoreOS.

ip=172.18.56.2::172.18.56.254:255.255.255.0:core0.example.com:enp1s0:none

ip=10.6.56.2::10.6.56.254:255.255.255.0:core0.example.com:enp2s0:none

This process is very straightforward. But it may cost the customers lots of IP addresses if it’s a large cluster. As a result, customer may have to pay more for this. To save money and resources, a cost-effective IP topology catering for the multiple networks scenario is recommended in this article.

A cost-effective IP topology

In OCP 4 deployment, a load balancer would be required to handle the https access request from the end users. Actually,  specify both front-end and back-end work only for this load balancer and create a route for making sure the https request could be redirected to the back-end network successfully is enough. The IP topology would look like this.

With this IP topology, the number of IP addresses for the front-end network could be reduced. And it can greatly save the IP resources and money for a large OCP4 cluster. In additional, it can also help to lower the security risk as fewer cluster resources exposed.