Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix docs about SecondaryNetwork feature #6837

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Fix docs about SecondaryNetwork feature #6837

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 13 additions & 9 deletions build/charts/antrea/conf/antrea-agent.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,8 +60,9 @@ featureGates:
{{- include "featureGate" (dict "featureGates" .Values.featureGates "name" "Multicluster" "default" false) }}

# Enable support for provisioning secondary network interfaces for Pods (using
# Pod annotations). At the moment, Antrea can only create secondary network
# interfaces using SR-IOV VFs on baremetal Nodes.
# Pod annotations). At the moment, Antrea can create secondary network
# interfaces either using SR-IOV VFs on bare-metal Nodes or veth interfaces
# bridged to the underlay network, with or without VLAN tagging.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What does this sentence "veth interfaces bridged to the underlay network, with or without VLAN tagging" mean?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I checked the implementation of VLAN type and think the secondary network is a veth device connected to an OVS bridge with a pNIC attached, so isn't it essentially "Antrea can create secondary network interfaces using veth interfaces bridged to the underlay network"? "with or without VLAN tagging" means traffic from secondary network interfaces can support both VLAN tagging and non VLAN tagging.

{{- include "featureGate" (dict "featureGates" .Values.featureGates "name" "SecondaryNetwork" "default" false) }}

# Enable managing external IPs of Services of LoadBalancer type.
Expand Down Expand Up @@ -243,7 +244,6 @@ apiPort: {{ .Values.agent.apiPort }}
# Enable metrics exposure via Prometheus. Initializes Prometheus metrics listener.
enablePrometheusMetrics: {{ .Values.agent.enablePrometheusMetrics }}


flowExporter:
{{- with .Values.flowExporter }}
# Enable FlowExporter, a feature used to export polled conntrack connections as
Expand Down Expand Up @@ -458,13 +458,17 @@ auditLogging:
compress: {{ .compress }}
{{- end }}

{{- if .Values.featureGates.SecondaryNetwork }}

# SecondaryNetwork related configurations.
secondaryNetwork:
{{- with .Values.secondaryNetwork }}
# Configuration of OVS bridges for secondary network.
# Configuration of OVS bridges for secondary network. At the moment, at
# most one OVS bridge can be specified. If the specified bridge does not exist
# on the Node, antrea-agent will create it based on the configuration.
# The following configuration specifies an OVS bridge with name "br1" and a
# physical interface "eth1":
# [{bridgeName: "br1", physicalInterfaces: ["eth1"]}]
ovsBridges:
{{- toYaml .ovsBridges | trim | nindent 4 }}
{{- end }}

{{- with .ovsBridges }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}
20 changes: 15 additions & 5 deletions build/yamls/antrea-aks.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4003,8 +4003,9 @@ data:
# Multicluster: false

# Enable support for provisioning secondary network interfaces for Pods (using
# Pod annotations). At the moment, Antrea can only create secondary network
# interfaces using SR-IOV VFs on baremetal Nodes.
# Pod annotations). At the moment, Antrea can create secondary network
# interfaces either using SR-IOV VFs on bare-metal Nodes or veth interfaces
# bridged to the underlay network, with or without VLAN tagging.
# SecondaryNetwork: false

# Enable managing external IPs of Services of LoadBalancer type.
Expand Down Expand Up @@ -4175,7 +4176,6 @@ data:
# Enable metrics exposure via Prometheus. Initializes Prometheus metrics listener.
enablePrometheusMetrics: true


flowExporter:
# Enable FlowExporter, a feature used to export polled conntrack connections as
# IPFIX flow records from each agent to a configured collector. To enable this
Expand Down Expand Up @@ -4363,6 +4363,16 @@ data:
maxAge: 28
# Compress enables gzip compression on rotated files.
compress: true

