How to Configure Linux bridge NAD , When nodes have different NIC names?
Environment
OpenShift Container Platform 4.16+
OpenShift Virtualization 4.16+
Issue
- node-01 having external interface with name enp1s0
- node-02 having external interface with name enp8s0
Resolution
-
To configure a Linux-bridge NAD when nodes have different NIC names, you must create a separate NodeNetworkConfigurationPolicy(NNCP) for each node.
-
First we have to label nodes. Labels are key-value pair, key and value should be anything
$ oc label node/node-01 external-network=tier <==== node-01 label
$ oc label node/node-02 external-network=app <==== node-02 label
- Choose same Bridge interface name in both NNCP configuration
- node-01 nncp configuration
apiVersion: nmstate.io/v1beta1
kind: NodeNetworkConfigurationPolicy
metadata:
name: <br1-eth1-policy>
spec:
nodeSelector:
external-network: tier <===== node-01 label
desiredState:
interfaces:
- name: br1 <==== bridge name
description: Linux bridge with eth1 as a port 4
type: linux-bridge
state: up
ipv4:
dhcp: true
enabled: true
bridge:
options:
stp:
enabled: false
port:
- name: enp1s0 <==== NIC name
- node-02 nncp configuration
apiVersion: nmstate.io/v1beta1
kind: NodeNetworkConfigurationPolicy
metadata:
name: <br1-eth1-policy>
spec:
nodeSelector:
external-network: app <==== node-02 label
desiredState:
interfaces:
- name: br1 <==== bridge name
description: Linux bridge with eth1 as a port 4
type: linux-bridge
state: up
ipv4:
dhcp: true
enabled: true
bridge:
options:
stp:
enabled: false
port:
- name: enp8s0 <==== NIC name
- Configure Linux-bridge NAD by using the bridge name which is created by NNCP.
apiVersion: "k8s.cni.cncf.io/v1"
kind: NetworkAttachmentDefinition
metadata:
name: bridge-network
namespace: default <=== name of the <namespace-name> where NAD should create
annotations:
k8s.v1.cni.cncf.io/resourceName: bridge.network.kubevirt.io/br1
spec:
config: |
{
"cniVersion": "0.3.1",
"name": "bridge-network",
"type": "bridge",
"bridge": "br1", <==== bridge-name
"macspoofchk": false,
"vlan": 100,
"preserveDefaultVlan": false
}
- In this case, Network Attachment Definition was created in the default namespace. Verify using the following command.
$ oc get net-attach-def -n default
NAMESPACE NAME
default nad-written-stingray
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments