openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
enterprise-4.21
openshift-docs/modules/node-network-configuration-policy-file.adoc
Steven Smith d009f78440 Resolves k8s nmstate adv errors
2026-01-21 15:16:22 +00:00

62 lines
3.1 KiB
Plaintext
Raw Permalink Blame History

// Module included in the following assemblies:
//
// * networking/k8s_nmstate/k8s-observing-node-network-state.adoc
:_mod-docs-content-type: CONCEPT
[id="node-network-configuration-policy-file_{context}"]
= About the NodeNetworkConfigurationPolicy manifest file
[role="_abstract"]
A `NodeNetworkConfigurationPolicy` manifest file defines policies that the Kubernetes NMState Operator uses to configure networking for nodes in your {product-title} cluster. You can create, edit, and delete these policies to manage node network configurations.
[IMPORTANT]
====
If you want to apply multiple NNCP CRs to a node, you must create the NNCPs in a logical order that is based on the alphanumeric sorting of the policy names. The Kubernetes NMState Operator continuously checks for a newly created NNCP CR so that the Operator can instantly apply the CR to node. Consider the following logical order issue example:
. You create NNCP 1 for defining the bridge interface that listens on a VLAN port, such as `eth1.1000`.
. You create NNCP 2 for defining the VLAN interface and specify the port for this interface, such as `eth1.1000`.
. You apply NNCP 1 before you apply NNCP 2 to the node.
The node experiences a node connectivity issue because port `eth1.1000` does not exist. As a result, the cluster fails.
====
After you apply a node network policy to a node, the Kubernetes NMState Operator configures the networking configuration for nodes according to the node network policy details.
[WARNING]
====
The following list of interface names are reserved and you cannot use the names with NMstate configurations:
* `br-ext`
* `br-int`
* `br-local`
* `br-nexthop`
* `br0`
* `ext-vxlan`
* `ext`
* `genev_sys_*`
* `int`
* `k8s-*`
* `ovn-k8s-*`
* `patch-br-*`
* `tun0`
* `vxlan_sys_*`
====
You can create an NNCP by using either the {oc-first} or the {product-title} web console. As a postinstallation task you can create an NNCP or edit an existing NNCP.
[NOTE]
====
Before you create an NNCP, ensure that you read the "Example policy configurations for different interfaces" document.
====
If you want to delete an NNCP, you can use the `oc delete nncp` command to complete this action. However, this command does not delete any objects, such as a bridge interface.
Deleting the node network policy that added an interface to a node does not change the configuration of the policy on the node. Similarly, removing an interface does not delete the policy, because the Kubernetes NMState Operator re-adds the removed interface whenever a pod or a node is restarted.
To effectively delete the NNCP, the node network policy, and any interfaces would typically require the following actions:
. Edit the NNCP and remove interface details from the file. Ensure that you do not remove `name`, `state`, and `type` parameters from the file.
. Add `state: absent` under the `interfaces.state` section of the NNCP.
. Run `oc apply -f <nncp_file_name>`. After the Kubernetes NMState Operator applies the node network policy to each node in your cluster, any interface that exists on each node is now marked as _absent_.
. Run `oc delete nncp` to delete the NNCP.
View Git Blame Copy Permalink