# SecondaryNetwork related configurations.
secondaryNetwork:
# Configuration of OVS bridges for secondary network. At the moment, at
# most one OVS bridge can be specified. If the specified bridge does not exist
# on the Node, antrea-agent will create it based on the configuration.
# The following configuration specifies an OVS bridge with name "br1" and a
# physical interface "eth1":
# [{bridgeName: "br1", physicalInterfaces: ["eth1"]}]
ovsBridges:
antrea-cni.conflist: |
{
"cniVersion":"0.3.0",
Expand Down Expand Up @@ -5384,7 +5394,7 @@ spec:
kubectl.kubernetes.io/default-container: antrea-agent
# Automatically restart Pods with a RollingUpdate if the ConfigMap changes
# See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
checksum/config: c775d4a79675716893fc1b7b3149fa6fe24d06b56c8d76bbaeea4e8b4013418c
checksum/config: 5dd823245aab41ce7ca74d05693aa96e1537615f6966b6b78879cde5d3a0b215
labels:
app: antrea
component: antrea-agent
Expand Down Expand Up @@ -5622,7 +5632,7 @@ spec:
annotations:
# Automatically restart Pod if the ConfigMap changes
# See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
checksum/config: c775d4a79675716893fc1b7b3149fa6fe24d06b56c8d76bbaeea4e8b4013418c
checksum/config: 5dd823245aab41ce7ca74d05693aa96e1537615f6966b6b78879cde5d3a0b215
labels:
app: antrea
component: antrea-controller
Expand Down
20 changes: 15 additions & 5 deletions build/yamls/antrea-eks.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4003,8 +4003,9 @@ data:
# Multicluster: false

# Enable support for provisioning secondary network interfaces for Pods (using
# Pod annotations). At the moment, Antrea can only create secondary network
# interfaces using SR-IOV VFs on baremetal Nodes.
# Pod annotations). At the moment, Antrea can create secondary network
# interfaces either using SR-IOV VFs on bare-metal Nodes or veth interfaces
# bridged to the underlay network, with or without VLAN tagging.
# SecondaryNetwork: false

# Enable managing external IPs of Services of LoadBalancer type.
Expand Down Expand Up @@ -4175,7 +4176,6 @@ data:
# Enable metrics exposure via Prometheus. Initializes Prometheus metrics listener.
enablePrometheusMetrics: true


flowExporter:
# Enable FlowExporter, a feature used to export polled conntrack connections as
# IPFIX flow records from each agent to a configured collector. To enable this
Expand Down Expand Up @@ -4363,6 +4363,16 @@ data:
maxAge: 28
# Compress enables gzip compression on rotated files.
compress: true

# SecondaryNetwork related configurations.
secondaryNetwork:
# Configuration of OVS bridges for secondary network. At the moment, at
# most one OVS bridge can be specified. If the specified bridge does not exist
# on the Node, antrea-agent will create it based on the configuration.
# The following configuration specifies an OVS bridge with name "br1" and a
# physical interface "eth1":
# [{bridgeName: "br1", physicalInterfaces: ["eth1"]}]
ovsBridges:
antrea-cni.conflist: |
{
"cniVersion":"0.3.0",
Expand Down Expand Up @@ -5384,7 +5394,7 @@ spec:
kubectl.kubernetes.io/default-container: antrea-agent
# Automatically restart Pods with a RollingUpdate if the ConfigMap changes
# See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
checksum/config: c775d4a79675716893fc1b7b3149fa6fe24d06b56c8d76bbaeea4e8b4013418c
checksum/config: 5dd823245aab41ce7ca74d05693aa96e1537615f6966b6b78879cde5d3a0b215
labels:
app: antrea
component: antrea-agent
Expand Down Expand Up @@ -5623,7 +5633,7 @@ spec:
annotations:
# Automatically restart Pod if the ConfigMap changes
# See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
checksum/config: c775d4a79675716893fc1b7b3149fa6fe24d06b56c8d76bbaeea4e8b4013418c
checksum/config: 5dd823245aab41ce7ca74d05693aa96e1537615f6966b6b78879cde5d3a0b215
labels:
app: antrea
component: antrea-controller
Expand Down
20 changes: 15 additions & 5 deletions build/yamls/antrea-gke.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4003,8 +4003,9 @@ data:
# Multicluster: false

# Enable support for provisioning secondary network interfaces for Pods (using
# Pod annotations). At the moment, Antrea can only create secondary network
# interfaces using SR-IOV VFs on baremetal Nodes.
# Pod annotations). At the moment, Antrea can create secondary network
# interfaces either using SR-IOV VFs on bare-metal Nodes or veth interfaces
# bridged to the underlay network, with or without VLAN tagging.
# SecondaryNetwork: false

