Skip to content

CORENET-6092: Layer2 (Cluster) UDN API update #2742

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

CORENET-6092: Layer2 (Cluster) UDN API update #2742

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
200 changes: 200 additions & 0 deletions bindata/network/ovn-kubernetes/common/001-crd.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3209,6 +3209,50 @@ spec:
layer2:
description: Layer2 is the Layer2 topology configuration.
properties:
{{- if .OVN_PRE_CONF_UDN_ADDR_ENABLE }}
defaultGatewayIPs:
description: |-
defaultGatewayIPs specifies the default gateway IP used in the internal OVN topology.

Dual-stack clusters may set 2 IPs (one for each IP family), otherwise only 1 IP is allowed.
This field is only allowed for "Primary" network.
It is not recommended to set this field without explicit need and understanding of the OVN network topology.
When omitted, an IP from network subnet is used.
items:
type: string
x-kubernetes-validations:
- message: IP is invalid
rule: isIP(self)
maxItems: 2
minItems: 1
type: array
x-kubernetes-validations:
- message: When 2 IPs are set, they must be from different IP
families
rule: size(self) != 2 || !isIP(self[0]) || !isIP(self[1]) ||
ip(self[0]).family() != ip(self[1]).family()
infrastructureSubnets:
description: |-
infrastructureSubnets specifies a list of internal CIDR ranges that OVN-Kubernetes will reserve for internal network infrastructure.
Any IP addresses within these ranges cannot be assigned to workloads.
When omitted, OVN-Kubernetes will automatically allocate IP addresses from `subnets` for its infrastructure needs.
When there are not enough available IPs in the provided infrastructureSubnets, OVN-Kubernetes will automatically allocate IP addresses from subnets for its infrastructure needs.
When `reservedSubnets` is also specified the CIDRs cannot overlap.
When `defaultGatewayIPs` is also specified the default gateway IPs must belong to one of the CIDRs.
Each item should be in range of the specified CIDR(s) in `subnets`.
The maximum number of entries allowed is 10.
The format should match standard CIDR notation (for example, "10.128.0.0/16").
This field must be omitted if `subnets` is unset or `ipam.mode` is `Disabled`.
items:
maxLength: 43
type: string
x-kubernetes-validations:
- message: CIDR is invalid
rule: isCIDR(self)
maxItems: 10
minItems: 1
type: array
{{- end }}
ipam:
description: IPAM section contains IPAM-related configuration
for the network.
Expand Down Expand Up @@ -3275,6 +3319,26 @@ spec:
maximum: 65536
minimum: 576
type: integer
{{- if .OVN_PRE_CONF_UDN_ADDR_ENABLE }}
reservedSubnets:
description: |-
reservedSubnets specifies a list of CIDRs reserved for static IP assignment, excluded from automatic allocation.
reservedSubnets is optional. When omitted, all IP addresses in `subnets` are available for automatic assignment.
IPs from these ranges can still be requested through static IP assignment in pod annotations.
