CNV-37050: OVN-K secondary network IP address management

Author: Shikha Jhala

modules/virt-creating-layer2-nad-cli.adoc

@@ -30,21 +30,22 @@ spec:
             "name": "my-namespace-l2-network", <2>
             "type": "ovn-k8s-cni-overlay", <3>
             "topology":"layer2", <4>
-            "mtu": 1300, <5>
-            "netAttachDefName": "my-namespace/l2-network" <6>
+            "subnets": "10.100.200.0/24", <5>
+            "mtu": 1300, <6>
+            "netAttachDefName": "my-namespace/l2-network", <7>
+            "excludeSubnets": "10.100.200.0/29" , <8>
+            "allowPersistentIPs": "true" <9>
     }
 ----
 <1> The CNI specification version. The required value is `0.3.1`.
 <2> The name of the network. This attribute is not namespaced. For example, you can have a network named `l2-network` referenced from two different `NetworkAttachmentDefinition` objects that exist in two different namespaces. This feature is useful to connect VMs in different namespaces.
 <3> The name of the CNI plug-in to be configured. The required value is `ovn-k8s-cni-overlay`.
 <4> The topological configuration for the network. The required value is `layer2`.
-<5> Optional: The maximum transmission unit (MTU) value. The default value is automatically set by the kernel.
-<6> The value of the `namespace` and `name` fields in the `metadata` stanza of the `NetworkAttachmentDefinition` object.
-+
-[NOTE]
-====
-The above example configures a cluster-wide overlay without a subnet defined. This means that the logical switch implementing the network only provides layer 2 communication. You must configure an IP address when you create the virtual machine by either setting a static IP address or by deploying a DHCP server on the network for a dynamic IP address.
-====
+<5> Optional: A comma-separated list of subnets. If you specify multiple subnets, IP addresses are assigned from each subnet. When the `subnets` field is omitted, the logical switch implementing the network only provides layer 2 communication. You must configure an IP address when you create the VM by either setting a static IP address or by deploying a DHCP server on the network for a dynamic IP address.
+<6> Optional: The maximum transmission unit (MTU) value. The default value is automatically set by the kernel.
+<7> The value of the `namespace` and `name` fields in the `metadata` stanza of the `NetworkAttachmentDefinition` object.
+<8> Optional: A comma-separated list of CIDRs and IP addresses. IP addresses are removed from the assignable IP address pool and are not passed to the pods.
+<9> Optional: When set to `true`, the assigned IP addresses persist in an `IPClaims` object. These IP addresses are reused by other pods, if requested. This works only if the `subnets` attribute is also defined.
 
 . Apply the manifest:
 +

modules/virt-creating-localnet-nad-cli.adoc

@@ -32,14 +32,20 @@ spec:
             "name": "localnet-network", <2>
             "type": "ovn-k8s-cni-overlay", <3>
             "topology": "localnet", <4>
-            "netAttachDefName": "default/localnet-network" <5>
+            "subnets": "202.10.130.112/28", <5>
+            "netAttachDefName": "default/localnet-network", <6>
+            "excludeSubnets": "10.100.200.0/29", <7>
+            "allowPersistentIPs": "true" <8>
     }
 ----
 <1> The CNI specification version. The required value is `0.3.1`.
 <2> The name of the network. This attribute must match the value of the `spec.desiredState.ovn.bridge-mappings.localnet` field of the `NodeNetworkConfigurationPolicy` object that defines the OVS bridge mapping.
 <3> The name of the CNI plug-in to be configured. The required value is `ovn-k8s-cni-overlay`.
 <4> The topological configuration for the network. The required value is `localnet`.
-<5> The value of the `namespace` and `name` fields in the `metadata` stanza of the `NetworkAttachmentDefinition` object.
+<5> Optional: A comma-separated list of subnets. If you specify multiple subnets, IP addresses are assigned from each subnet.
+<6> The value of the `namespace` and `name` fields in the `metadata` stanza of the `NetworkAttachmentDefinition` object.
+<7> Optional: A comma-separated list of CIDRs and IP addresses. IP addresses are removed from the assignable IP address pool and are not passed to the pods. 
+<8> Optional: When set to `true`, the assigned IP addresses persist in an `IPClaims` object. These IP addresses are reused by other pods, if requested. This works only if the `subnets` attribute is also defined.
 