# Enable managing external IPs of Services of LoadBalancer type.
Expand Down Expand Up @@ -4175,7 +4176,6 @@ data:
# Enable metrics exposure via Prometheus. Initializes Prometheus metrics listener.
enablePrometheusMetrics: true


flowExporter:
# Enable FlowExporter, a feature used to export polled conntrack connections as
# IPFIX flow records from each agent to a configured collector. To enable this
Expand Down Expand Up @@ -4363,6 +4363,16 @@ data:
maxAge: 28
# Compress enables gzip compression on rotated files.
compress: true

# SecondaryNetwork related configurations.
secondaryNetwork:
# Configuration of OVS bridges for secondary network. At the moment, at
# most one OVS bridge can be specified. If the specified bridge does not exist
# on the Node, antrea-agent will create it based on the configuration.
# The following configuration specifies an OVS bridge with name "br1" and a
# physical interface "eth1":
# [{bridgeName: "br1", physicalInterfaces: ["eth1"]}]
ovsBridges:
antrea-cni.conflist: |
{
"cniVersion":"0.3.0",
Expand Down Expand Up @@ -5384,7 +5394,7 @@ spec:
kubectl.kubernetes.io/default-container: antrea-agent
# Automatically restart Pods with a RollingUpdate if the ConfigMap changes
# See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
checksum/config: d5912db1ec029b1a335f401b7bec529db08f165c5a9e96baa2f8a23f336d9f3f
checksum/config: e9ea48fa57cb11513f69a1fb2b44dd3c6cb96aa739598c1db5091ea91f097f4b
labels:
app: antrea
component: antrea-agent
Expand Down Expand Up @@ -5620,7 +5630,7 @@ spec:
annotations:
# Automatically restart Pod if the ConfigMap changes
# See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
checksum/config: d5912db1ec029b1a335f401b7bec529db08f165c5a9e96baa2f8a23f336d9f3f
checksum/config: e9ea48fa57cb11513f69a1fb2b44dd3c6cb96aa739598c1db5091ea91f097f4b
labels:
app: antrea
component: antrea-controller
Expand Down
20 changes: 15 additions & 5 deletions build/yamls/antrea-ipsec.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4016,8 +4016,9 @@ data:
# Multicluster: false

# Enable support for provisioning secondary network interfaces for Pods (using
# Pod annotations). At the moment, Antrea can only create secondary network
# interfaces using SR-IOV VFs on baremetal Nodes.
# Pod annotations). At the moment, Antrea can create secondary network
# interfaces either using SR-IOV VFs on bare-metal Nodes or veth interfaces
# bridged to the underlay network, with or without VLAN tagging.
# SecondaryNetwork: false

# Enable managing external IPs of Services of LoadBalancer type.
Expand Down Expand Up @@ -4188,7 +4189,6 @@ data:
# Enable metrics exposure via Prometheus. Initializes Prometheus metrics listener.
enablePrometheusMetrics: true


flowExporter:
# Enable FlowExporter, a feature used to export polled conntrack connections as
# IPFIX flow records from each agent to a configured collector. To enable this
Expand Down Expand Up @@ -4376,6 +4376,16 @@ data:
maxAge: 28
# Compress enables gzip compression on rotated files.
compress: true

