Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support bridging and VLAN network for Pod secondary interfaces #5278

Closed
jianjuns opened this issue Jul 20, 2023 · 4 comments · Fixed by #5998
Closed

Support bridging and VLAN network for Pod secondary interfaces #5278

jianjuns opened this issue Jul 20, 2023 · 4 comments · Fixed by #5998
Assignees
@jianjuns
Labels
area/component/cni Issues or PRs related to the cni component area/interface Issues or PRs related to network interfaces area/secondary-network Issues or PRs related to support for secondary networks in Antrea kind/design Categorizes issue or PR as related to design.

Comments

@jianjuns
Copy link
Contributor

jianjuns commented Jul 20, 2023
edited
Loading

Describe what you are trying to solve
For Pod secondary interfaces, an important use case is to connect them to a separate network through a separate physical interface on the host, and even connect them to VLANs. Antrea now already has "alpha" support of SR-IOV secondary network, and naturally we can extend the secondary network support to bridging and VLAN networks.

Describe the solution you have in mind
As Antrea uses OVS for Pod networking, it will not be hard to connect secondary interfaces to a separate OVS bridge with one or multiple physical interfaces, and VLAN tagging can also be configured on the OVS ports to connect secondary interfaces to VLANs.

In antrea-agent.conf, we can add OVS bridge configuration for users to define the OVS bridge(s) for secondary networks. The OVS bridges will be automatically created and configured by antrea-agent. We may start from supporting only one bridge and one physical interface on the bridge, but for future extensions we can define a list of bridges each can be configured with a list of physical interfaces.

secondaryNetwork:
  ovsBridges: [{"bridgeName": "br2", "physicalInterfaces": ["eth1"]}]

Like SR-IOV network, we will still leverage network-attachment-definitions.k8s.cni.cncf.io for users to configure a bridging/VLAN network for Pods. For example:

---
apiVersion: "k8s.cni.cncf.io/v1"
kind: NetworkAttachmentDefinition
metadata:
  name: virtual-net1
spec:
  config: '{
      "cniVersion": "0.3.0",
      "type": "antrea",
      "networkType": "vlan",
      "mtu": 9000,
      "vlan": 100,
      "ipam": {
        "type": "antrea-ipam",
        "ippool": "vlan100-subnet"
      }
    }'

vlanID defaults to 0 if not specified. The first OVS bridge in the secondary network configuration will be used, if bridge is not specified.
@jianjuns jianjuns added the kind/design Categorizes issue or PR as related to design. label Jul 20, 2023
@jianjuns jianjuns self-assigned this Jul 20, 2023
@jianjuns jianjuns added area/component/cni Issues or PRs related to the cni component area/interface Issues or PRs related to network interfaces labels Jul 20, 2023
@jianjuns jianjuns mentioned this issue Jul 20, 2023
Merged
@jianjuns
Copy link
Contributor Author

@meibensteiner

@meibensteiner
Copy link

Amazing. That would absolutely fullfill my usecase.
Just one question since the edge nodes I plan to use this feature on only have one 2.5g interface:

...a separate network through a separate physical interface on the host, and...

Will two physical interfaces be required for this to work?

@jianjuns
Copy link
Contributor Author

@meibensteiner Good to know the proposal works for your use case.

If the Node has only one NIC, we need to attach the NIC to secondary OVS bridge. It should work if we probably copy all IP/route settings from the NIC to the bridge. In your case, do you have any special network configuration for the NIC interface, or any network manager (e.g. RHEL network manager) manages its configuration?

@meibensteiner
Copy link

In the current phase its just networkd and netplan.

@jianjuns jianjuns mentioned this issue Aug 8, 2023
Merged
@jianjuns jianjuns mentioned this issue Aug 22, 2023
Merged
@antoninbas antoninbas mentioned this issue Oct 25, 2023
Closed
@jianjuns jianjuns mentioned this issue Oct 27, 2023
Open
@john5985 john5985 mentioned this issue Nov 10, 2023
Closed
@jianjuns jianjuns mentioned this issue Nov 20, 2023
Closed
@antoninbas antoninbas added the area/secondary-network Issues or PRs related to support for secondary networks in Antrea label Nov 20, 2023
This was referenced Nov 27, 2023
Merged
Merged
This was referenced Feb 17, 2024
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jianjuns jianjuns

Labels
area/component/cni Issues or PRs related to the cni component area/interface Issues or PRs related to network interfaces area/secondary-network Issues or PRs related to support for secondary networks in Antrea kind/design Categorizes issue or PR as related to design.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Save secondary network interfaces in InterfaceStore jianjuns/antrea
3 participants
@antoninbas @jianjuns @meibensteiner