openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
c0fed979376f94096f9e9da66848fe0239a9ea40
openshift-docs/modules/nw-multus-bridge-object.adoc

167 lines
5.0 KiB
Plaintext
Raw Blame History

// Module included in the following assemblies:
//
// * networking/multiple_networks/configuring-additional-network.adoc
// * microshift_networking/microshift_multiple_networks/microshift_cni_multus.adoc
:_mod-docs-content-type: REFERENCE
[id="nw-multus-bridge-object_{context}"]
= Configuration for a bridge additional network
The following object describes the configuration parameters for the Bridge CNI plugin:
.Bridge CNI plugin JSON configuration object
[cols=".^2,.^2,.^6",options="header"]
|====
|Field|Type|Description
ifndef::microshift[]
|`cniVersion`
|`string`
|The CNI specification version. The `0.3.1` value is required.
|`name`
|`string`
|The value for the `name` parameter you provided previously for the CNO configuration.
endif::microshift[]
ifdef::microshift[]
|`cniVersion`
|`string`
|The CNI specification version. The `0.4.0` value is required.
endif::microshift[]
|`type`
|`string`
|The name of the CNI plugin to configure: `bridge`.
|`ipam`
|`object`
|The configuration object for the IPAM CNI plugin. The plugin manages IP address assignment for the attachment definition.
|`bridge`
|`string`
|Optional: Specify the name of the virtual bridge to use. If the bridge interface does not exist on the host, it is created. The default value is `cni0`.
|`ipMasq`
|`boolean`
|Optional: Set to `true` to enable IP masquerading for traffic that leaves the virtual network. The source IP address for all traffic is rewritten to the bridge's IP address. If the bridge does not have an IP address, this setting has no effect. The default value is `false`.
|`isGateway`
|`boolean`
|Optional: Set to `true` to assign an IP address to the bridge. The default value is `false`.
|`isDefaultGateway`
|`boolean`
|Optional: Set to `true` to configure the bridge as the default gateway for the virtual network. The default value is `false`. If `isDefaultGateway` is set to `true`, then `isGateway` is also set to `true` automatically.
|`forceAddress`
|`boolean`
|Optional: Set to `true` to allow assignment of a previously assigned IP address to the virtual bridge. When set to `false`, if an IPv4 address or an IPv6 address from overlapping subsets is assigned to the virtual bridge, an error occurs. The default value is `false`.
|`hairpinMode`
|`boolean`
|Optional: Set to `true` to allow the virtual bridge to send an Ethernet frame back through the virtual port it was received on. This mode is also known as _reflective relay_. The default value is `false`.
|`promiscMode`
|`boolean`
|Optional: Set to `true` to enable promiscuous mode on the bridge. The default value is `false`.
ifndef::microshift[]
|`vlan`
|`string`
|Optional: Specify a virtual LAN (VLAN) tag as an integer value. By default, no VLAN tag is assigned.
|`preserveDefaultVlan`
|`string`
|Optional: Indicates whether the default vlan must be preserved on the `veth` end connected to the bridge. Defaults to true.
|`vlanTrunk`
|`list`
|Optional: Assign a VLAN trunk tag. The default value is `none`.
endif::microshift[]
|`mtu`
|`integer`
|Optional: Set the maximum transmission unit (MTU) to the specified value. The default value is automatically set by the kernel.
|`enabledad`
|`boolean`
|Optional: Enables duplicate address detection for the container side `veth`. The default value is `false`.
|`macspoofchk`
|`boolean`
|Optional: Enables mac spoof check, limiting the traffic originating from the container to the mac address of the interface. The default value is `false`.
|====
ifndef::microshift[]
[NOTE]
====
The VLAN parameter configures the VLAN tag on the host end of the `veth` and also enables the `vlan_filtering` feature on the bridge interface.
====
[NOTE]
====
To configure an uplink for an L2 network, you must allow the VLAN on the uplink interface by using the following command:
[source,terminal]
----
$ bridge vlan add vid VLAN_ID dev DEV
----
====
[id="nw-multus-bridge-config-example_{context}"]
== Bridge CNI plugin configuration example
The following example configures an additional network named `bridge-net`:
[source,json]
----
{
"cniVersion": "0.3.1",
"name": "bridge-net",
"type": "bridge",
"isGateway": true,
"vlan": 2,
"ipam": {
"type": "dhcp"
}
}
----
endif::microshift[]
ifdef::microshift[]
[id="microshift-nw-multus-bridge-config-example_{context}"]
== Bridge CNI plugin configuration example
The following example configures an additional network named `bridge-conf` for use with the {microshift-short} Multus CNI:
[source,json]
----
apiVersion: "k8s.cni.cncf.io/v1"
kind: NetworkAttachmentDefinition
metadata:
name: bridge-conf
spec:
config: '{
"cniVersion": "0.4.0",
"type": "bridge",
"bridge": "test-bridge",
"mode": "bridge",
"ipam": {
"type": "host-local",
"ranges": [
[
{
"subnet": "10.10.0.0/16",
"rangeStart": "10.10.1.20",
"rangeEnd": "10.10.3.50",
"gateway": "10.10.0.254"
}
]
],
"dataDir": "/var/lib/cni/test-bridge"
}
}'
----
endif::microshift[]
View Git Blame Copy Permalink