|
| 1 | +:_mod-docs-content-type: ASSEMBLY |
| 2 | +[id="virt-networking"] |
| 3 | += Networking overview |
| 4 | +include::_attributes/common-attributes.adoc[] |
| 5 | +:context: virt-networking-overview |
| 6 | + |
| 7 | +toc::[] |
| 8 | + |
| 9 | +{VirtProductName} provides advanced networking functionality by using custom resources and plugins. Virtual machines (VMs) are integrated with {product-title} networking and its ecosystem. |
| 10 | + |
| 11 | +include::modules/virt-networking-glossary.adoc[leveloffset=+1] |
| 12 | + |
| 13 | + |
| 14 | +[id="default-network-config"] |
| 15 | +== Using the default pod network |
| 16 | + |
| 17 | +xref:../../virt/vm_networking/virt-connecting-vm-to-default-pod-network.adoc#virt-connecting-vm-to-default-pod-network[Connecting a virtual machine to the default pod network]:: |
| 18 | + |
| 19 | +Each VM is connected by default to the default internal pod network. You can add or remove network interfaces by editing the VM specification. |
| 20 | + |
| 21 | +xref:../../virt/vm_networking/virt-exposing-vm-with-service.adoc#virt-exposing-vm-with-service[Exposing a virtual machine as a service]:: |
| 22 | + |
| 23 | +You can expose a VM within the cluster or outside the cluster by creating a `Service` object. For on-premise clusters, you can configure a load balancing service by using the MetalLB Operator. You can xref:../../networking/metallb/metallb-operator-install.adoc#metallb-operator-install[install the MetalLB Operator] by using the {product-title} web console or the CLI. |
| 24 | + |
| 25 | +[id="secondary-network-config"] |
| 26 | +== Configuring VM secondary network interfaces |
| 27 | + |
| 28 | +xref:../../virt/vm_networking/virt-connecting-vm-to-linux-bridge.adoc#virt-connecting-vm-to-linux-bridge[Connecting a virtual machine to a Linux bridge network]:: |
| 29 | + |
| 30 | +xref:../../networking/k8s_nmstate/k8s-nmstate-about-the-k8s-nmstate-operator.adoc#k8s-nmstate-about-the-k8s-nmstate-operator[Install the Kubernetes NMState Operator] to configure Linux bridges, VLANs, and bondings for your secondary networks. |
| 31 | ++ |
| 32 | +You can create a Linux bridge network and attach a VM to the network by performing the following steps: |
| 33 | + |
| 34 | +. xref:../../virt/vm_networking/virt-connecting-vm-to-linux-bridge.adoc#virt-creating-linux-bridge-nncp_virt-connecting-vm-to-linux-bridge[Configure a Linux bridge network device] by creating a `NodeNetworkConfigurationPolicy` custom resource definition (CRD). |
| 35 | +. xref:../../virt/vm_networking/virt-connecting-vm-to-linux-bridge.adoc#creating-linux-bridge-nad[Configure a Linux bridge network] by creating a `NetworkAttachmentDefinition` CRD. |
| 36 | +. xref:../../virt/vm_networking/virt-connecting-vm-to-linux-bridge.adoc#configuring-vm-network-interface[Connect the VM to the Linux bridge network] by including the network details in the VM configuration. |
| 37 | + |
| 38 | +xref:../../virt/vm_networking/virt-connecting-vm-to-sriov.adoc#virt-connecting-vm-to-sriov[Connecting a virtual machine to an SR-IOV network]:: |
| 39 | + |
| 40 | +You can use Single Root I/O Virtualization (SR-IOV) network devices with additional networks on your {product-title} cluster installed on bare metal or Red Hat OpenStack Platform (RHOSP) infrastructure for applications that require high bandwidth or low latency. |
| 41 | ++ |
| 42 | +You must xref:../../networking/hardware_networks/installing-sriov-operator.adoc#installing-sriov-operator[install the SR-IOV Network Operator] on your cluster to manage SR-IOV network devices and network attachments. |
| 43 | ++ |
| 44 | +You can connect a VM to an SR-IOV network by performing the following steps: |
| 45 | + |
| 46 | +. xref:../../virt/vm_networking/virt-connecting-vm-to-sriov.adoc#nw-sriov-configuring-device_virt-connecting-vm-to-sriov[Configure an SR-IOV network device] by creating a `SriovNetworkNodePolicy` CRD. |
| 47 | +. xref:../../virt/vm_networking/virt-connecting-vm-to-sriov.adoc#nw-sriov-network-attachment_virt-connecting-vm-to-sriov[Configure an SR-IOV network] by creating an `SriovNetwork` object. |
| 48 | +. xref:../../virt/vm_networking/virt-connecting-vm-to-sriov.adoc#virt-attaching-vm-to-sriov-network_virt-connecting-vm-to-sriov[Connect the VM to the SR-IOV network] by including the network details in the VM configuration. |
| 49 | + |
| 50 | + |
| 51 | +xref:../../virt/vm_networking/virt-connecting-vm-to-ovn-secondary-network.adoc#virt-connecting-vm-to-ovn-secondary-network[Connecting a virtual machine to an OVN-Kubernetes secondary network]:: |
| 52 | + |
| 53 | +You can connect a VM to an Open Virtual Network (OVN)-Kubernetes secondary network. To configure an OVN-Kubernetes secondary network and attach a VM to that network, perform the following steps: |
| 54 | + |
| 55 | +. xref:../../virt/vm_networking/virt-connecting-vm-to-ovn-secondary-network.adoc#creating-ovn-layer2-nad[Configure an OVN-Kubernetes secondary network] by creating a `NetworkAttachmentDefinition` CRD. |
