Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[Contrail] How to configure a Global FIP Pool in Kubernetes environment



Article ID: KB35126 KB Last Updated: 10 Oct 2019Version: 1.0

This article explains how to allocate a Global FIP Pool and its corresponding scope.

For details on the three possible FIP scopes, refer to KB35083 - [Contrail] Understanding Floating IP Pool Scopes in Kubernetes environment.


To specify a global level FIP pool, provide the full qualified pool name (domain > project > network > name) in contrail-kube-manager ('KM') docker's configuration file. The full path of the file is /etc/contrail/contrail-kubernetes.conf. This file is automatically generated by the docker during its bootup based on its ENV parameters, which can be found in /etc/contrail/common_kubemanager.env file in the master node:


As shown here, this .env file contains important environmental parameters about the setup, including IP address of kube-api, rabbitmq, control node, etc. To allocate a 'global FIP pool', specify the FIP pool information in the same file. Adding the following line in it:

KUBERNETES_PUBLIC_FIP_POOL={'domain': 'default-domain','name': 'pool-global-default','network': 'vn-global-default','project': 'k8s-ns-user-1'}

It reads: The global FIP pool is called 'pool-global-default', and it is defined based on a VN 'vn-global-default' under project 'k8s-ns-user-1', which indicates that the corresponding kubernetes namespace is 'ns-user-1'.

Now with that piece of configuration placed, re-compose the 'contrail-kube-manager' docker container to make the change take effect. This means to tear it down and then bring it back up:

$ cd /etc/contrail/kubemanager/
$ docker-compose down;docker-compose up -d
Stopping kubemanager_kubemanager_1 ... done
Removing kubemanager_kubemanager_1 ... done
Removing kubemanager_node-init_1   ... done
Creating kubemanager_node-init_1 ... done
Creating kubemanager_kubemanager_1 ... done

Now the global FIP pool is specified for the cluster.

Note: In all three scopes, FIP is automatically allocated and associated only to service and ingress objects. If the FIP has to be associated to a POD, it has to be done manually.

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search