$ oc annotate netnamespace <namespace> \
netnamespace.network.openshift.io/multicast-enabled=true
OpenShift SDN CNI is deprecated as of Red Hat OpenShift Service on AWS 4.14. As of Red Hat OpenShift Service on AWS 4.15, the network plugin is not an option for new installations. In a subsequent future release, the OpenShift SDN network plugin is planned to be removed and no longer supported. Red Hat will provide bug fixes and support for this feature until it is removed, but this feature will no longer receive enhancements. As an alternative to OpenShift SDN CNI, you can use OVN Kubernetes CNI instead. For more information, see OpenShift SDN CNI removal. |
With IP multicast, data is broadcast to many IP addresses simultaneously.
|
Multicast traffic between Red Hat OpenShift Service on AWS pods is disabled by default. If you are using the OpenShift SDN network plugin, you can enable multicast on a per-project basis.
When using the OpenShift SDN network plugin in networkpolicy
isolation mode:
Multicast packets sent by a pod will be delivered to all other pods in the project, regardless of NetworkPolicy
objects. Pods might be able to communicate over multicast even when they cannot communicate over unicast.
Multicast packets sent by a pod in one project will never be delivered to pods in any other project, even if there are NetworkPolicy
objects that allow communication between the projects.
When using the OpenShift SDN network plugin in multitenant
isolation mode:
Multicast packets sent by a pod will be delivered to all other pods in the project.
Multicast packets sent by a pod in one project will be delivered to pods in other projects only if each project is joined together and multicast is enabled in each joined project.
You can enable multicast between pods for your project.
Install the OpenShift CLI (oc
).
You must log in to the cluster with a user that has the cluster-admin
or the dedicated-admin
role.
Run the following command to enable multicast for a project. Replace <namespace>
with the namespace for the project you want to enable multicast for.
$ oc annotate netnamespace <namespace> \
netnamespace.network.openshift.io/multicast-enabled=true
To verify that multicast is enabled for a project, complete the following procedure:
Change your current project to the project that you enabled multicast for. Replace <project>
with the project name.
$ oc project <project>
Create a pod to act as a multicast receiver:
$ cat <<EOF| oc create -f -
apiVersion: v1
kind: Pod
metadata:
name: mlistener
labels:
app: multicast-verify
spec:
containers:
- name: mlistener
image: registry.access.redhat.com/ubi9
command: ["/bin/sh", "-c"]
args:
["dnf -y install socat hostname && sleep inf"]
ports:
- containerPort: 30102
name: mlistener
protocol: UDP
EOF
Create a pod to act as a multicast sender:
$ cat <<EOF| oc create -f -
apiVersion: v1
kind: Pod
metadata:
name: msender
labels:
app: multicast-verify
spec:
containers:
- name: msender
image: registry.access.redhat.com/ubi9
command: ["/bin/sh", "-c"]
args:
["dnf -y install socat && sleep inf"]
EOF
In a new terminal window or tab, start the multicast listener.
Get the IP address for the Pod:
$ POD_IP=$(oc get pods mlistener -o jsonpath='{.status.podIP}')
Start the multicast listener by entering the following command:
$ oc exec mlistener -i -t -- \
socat UDP4-RECVFROM:30102,ip-add-membership=224.1.0.1:$POD_IP,fork EXEC:hostname
Start the multicast transmitter.
Get the pod network IP address range:
$ CIDR=$(oc get Network.config.openshift.io cluster \
-o jsonpath='{.status.clusterNetwork[0].cidr}')
To send a multicast message, enter the following command:
$ oc exec msender -i -t -- \
/bin/bash -c "echo | socat STDIO UDP4-DATAGRAM:224.1.0.1:30102,range=$CIDR,ip-multicast-ttl=64"
If multicast is working, the previous command returns the following output:
mlistener