OSDOCS-10219: adds multus assembly to MicroShift

_topic_maps/_topic_map_ms.yml

@@ -417,6 +417,11 @@ Topics:
     File: microshift-deleting-network-policy
   - Name: Viewing network policies
     File: microshift-viewing-network-policy
+- Name: Multiple networks
+  Dir: microshift_multiple_networks
+  Topics:
+  - Name: About using multiple networks
+    File: microshift-cni-multus
 - Name: Firewall configuration
   File: microshift-firewall
 - Name: Networking settings for fully disconnected hosts

microshift_networking/microshift_multiple_networks/_attributes

@@ -0,0 +1 @@
+../_attributes

microshift_networking/microshift_multiple_networks/microshift-cni-multus.adoc

@@ -0,0 +1,11 @@
+:_mod-docs-content-type: ASSEMBLY
+[id="microshift-cni-multus"]
+= About using multiple networks
+include::_attributes/attributes-microshift.adoc[]
+:context: microshift-cni-multus
+
+toc::[]
+
+In addition to the default OVN-Kubernetes Container Network Interface (CNI) plugin, {microshift-short} uses the Multus CNI to chain other CNI plugins.
+
+include::modules/microshift-multus-intro.adoc[leveloffset=+1]

microshift_networking/microshift_multiple_networks/modules

@@ -0,0 +1 @@
+../modules

modules/microshift-multus-intro.adoc

@@ -0,0 +1,26 @@
+// Module included in the following assemblies:
+//
+// * microshift_networking/microshift-cni-multus.adoc
+
+:_mod-docs-content-type: CONCEPT
+[id="microshift-multus-intro_{context}"]
+= Additional networks in {microshift-short}
+
+During cluster installation, the _default_ pod network is configured with default values unless you customize the configuration. The default network handles all ordinary network traffic for the cluster. Using the Multus CNI plugin, you can add additional interfaces to pods from other networks. This gives you flexibility when you configure pods that deliver network functionality, such as switching or routing.
+
+[id="additional-network-use-cases"]
+== Use case: Additional networks for network isolation
+
+You can use an additional network in situations where network isolation is needed, including control plane and data plane separation. You can create additional interfaces for pods to connect to that network in addition to a default. For example, you can configure an additional interface if you want pods to access a network on the host and also communicate with devices deployed to the edge that are on an isolated operator network or are periodically disconnected.
+
+Isolating network traffic is useful for the following performance and security reasons:
+
+Performance:: You can send traffic on two different planes to manage the amount of traffic on each plane.
+Security:: You can send sensitive traffic onto a network plane that is managed specifically for security considerations, and you can separate private data that must not be shared between tenants or customers.
+
+[id="additional-network-how-implemented"]
+== How additional networks are implemented
+
+All of the pods in the cluster still use the cluster-wide default network to maintain connectivity across the cluster. Every pod has an `eth0` interface that is attached to the cluster-wide pod network. You can view the interfaces for a pod by using the `oc exec -it <pod_name> \-- ip a` command. If you add additional network interfaces that use Multus CNI, they are named `net1`, `net2`, ..., `netN`.
+
+To attach additional network interfaces to a pod, you must create configurations that define how the interfaces are attached. You specify each interface by using a `NetworkAttachmentDefinition` custom resource (CR). A configuration inside each of these CRs defines how that interface is created.