openshift · jab-rh · Aug 22, 2024 · Apr 18, 2025 · May 15, 2025 · May 16, 2025
diff --git a/_topic_maps/_topic_map.yml b/_topic_maps/_topic_map.yml
@@ -1721,6 +1721,15 @@ Topics:
     File: metallb-troubleshoot-support
 - Name: Associating secondary interfaces metrics to network attachments
   File: associating-secondary-interfaces-metrics-to-network-attachments
+- Name: Route advertisements
+  Dir: route_advertisements
+  Topics:
+  - Name: About route advertisements
+    File: about-route-advertisements
+  - Name: Configuring route advertisements
+    File: configuring-route-advertisements
+  - Name: Example route advertisements setup
+    File: example-route-advertisement-setup
 ---
 Name: Storage
 Dir: storage

diff --git a/images/524-openshift-bgp-ovn-k8s-no-vpn-0325.png b/images/524-openshift-bgp-ovn-k8s-no-vpn-0325.png
diff --git a/images/524-openshift-bgp-ovn-k8s-vrf-lite-0325.png b/images/524-openshift-bgp-ovn-k8s-vrf-lite-0325.png
diff --git a/modules/nw-operator-cr.adoc b/modules/nw-operator-cr.adoc
@@ -199,6 +199,14 @@ endif::operator[]
 |`object`
 |Specify a configuration object for customizing network policy audit logging. If unset, the defaults audit log settings are used.
 
+|`routeAdvertisements`
+|`string`
+a|Specifies whether to advertise cluster network routes. The default value is `Disabled`.
+--
+- `Enabled`: Apply routing configured in `RouteAdvertisements` objects.
+- `Disabled`: Do not provide any additional routing capabilities.
+--
+
 |`gatewayConfig`
 |`object`
 |Optional: Specify a configuration object for customizing how egress traffic is sent to the node gateway.

diff --git a/modules/nw-route-advertisements-config.adoc b/modules/nw-route-advertisements-config.adoc
@@ -0,0 +1,66 @@
+// Module included in the following assemblies:
+//
+// * networking/route_advertisements/configuring-route-advertisements.adoc
+
+:_mod-docs-content-type: PROCEDURE
+[id="nw-route-advertisements-config_{context}"]
+= Configuring route advertisements
+
+As a cluster administrator, you can enable or disable additional routing support for your cluster.
+
+[id="enabling-bgp-routing-support_{context}"]
+== Enabling additional routing support
+
+As a cluster administrator, additional routing support for your cluster.
+
+.Prerequisites
+
+* Install the OpenShift CLI (`oc`).
+* Log in to the cluster with a user with `cluster-admin` privileges.
+* Cluster is installed on bare-metal infrastructure.
+
+.Procedure
+
+. To enable a routing provider and additional route advertisements, enter the following command:
++
+[source,terminal]
+----
+$ oc patch Network.operator.openshift.io cluster --type=merge \
+  -p='{
+    "spec": {
+      "additionalRoutingCapabilities": {
+        "providers": ["FRR"]
+        },
+        "defaultNetwork": {
+          "ovnKubernetesConfig": {
+            "routeAdvertisements": "Enabled"
+    }}}}'
+----
+
+[id="disabling-bgp-routing-support_{context}"]
+== Disabling additional routing support
+
+As a cluster administrator, you can disable additional route advertisements for your cluster.
+
+.Prerequisites
+
+* Install the OpenShift CLI (`oc`).
+* Log in to the cluster with a user with `cluster-admin` privileges.
+* Cluster is installed on bare-metal infrastructure.
+
+.Procedure
+
+* To disable additional routing support, enter the following command:
++
+[source,terminal]
+----
+$ oc patch network.operator cluster -p '{
+  "spec": {
+    "defaultNetwork": {
+      "ovnKubernetesConfig": {
+        "routeAdvertisements": "Disabled"
+      }
+    }
+  }
+}'
+----
diff --git a/modules/nw-routeadvertisements-about.adoc b/modules/nw-routeadvertisements-about.adoc
@@ -0,0 +1,81 @@
+// Module included in the following assemblies:
+//
+// * networking/route_advertisements/about-route-advertisements.adoc
+
+:_mod-docs-content-type: CONCEPT
+[id="nw-routeadvertisements-about_{context}"]
+= Import and export pod network routes with Border Gateway Protocol
+
+With route advertisements enabled, the OVN-Kubernetes network plugin supports directly advertising routes within the cluster and to the provider network.
+
+For example, routes are dynamically discovered. This eliminates the need to manually configure routes on each node. Routing for cluster user-defined networks can be announced to the provider network, avoiding manual configuration steps.
+
+[id="supported-platforms_{context}"]
+== Supported platforms
+
+Advertising routes with BGP is supported on the following infrastructure types:
+
+- Bare-metal
+- {vmw-full} on-premise
+
+[id="prerequisites_{context}"]
+== Prerequisites
+
+To use route advertisements, you must have configured BGP for your network infrastructure. Outages or misconfigurations of your network infrastructure might cause disruptions to your cluster network.
+
+[id="cluster-network-operator_{context}"]
+== Cluster Network Operator configuration
+
+The Cluster Network Operator (CNO) API exposes several fields to configure additional routing capabilities:
+
+- `spec.additionalRoutingCapabilities.providers`: Specifies an additional routing provider, which is required to advertise routes. The only supported value is `FRR`. Enables deployment of the FRR-K8S daemon for the cluster. When enabled, the FRR-K8S daemon is deployed on all nodes.
+- `spec.defaultNetwork.ovnKubernetesConfig.routeAdvertisements`: Enables route advertisements for the default cluster network and cluster user-defined networks. The `spec.additionalRoutingCapabilities` field must be set to `FRR` to enable this feature.
+
+[id="compatibility-with-other-networking-features_{context}"]
+== Compatibility with other networking features
+
+Route advertisements support the following {product-title} Networking features:
+
+Multiple external gateways::
+--
+When used with multiple external gateways (MEG) as implemented with the `AdminPolicyBasedExternalRoute` CR, there are several potential interactions:
+
+- When BGP discovers routes to next hops, there can overlap with gateways configured with MEG or AdminPolicyBasedExternalRoute CRs. The behavior for this is undefined.
+--
+
+EgressIPs::
+Supports the use of EgressIPs. The node where an egress IP address resides advertises the EgressIP. An egress IP address does not need to be on the same layer 2 network subnet as the egress node, because do not rely on gratuitous ARP (GARP).
+
+Services::
+Works in concert with the MetalLB Operator to advertise services to the provider network.
+
+Egress service::
+Full support.
+
+Egress firewall::
+Full support.
+
+Egress QoS::
+Full support.
+
+Network policies::
+Full support.
+
+Direct pod ingress::
+Full support for the default cluster network and user-defined networks.
+
+[id="considerations-for-use-with-the-metallb-operator_{context}"]
+== Considerations for use with the MetalLB Operator
+
+The MetalLB Operator is installed as an add-on to the cluster. Deployment of the MetalLB Operator automatically enables FRR-K8s as an additional routing capability provider and uses the FRR-K8s daemon installed by this feature.
+
+[id="bgp-routing-custom-resources_{context}"]
+== BGP routing custom resources
+
+The following custom resources (CRs) are used to configure route advertisements with BGP:
+
+`RouteAdvertisements`::
+This custom resource defines the advertisements for the BGP routing. From this CR the OVN-Kubernetes controller generates a `FRRConfiguration` object that configures the FRR daemon to advertise the routes. This CR is cluster scoped.
+
+`FRRConfiguration`::
+This custom resource defines the FRR configuration for BGP routing. This CR is namespaced.