Is it possible to switch the existing multi host/environment from IPSEC to VXLAN without totally tearing down the environment and then rebuilding all of the stacks ???
Thanks
With 1.2.x, new concepts have been introduced and the definition of “environment template” includes what network driver you want to use.
You can create a new environment template with VXLAN driver and create a new environment using this. Ideally you would want to use new hosts but you can remove your existing hosts from the other environment and reuse them in this new environment.
Steps:
- Delete the Hosts from the UI of the old environment
- On the hosts, from the CLI:
docker rm -f $(docker ps -qa)
rm -f /var/lib/rancher/state
Ok so from what I am understanding there is no way to upgrade the existing containers and environment to one using VXLAN. You pretty much have to tear down the old one on the host and start up a new one ?
We had good success scaling all services to zero - thus deleting all containers - removing all hosts, deleting ipsec and adding vxlan. After adding the hosts again all we had to do is upgrade the infrastructure stacks (the containers “remembered” the old ipsec configuration) and scaling back the services to the original number of containers to have the environment back as before but with vxlan.
Tested in both test and production environments with rancher v1.6.12.
Regards,
Raffaele and Enrico
I’ve found that it’s easier to just create new environment and redeploy all services. This way I was able to keep old env. in external loadbalancer, the add new one and remove old. Had to do this, because I left MTU to default and new hosts couldn’t connect via IPSEC because of 1460 MTU in GCE.
well, of course it is easier, but if you want to switch a production environment which has 30/40 stacks set up ed and working you don’t want to rebuild everything from scratch
Reusing the same environment to switch between the network plugins is not a good idea. It’s better to create a new environment with VXLAN with the correct/desired settings (including MTU).