Each item should be in range of the specified CIDR(s) in `subnets`.
The maximum number of entries allowed is 25.
The format should match standard CIDR notation (for example, "10.128.0.0/16").
This field must be omitted if `subnets` is unset or `ipam.mode` is `Disabled`.
items:
maxLength: 43
type: string
x-kubernetes-validations:
- message: CIDR is invalid
rule: isCIDR(self)
maxItems: 25
minItems: 1
type: array
{{- end }}
role:
description: |-
Role describes the network role in the pod.
Expand Down Expand Up @@ -3326,6 +3390,42 @@ spec:
is used
rule: '!has(self.subnets) || !has(self.mtu) || !self.subnets.exists_one(i,
isCIDR(i) && cidr(i).ip().family() == 6) || self.mtu >= 1280'
{{- if .OVN_PRE_CONF_UDN_ADDR_ENABLE }}
- message: defaultGatewayIPs is only supported for Primary network
rule: '!has(self.defaultGatewayIPs) || has(self.role) && self.role
== ''Primary'''
- message: defaultGatewayIPs must belong to one of the subnets specified
in the subnets field
rule: '!has(self.defaultGatewayIPs) || self.defaultGatewayIPs.all(ip,
self.subnets.exists(subnet, cidr(subnet).containsIP(ip)))'
- message: defaultGatewayIPs must be specified for all IP families
rule: '!has(self.defaultGatewayIPs) || size(self.defaultGatewayIPs)
== size(self.subnets)'
- message: reservedSubnets must be unset when subnets is unset
rule: '!has(self.reservedSubnets) || has(self.reservedSubnets) &&
has(self.subnets)'
- message: infrastructureSubnets must be unset when subnets is unset
rule: '!has(self.infrastructureSubnets) || has(self.infrastructureSubnets)
&& has(self.subnets)'
- message: defaultGatewayIPs have to belong to infrastructureSubnets
rule: '!has(self.infrastructureSubnets) || !has(self.defaultGatewayIPs)
|| self.defaultGatewayIPs.all(ip, self.infrastructureSubnets.exists(subnet,
cidr(subnet).containsIP(ip)))'
- fieldPath: .reservedSubnets
message: reservedSubnets must be subnetworks of the networks specified
in the subnets field
rule: '!has(self.reservedSubnets) || self.reservedSubnets.all(e,
self.subnets.exists(s, cidr(s).containsCIDR(cidr(e))))'
- fieldPath: .infrastructureSubnets
message: infrastructureSubnets must be subnetworks of the networks
specified in the subnets field
rule: '!has(self.infrastructureSubnets) || self.infrastructureSubnets.all(e,
self.subnets.exists(s, cidr(s).containsCIDR(cidr(e))))'
- message: infrastructureSubnets and reservedSubnets must not overlap
rule: '!has(self.infrastructureSubnets) || !has(self.reservedSubnets)
|| self.infrastructureSubnets.all(infra, !self.reservedSubnets.exists(reserved,
cidr(infra).containsCIDR(reserved) || cidr(reserved).containsCIDR(infra)))'
{{- end }}
layer3:
description: Layer3 is the Layer3 topology configuration.
properties:
Expand Down Expand Up @@ -3619,6 +3719,50 @@ spec:
layer2:
description: Layer2 is the Layer2 topology configuration.
properties:
{{- if .OVN_PRE_CONF_UDN_ADDR_ENABLE }}
defaultGatewayIPs:
description: |-
defaultGatewayIPs specifies the default gateway IP used in the internal OVN topology.

