-
Cloud-Init application in different ways
-
VMs with Firewall using overlay networks
We’ll reuse the code from the GitOps catalog to install the operator, and then provide our own Hyperconverged resource to instantiate, or configure, the operator.
oc apply -k virtualization/operator/base
oc apply -k virtualization/instance/baseSee Networking
An OpenShift Template can be used to make the writing of NNCPs a bit more repeatable and fault tolerant. As with most things in life, being organized and consistent is very important in networking. Please don’t write a one-off NNCP. Nothing (very little) is ever "one-off".
Template to create a node network configuration policy.
Some generated NNCPs can be found here networking/components and here.
Because it is common to have different cluster Nodes allocated for different workloads, this template uses NODE_SELECTOR_KEY and NODE_SELECTOR_VALUE parameters to target the nodes which are expected to provide networking for virtual machines. This example uses the machineset used to provision the hypervisor nodes.
Attachment to a network is gated by a namespace scoped NetworkAttachmentDefinition resource used by Multus via annotations on pods.
Network attachment definitions in the 'default' namespace are visible to all other namespaces by default. As a cluster administrator you may wish to restrict access by defining attachments in specific user namespaces. Because only an admin may create the NAD it may make sense to place them all in 'default'.
Associating a network to an ovs-bridge requires a mapping defined via an NNCP. The template above creates a NNCP and a NAD for each VLAN.
Take a peek at this networking diagram for a sense of how the NNCP and NAD will fit together.
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
creationTimestamp: "2023-02-07T16:41:54Z"
generation: 1
labels:
operators.coreos.com/node-maintenance-operator.openshift-operators: ""
name: node-maintenance-operator
namespace: openshift-operators
spec:
channel: stable
installPlanApproval: Automatic
name: node-maintenance-operator
source: redhat-operators
sourceNamespace: openshift-marketplace
---
# necessary?
apiVersion: operators.coreos.com/v1
kind: OperatorGroup
metadata:
name: node-maintenance-operator
namespace: openshift-operatorsCreate a maintenance and VM live migrated great
And Self Node Remediation Operator
-
create a NHC
apiVersion: remediation.medik8s.io/v1alpha1
kind: NodeHealthCheck
metadata:
name: cnv-nodehealthcheck
spec:
minHealthy: 51%
remediationTemplate:
apiVersion: self-node-remediation.medik8s.io/v1alpha1
kind: SelfNodeRemediationTemplate
name: self-node-remediation-resource-deletion-template
namespace: openshift-operators
selector:
matchLabels:
machine.openshift.io/cluster-api-machineset: hub-q4jtr-cnv
unhealthyConditions:
#- duration: 60s
- duration: 300s
status: 'False'
type: Ready
- duration: 300s
status: Unknown
type: ReadyDetails on migration from VMware to OpenShift Virtualization.
-
https://github.com/openshift/network-tools/blob/master/docs/user.md
-
How to create VLAN interface for VMs in OpenShift Virtualization? - When using Linux Bridge as opposed to OVS Bridge