9 Enable External Communication Between OCNADD Gateways

Prerequisites

  1. mTLS should be enabled.
  2. External IPs must be used to create the certificates. There will not be any dynamic IP addresses for gateway external communication. Users need to provide static IPs and configure the certificates with these IPs.

OCNADD Gateway External Access in OCCNE LBVM

OCNADD Management Gateway External Access

Update the custom values file ocnadd-management-custom-values.yaml.

Update Management Gateway Parameters

  1. Edit ocnadd-management-custom-values.yaml and update the following parameters:
    ocnaddmanagementgateway.service.externalAccess.enabled: false    # =======> set it to true
ocnaddmanagementgateway.service.externalAccess.enabled.staticLoadBalancer.enabled: false   # =============> set it to true
ocnaddmanagementgateway.service.externalAccess.enabled.staticLoadBalancer.staticIP: x.x.x.x  # ===========> set it to appropriate external load balancer IP
  2. Edit ocnadd-common-custom-values.yaml:
    management_info.management_gateway_ip: x.x.x.x   # ==============> This should be set to the management gateway load balancer IP
  3. If the changes are done as part of installation, continue with the installation steps using the Install guide. Otherwise, continue with the further steps.
  4. Helm Upgrade management group: See Updating Management Group Service Parameters to perform the Helm upgrade.
  5. Verify that ocnaddmanagementgateway service is running with load balancer IPs.

OCNADD Mediation Gateway External Access

Update the custom values file ocnadd-mediation-custom-values.yaml.

Update Mediation Gateway Parameters

  1. Edit ocnadd-mediation-custom-values.yaml and update the following parameters:
    ocnaddmediation.deployment.gwToMgmtGwExternalCommEnabled: false   # =======> set it to true
ocnaddmediation.deployment.mediationGatewayIp: x.x.x.x   # ===========> set it to appropriate external load balancer IP
  2. If the changes are done as part of installation, continue with the installation steps using the Install guide. Otherwise, continue with the further steps.
  3. Helm Upgrade mediation group: See Update Mediation Group Service Parameters to perform the helm upgrade.
  4. Verify that ocnaddmediationgateway service is running with load balancer IPs.

OCNADD Relay Agent Gateway External Access

Update the custom values file ocnadd-relay-agent-custom-values.yaml.

Update Relay Agent Gateway Parameters

  1. Edit ocnadd-relay-agent-custom-values.yaml and update the following parameters:
    ocnaddrelayagent.deployment.gwToMgmtGwExternalCommEnabled: false    =======> set it to true
ocnaddrelayagent.deployment.relayAgentGatewayIp: x.x.x.x   ===========> set it to appropriate external loadbalancer IP
  2. If the changes are done as part of installation, continue with the installation steps using the Install guide. Otherwise, continue with the further steps.
  3. Helm Upgrade relay group: See Update Relay Agent Group Service Parameters to perform the helm upgrade.
  4. Verify that ocnaddrelayagentgateway service is running with load balancer IPs.

OCNADD Gateway External Access in OCCNE CNLB

See Enable OCNADD Gateways External Access in CNLB Enabled Cluster.