# SecondaryNetwork related configurations.
secondaryNetwork:
# Configuration of OVS bridges for secondary network. At the moment, at
# most one OVS bridge can be specified. If the specified bridge does not exist
# on the Node, antrea-agent will create it based on the configuration.
# The following configuration specifies an OVS bridge with name "br1" and a
# physical interface "eth1":
# [{bridgeName: "br1", physicalInterfaces: ["eth1"]}]
ovsBridges:
antrea-cni.conflist: |
{
"cniVersion":"0.3.0",
Expand Down Expand Up @@ -5397,7 +5407,7 @@ spec:
kubectl.kubernetes.io/default-container: antrea-agent
# Automatically restart Pods with a RollingUpdate if the ConfigMap changes
# See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
checksum/config: 2c369045727db9b1108b3f3aae7f5919f3843f9fcf72ce4dae3d136f35b39b74
checksum/config: 38e19ea8db3838e3f5cff4aaa2684db1586fb457d095ac3ea49e8bf405a04e41
checksum/ipsec-secret: d0eb9c52d0cd4311b6d252a951126bf9bea27ec05590bed8a394f0f792dcb2a4
labels:
app: antrea
Expand Down Expand Up @@ -5679,7 +5689,7 @@ spec:
annotations:
# Automatically restart Pod if the ConfigMap changes
# See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
checksum/config: 2c369045727db9b1108b3f3aae7f5919f3843f9fcf72ce4dae3d136f35b39b74
checksum/config: 38e19ea8db3838e3f5cff4aaa2684db1586fb457d095ac3ea49e8bf405a04e41
labels:
app: antrea
component: antrea-controller
Expand Down
20 changes: 15 additions & 5 deletions build/yamls/antrea.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4003,8 +4003,9 @@ data:
# Multicluster: false

# Enable support for provisioning secondary network interfaces for Pods (using
# Pod annotations). At the moment, Antrea can only create secondary network
# interfaces using SR-IOV VFs on baremetal Nodes.
# Pod annotations). At the moment, Antrea can create secondary network
# interfaces either using SR-IOV VFs on bare-metal Nodes or veth interfaces
# bridged to the underlay network, with or without VLAN tagging.
# SecondaryNetwork: false

# Enable managing external IPs of Services of LoadBalancer type.
Expand Down Expand Up @@ -4175,7 +4176,6 @@ data:
# Enable metrics exposure via Prometheus. Initializes Prometheus metrics listener.
enablePrometheusMetrics: true


flowExporter:
# Enable FlowExporter, a feature used to export polled conntrack connections as
# IPFIX flow records from each agent to a configured collector. To enable this
Expand Down Expand Up @@ -4363,6 +4363,16 @@ data:
maxAge: 28
# Compress enables gzip compression on rotated files.
compress: true

# SecondaryNetwork related configurations.
secondaryNetwork:
# Configuration of OVS bridges for secondary network. At the moment, at
# most one OVS bridge can be specified. If the specified bridge does not exist
# on the Node, antrea-agent will create it based on the configuration.
# The following configuration specifies an OVS bridge with name "br1" and a
# physical interface "eth1":
# [{bridgeName: "br1", physicalInterfaces: ["eth1"]}]
ovsBridges:
antrea-cni.conflist: |
{
"cniVersion":"0.3.0",
Expand Down Expand Up @@ -5384,7 +5394,7 @@ spec:
kubectl.kubernetes.io/default-container: antrea-agent
# Automatically restart Pods with a RollingUpdate if the ConfigMap changes
# See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
checksum/config: ee43fc8c8c5ac8097a757da0545e43b25f98d8f2d831842f7ee76e1ed7581267
checksum/config: 59fb1ea496577015058d4e99e4f64136aa68d5340db13c00ced565da750a22fc
labels:
app: antrea
component: antrea-agent
Expand Down Expand Up @@ -5620,7 +5630,7 @@ spec:
annotations:
# Automatically restart Pod if the ConfigMap changes
# See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
checksum/config: ee43fc8c8c5ac8097a757da0545e43b25f98d8f2d831842f7ee76e1ed7581267
checksum/config: 59fb1ea496577015058d4e99e4f64136aa68d5340db13c00ced565da750a22fc
labels:
app: antrea
component: antrea-controller
Expand Down
4 changes: 2 additions & 2 deletions docs/secondary-network.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ metadata:
data:
antrea-agent.conf: |
secondaryNetwork:
ovsBridges: [{"bridgeName": "br-secondary", "physicalInterfaces": ["eth1"]}]
ovsBridges: [{"bridgeName": "br-secondary", "physicalInterfaces": ["eth1"]}]
```

At the moment, Antrea supports only a single OVS bridge for secondary networks,
Expand Down Expand Up @@ -136,7 +136,7 @@ metadata:
annotations:
k8s.v1.cni.cncf.io/networks: '[
{"name": "vlan100"},
{"name": vlan200, "namespace": "networks", "interface": "eth200"}
{"name": "vlan200", "namespace": "networks", "interface": "eth200"}
]'
spec:
containers:
Expand Down
Loading