apiVersion: sriovnetwork.openshift.io/v1
kind: SriovNetwork
metadata:
name: <name> (1)
namespace: openshift-sriov-network-operator (2)
spec:
networkNamespace: <target_namespace> (3)
ipam: <ipam> (4)
vlan: <vlan> (5)
resourceName: <sriov_resource_name> (6)
linkState: <link_state> (7)
maxTxRate: <max_tx_rate> (8)
minTxRate: <min_rx_rate> (9)
vlanQoS: <vlan_qos> (10)
spoofChk: "<spoof_check>" (11)
trust: "<trust_vf>" (12)
capabilities: <capabilities> (13)
×
Configuring an SR-IOV network attachment
You can configure a network attachment for an Single Root I/O Virtualization (SR-IOV) device in the cluster.
Configuring SR-IOV additional network
You can configure an additional network that uses SR-IOV hardware by creating a SriovNetwork custom resource (CR). When you create a SriovNetwork CR, the SR-IOV Operator automatically creates a NetworkAttachmentDefinition CR.
|
Do not modify or delete a SriovNetwork CR if it is attached to any Pods in the |
Prerequisites
-
Install the OpenShift CLI (
oc). -
Log in as a user with
cluster-adminprivileges.
Procedure
-
Create the following SriovNetwork CR, and then save the YAML in the
<name>-sriov-network.yamlfile. Replace<name>with a name for this additional network.
| 1 | Replace <name> with a name for the CR. The SR-IOV Network Operator creates a NetworkAttachmentDefinition CR with same name. |
||
| 2 | Specify the namespace where the SR-IOV Operator is installed. | ||
| 3 | Optional: Replace <target_namespace> with the namespace where the NetworkAttachmentDefinition CR is created. The default value is openshift-sriov-network-operator. |
||
| 4 | Optional: Replace <ipam> a configuration object for the ipam CNI plug-in as a YAML block scalar. The plug-in manages IP address assignment for the attachment definition. |
||
| 5 | Optional: Replace <vlan> with a Virtual LAN (VLAN) ID for the additional network. The integer value must be from 0 to 4095. The default value is 0. |
||
| 6 | Replace <sriov_resource_name> with the value for the .spec.resourceName parameter from the SriovNetworkNodePolicy CR that defines the SR-IOV hardware for this additional network. |
||
| 7 | Optional: Replace <link_state> with the link state of virtual function (VF). Allowed value are enable, disable and auto. |
||
| 8 | Optional: Replace <max_tx_rate> with a maximum transmission rate, in Mbps, for the VF. |
||
| 9 | Optional: Replace <min_tx_rate> with a minimum transmission rate, in Mbps, for the VF. This value should always be less than or equal to Maximum transmission rate.
|
||
| 10 | Optional: Replace <vlan_qos> with an IEEE 802.1p priority level for the VF. The default value is 0. |
||
| 11 | Optional: Replace <spoof_check> with the spoof check mode of the VF. The allowed values are the strings "on" and "off".
|
||
| 12 | Optional: Replace <trust_vf> with the trust mode of the VF. The allowed values are the strings "on" and "off".
|
||
| 13 | Optional: Replace <capabilities> with the capabilities to configure for this network. You can specify "{ "ips": true }" to enable IP address support or "{ "mac": true }" to enable MAC address support. |
-
To create the CR object, enter the following command. Replace
<name>with a name for this additional network.$ oc create -f <name>-sriov-network.yaml -
Optional: To confirm that the NetworkAttachmentDefinition CR associated with the SriovNetwork CR that you created in the previous step exists, enter the following command. Replace
<namespace>with the namespace you specified in the SriovNetwork CR.$ oc get net-attach-def -n <namespace>
Configuration for ipam CNI plug-in
The ipam Container Network Interface (CNI) plug-in provides IP address management (IPAM) for other CNI plug-ins. You can configure ipam for either static IP address assignment or dynamic IP address assignment by using DHCP. The DHCP server you specify must be reachable from the additional network.
The following JSON configuration object describes the parameters that you can set.