 . Apply the manifest:
 +

virt/vm_networking/virt-connecting-vm-to-ovn-secondary-network.adoc

@@ -21,7 +21,7 @@ endif::openshift-rosa,openshift-dedicated[]
 
 To configure an OVN-Kubernetes secondary network and attach a VM to that network, perform the following steps:
 
-. xref:../../virt/vm_networking/virt-connecting-vm-to-ovn-secondary-network.adoc#virt-connecting-vm-to-ovn-secondary-network[Configure an OVN-Kubernetes secondary network] by creating a network attachment definition (NAD).
+. xref:../../virt/vm_networking/virt-connecting-vm-to-ovn-secondary-network.adoc#creating-ovn-nad_virt-connecting-vm-to-ovn-secondary-network[Configure an OVN-Kubernetes secondary network] by creating a network attachment definition (NAD).
 ifndef::openshift-rosa,openshift-dedicated[]
 +
 [NOTE]
@@ -30,17 +30,16 @@ For localnet topology, you must xref:../../networking/multiple_networks/configur
 ====
 endif::openshift-rosa,openshift-dedicated[]
 
-. xref:../../virt/vm_networking/virt-connecting-vm-to-ovn-secondary-network.adoc#attaching-vm-to-ovn-secondary-nw[Connect the VM to the OVN-Kubernetes secondary network] by adding the network details to the VM specification.
+. xref:../../virt/vm_networking/virt-connecting-vm-to-ovn-secondary-network.adoc#virt-attaching-vm-to-ovn-secondary-nw-cli_virt-connecting-vm-to-ovn-secondary-network[Connect the VM to the OVN-Kubernetes secondary network] by adding the network details to the VM specification.
 
 [id="creating-ovn-nad_{context}"]
 == Creating an OVN-Kubernetes NAD
 
-You can create an OVN-Kubernetes layer 2 or localnet network attachment definition (NAD) by using the {product-title} web console or the CLI.
+You can create an OVN-Kubernetes layer 2 or localnet network attachment definition (NAD) by using the {product-title} web console or the CLI. For both layer 2 and localnet topologies, you can configure IP address management (IPAM) in a NAD for virtual machines. Hot plugging and hot unplugging is not supported for interfaces that use IPAM.
 
-[NOTE]
-====
-Configuring IP address management (IPAM) in a network attachment definition for virtual machines is not supported.
-====
+
+:FeatureName: Configuring IPAM in a network attachment definition for VMs
+include::snippets/technology-preview.adoc[]
 
 include::modules/virt-creating-layer2-nad-cli.adoc[leveloffset=+2]
 
@@ -50,7 +49,7 @@ include::modules/virt-creating-nad-l2-overlay-console.adoc[leveloffset=+2]
 
 include::modules/virt-creating-nad-localnet-console.adoc[leveloffset=+2]
 
-[id="attaching-vm-to-ovn-secondary-nw"]
+[id="attaching-vm-to-ovn-secondary-nw_{context}"]
 == Attaching a virtual machine to the OVN-Kubernetes secondary network
 
 You can attach a virtual machine (VM) to the OVN-Kubernetes secondary network interface by using the {product-title} web console or the CLI.
@@ -60,7 +59,7 @@ include::modules/virt-attaching-vm-to-ovn-secondary-nw-cli.adoc[leveloffset=+2]
 
 ifndef::openshift-rosa,openshift-dedicated[]
 [role="_additional-resources"]
-[id="additional-resources_virt-connecting-vm-to-ovn-secondary-network"]
+[id="additional-resources_{context}"]
 == Additional resources
 * xref:../../networking/multiple_networks/configuring-additional-network.adoc#configuration-ovnk-additional-networks_configuring-additional-network[Configuration for an OVN-Kubernetes additional network]
 * xref:../../networking/k8s_nmstate/k8s-nmstate-about-the-k8s-nmstate-operator.adoc#k8s-nmstate-about-the-k8s-nmstate-operator[About the Kubernetes NMState Operator]