Dual-stack clusters may set 2 IPs (one for each IP family), otherwise only 1 IP is allowed.
This field is only allowed for "Primary" network.
It is not recommended to set this field without explicit need and understanding of the OVN network topology.
When omitted, an IP from network subnet is used.
items:
type: string
x-kubernetes-validations:
- message: IP is invalid
rule: isIP(self)
maxItems: 2
minItems: 1
type: array
x-kubernetes-validations:
- message: When 2 IPs are set, they must be from different
IP families
rule: size(self) != 2 || !isIP(self[0]) || !isIP(self[1])
|| ip(self[0]).family() != ip(self[1]).family()
infrastructureSubnets:
description: |-
infrastructureSubnets specifies a list of internal CIDR ranges that OVN-Kubernetes will reserve for internal network infrastructure.
Any IP addresses within these ranges cannot be assigned to workloads.
When omitted, OVN-Kubernetes will automatically allocate IP addresses from `subnets` for its infrastructure needs.
When there are not enough available IPs in the provided infrastructureSubnets, OVN-Kubernetes will automatically allocate IP addresses from subnets for its infrastructure needs.
When `reservedSubnets` is also specified the CIDRs cannot overlap.
When `defaultGatewayIPs` is also specified the default gateway IPs must belong to one of the CIDRs.
Each item should be in range of the specified CIDR(s) in `subnets`.
The maximum number of entries allowed is 10.
The format should match standard CIDR notation (for example, "10.128.0.0/16").
This field must be omitted if `subnets` is unset or `ipam.mode` is `Disabled`.
items:
maxLength: 43
type: string
x-kubernetes-validations:
- message: CIDR is invalid
rule: isCIDR(self)
maxItems: 10
minItems: 1
type: array
{{- end }}
ipam:
description: IPAM section contains IPAM-related configuration
for the network.
Expand Down Expand Up @@ -3685,6 +3829,26 @@ spec:
maximum: 65536
minimum: 576
type: integer
{{- if .OVN_PRE_CONF_UDN_ADDR_ENABLE }}
reservedSubnets:
description: |-
reservedSubnets specifies a list of CIDRs reserved for static IP assignment, excluded from automatic allocation.
reservedSubnets is optional. When omitted, all IP addresses in `subnets` are available for automatic assignment.
IPs from these ranges can still be requested through static IP assignment in pod annotations.
Each item should be in range of the specified CIDR(s) in `subnets`.
The maximum number of entries allowed is 25.
The format should match standard CIDR notation (for example, "10.128.0.0/16").
This field must be omitted if `subnets` is unset or `ipam.mode` is `Disabled`.
items:
maxLength: 43
type: string
x-kubernetes-validations:
- message: CIDR is invalid
rule: isCIDR(self)
maxItems: 25
minItems: 1
type: array
{{- end }}
role:
description: |-
Role describes the network role in the pod.
Expand Down Expand Up @@ -3737,6 +3901,42 @@ spec:
subnet is used
rule: '!has(self.subnets) || !has(self.mtu) || !self.subnets.exists_one(i,
isCIDR(i) && cidr(i).ip().family() == 6) || self.mtu >= 1280'
{{- if .OVN_PRE_CONF_UDN_ADDR_ENABLE }}
- message: defaultGatewayIPs is only supported for Primary network
rule: '!has(self.defaultGatewayIPs) || has(self.role) && self.role
== ''Primary'''
- message: defaultGatewayIPs must belong to one of the subnets specified
in the subnets field
rule: '!has(self.defaultGatewayIPs) || self.defaultGatewayIPs.all(ip,
self.subnets.exists(subnet, cidr(subnet).containsIP(ip)))'
- message: defaultGatewayIPs must be specified for all IP families
rule: '!has(self.defaultGatewayIPs) || size(self.defaultGatewayIPs)
== size(self.subnets)'
- message: reservedSubnets must be unset when subnets is unset
rule: '!has(self.reservedSubnets) || has(self.reservedSubnets) &&
has(self.subnets)'
- message: infrastructureSubnets must be unset when subnets is unset
rule: '!has(self.infrastructureSubnets) || has(self.infrastructureSubnets)
&& has(self.subnets)'
- message: defaultGatewayIPs have to belong to infrastructureSubnets
rule: '!has(self.infrastructureSubnets) || !has(self.defaultGatewayIPs)
|| self.defaultGatewayIPs.all(ip, self.infrastructureSubnets.exists(subnet,
cidr(subnet).containsIP(ip)))'
- fieldPath: .reservedSubnets
message: reservedSubnets must be subnetworks of the networks specified
in the subnets field
rule: '!has(self.reservedSubnets) || self.reservedSubnets.all(e,
self.subnets.exists(s, cidr(s).containsCIDR(cidr(e))))'
- fieldPath: .infrastructureSubnets
message: infrastructureSubnets must be subnetworks of the networks
specified in the subnets field
rule: '!has(self.infrastructureSubnets) || self.infrastructureSubnets.all(e,
self.subnets.exists(s, cidr(s).containsCIDR(cidr(e))))'
- message: infrastructureSubnets and reservedSubnets must not overlap
rule: '!has(self.infrastructureSubnets) || !has(self.reservedSubnets)
|| self.infrastructureSubnets.all(infra, !self.reservedSubnets.exists(reserved,
cidr(infra).containsCIDR(reserved) || cidr(reserved).containsCIDR(infra)))'
{{- end }}
layer3:
description: Layer3 is the Layer3 topology configuration.
properties:
Expand Down