Static IP address assignment configuration
The following JSON describes the configuration for static IP address assignment:
Static assignment configuration
{
"ipam": {
"type": "static",
"addresses": [ (1)
{
"address": "<address>", (2)
"gateway": "<gateway>" (3)
}
],
"routes": [ (4)
{
"dst": "<dst>" (5)
"gw": "<gw>" (6)
}
],
"dns": { (7)
"nameservers": ["<nameserver>"], (8)
"domain": "<domain>", (9)
"search": ["<search_domain>"] (10)
}
}
}| 1 | An array describing IP addresses to assign to the virtual interface. Both IPv4 and IPv6 IP addresses are supported. |
| 2 | An IP address that you specify. |
| 3 | The default gateway to route egress network traffic to. |
| 4 | An array describing routes to configure inside the Pod. |
| 5 | The IP address range in CIDR format. |
| 6 | The gateway where network traffic is routed. |
| 7 | Optional: DNS configuration. |
| 8 | An of array of one or more IP addresses for to send DNS queries to. |
| 9 | The default domain to append to a host name. For example, if the
domain is set to example.com, a DNS lookup query for example-host is
rewritten as example-host.example.com. |
| 10 | An array of domain names to append to an unqualified host name,
such as example-host, during a DNS lookup query. |
Dynamic IP address assignment configuration
The following JSON describes the configuration for dynamic IP address address assignment with DHCP.
|
Renewal of DHCP leases
A Pod obtains its original DHCP lease when it is created. The lease must be periodically renewed by a minimal DHCP server deployment running on the cluster. The SR-IOV Network Operator does not create a DHCP server deployment; The Cluster Network Operator is responsible for creating the minimal DHCP server deployment. To trigger the deployment of the DHCP server, you must create a shim network attachment by editing the Cluster Network Operator configuration, as in the following example: Example shim network attachment definition
|
DHCP assignment configuration
{
"ipam": {
"type": "dhcp"
}
}Configuring static MAC and IP addresses on additional SR-IOV networks
You can configure static MAC and IP addresses on an SR-IOV network by specifying Container Network Interface (CNI) runtimeConfig data in a Pod annotation.
Prerequisites
-
Install the OpenShift CLI (
oc). -
Log in as a user with
cluster-adminprivileges when creating the SriovNetwork CR.
Procedure
-
Create the following SriovNetwork CR, and then save the YAML in the
<name>-sriov-network.yamlfile. Replace<name>with a name for this additional network.apiVersion: sriovnetwork.openshift.io/v1 kind: SriovNetwork metadata: name: <name> (1) namespace: openshift-sriov-network-operator (2) spec: networkNamespace: <target_namespace> (3) ipam: '{ "type": "static" }' (4) capabilities: '{ "mac": true, "ips": true }' (5) resourceName: <sriov_resource_name> (6)1 Replace <name>with a name for the CR. The SR-IOV Network Operator creates a NetworkAttachmentDefinition CR with same name.2 Specify the namespace where the SR-IOV Network Operator is installed. 3 Replace <target_namespace>with the namespace where the NetworkAttachmentDefinition CR is created.4 Specify static type for the ipam CNI plug-in as a YAML block scalar. 5 Specify macandipscapabilitiestotrue.6 Replace <sriov_resource_name>with the value for thespec.resourceNameparameter from the SriovNetworkNodePolicy CR that defines the SR-IOV hardware for this additional network. -
Create the CR by running the following command:
$ oc create -f <filename> (1)1 Replace <filename>with the name of the file you created in the previous step. -
Optional: Confirm that the NetworkAttachmentDefinition CR associated with the SriovNetwork CR that you created in the previous step exists by running the following command. Replace
<namespace>with the namespace you specified in the SriovNetwork CR.$ oc get net-attach-def -n <namespace>
|
Do not modify or delete a SriovNetwork Custom Resource (CR) if it is attached to any Pods in the |
-
Create the following SR-IOV pod spec, and then save the YAML in the
<name>-sriov-pod.yamlfile. Replace<name>with a name for this pod.apiVersion: v1 kind: Pod metadata: name: sample-pod annotations: k8s.v1.cni.cncf.io/networks: '[ { "name": "<name>", (1) "mac": "20:04:0f:f1:88:01", (2) "ips": ["192.168.10.1/24", "2001::1/64"] (3) } ]' spec: containers: - name: sample-container image: <image> imagePullPolicy: IfNotPresent command: ["sleep", "infinity"]1 Specify the name of the SR-IOV network attachment definition CR. 2 Specify the MAC address for the SR-IOV device that is allocated from the resource type defined in the SR-IOV network attachment definition CR. 3 Specify addresses for the SR-IOV device which is allocated from the resource type defined in the SR-IOV network attachment definition CR. Both IPv4 and IPv6 addresses are supported. -
Create the sample SR-IOV pod by running the following command:
$ oc create -f <filename> (1)1 Replace <filename>with the name of the file you created in the previous step. -
Optional: Confirm that
macandipsaddresses are applied to the SR-IOV device by running the following command. Replace<namespace>with the namespace you specified in the SriovNetwork CR.$ oc exec sample-pod -n <namespace> -- ip addr show