| 56 | + |
| 57 | +. xref:../../virt/vm_networking/virt-connecting-vm-to-ovn-secondary-network.adoc#attaching-vm-to-ovn-secondary-nw[Connect the VM to the OVN-Kubernetes secondary network] by adding the network details to the VM specification. |
| 58 | + |
| 59 | +xref:../../virt/vm_networking/virt-hot-plugging-network-interfaces.adoc#virt-hot-plugging-network-interfaces[Hot plugging secondary network interfaces]:: |
| 60 | + |
| 61 | +You can add or remove secondary network interfaces without stopping your VM. {VirtProductName} supports hot plugging and hot unplugging for Linux bridge interfaces that use the VirtIO device driver. |
| 62 | + |
| 63 | +xref:../../virt/vm_networking/virt-using-dpdk-with-sriov.adoc#virt-using-dpdk-with-sriov[Using DPDK with SR-IOV]:: |
| 64 | + |
| 65 | +The Data Plane Development Kit (DPDK) provides a set of libraries and drivers for fast packet processing. You can configure clusters and VMs to run DPDK workloads over SR-IOV networks. |
| 66 | + |
| 67 | +xref:../../virt/vm_networking/virt-dedicated-network-live-migration.adoc#virt-dedicated-network-live-migration[Configuring a dedicated network for live migration]:: |
| 68 | + |
| 69 | +You can configure a dedicated xref:../../virt/vm_networking/virt-connecting-vm-to-linux-bridge.adoc#virt-connecting-vm-to-linux-bridge[Multus network] for live migration. A dedicated network minimizes the effects of network saturation on tenant workloads during live migration. |
| 70 | + |
| 71 | +xref:../../virt/vm_networking/virt-accessing-vm-secondary-network-fqdn.adoc#virt-accessing-vm-secondary-network-fqdn[Accessing a virtual machine by using the cluster FQDN]:: |
| 72 | + |
| 73 | +You can access a VM that is attached to a secondary network interface from outside the cluster by using its fully qualified domain name (FQDN). |
| 74 | + |
| 75 | +xref:../../virt/vm_networking/virt-configuring-viewing-ips-for-vms.adoc#virt-configuring-viewing-ips-for-vms[Configuring and viewing IP addresses]:: |
| 76 | + |
| 77 | +You can configure an IP address of a secondary network interface when you create a VM. The IP address is provisioned with cloud-init. You can view the IP address of a VM by using the {product-title} web console or the command line. The network information is collected by the QEMU guest agent. |
| 78 | + |
| 79 | + |
| 80 | +[id="service-mesh-integration"] |
| 81 | +== Integrating with OpenShift Service Mesh |
| 82 | +xref:../../virt/vm_networking/virt-connecting-vm-to-service-mesh.adoc#virt-connecting-vm-to-service-mesh[Connecting a virtual machine to a service mesh]:: |
| 83 | + |
| 84 | +{VirtProductName} is integrated with OpenShift Service Mesh. You can monitor, visualize, and control traffic between pods and virtual machines. |
| 85 | + |
| 86 | +[id="managing-mac-address-pools"] |
| 87 | +== Managing MAC address pools |
| 88 | +xref:../../virt/vm_networking/virt-using-mac-address-pool-for-vms.adoc#virt-using-mac-address-pool-for-vms[Managing MAC address pools for network interfaces]:: |
| 89 | + |
| 90 | +The KubeMacPool component allocates MAC addresses for VM network interfaces from a shared MAC address pool. This ensures that each network interface is assigned a unique MAC address. A virtual machine instance created from that VM retains the assigned MAC address across reboots. |
| 91 | + |
| 92 | +[id="vm-ssh-access"] |
| 93 | +== Configuring SSH access |
| 94 | +xref:../../virt/virtual_machines/virt-accessing-vm-ssh.adoc#virt-accessing-vm-ssh[Configuring SSH access to virtual machines]:: |
| 95 | + |
| 96 | +You can configure SSH access to VMs by using the following methods: |
| 97 | + |
| 98 | +* xref:../../virt/virtual_machines/virt-accessing-vm-ssh.adoc#using-virtctl-ssh_virt-accessing-vm-ssh[`virtctl ssh` command] |
| 99 | ++ |
| 100 | +You create an SSH key pair, add the public key to a VM, and connect to the VM by running the `virtctl ssh` command with the private key. |
| 101 | ++ |
| 102 | +You can add public SSH keys to {op-system-base-full} 9 VMs at runtime or at first boot to VMs with guest operating systems that can be configured by using a cloud-init data source. |
| 103 | + |
| 104 | +* xref:../../virt/virtual_machines/virt-accessing-vm-ssh.adoc#virt-using-virtctl-port-forward-command_virt-accessing-vm-ssh[`virtctl port-forward` command] |
| 105 | ++ |
| 106 | +You add the `virtctl port-foward` command to your `.ssh/config` file and connect to the VM by using OpenSSH. |
| 107 | + |
| 108 | +* xref:../../virt/virtual_machines/virt-accessing-vm-ssh.adoc#using-services-ssh_virt-accessing-vm-ssh[Service] |
| 109 | ++ |
| 110 | +You create a service, associate the service with the VM, and connect to the IP address and port exposed by the service. |
| 111 | + |
| 112 | +* xref:../../virt/virtual_machines/virt-accessing-vm-ssh.adoc#using-secondary-networks-ssh_virt-accessing-vm-ssh[Secondary network] |
| 113 | ++ |
| 114 | +You configure a secondary network, attach a VM to the secondary network interface, and connect to its allocated IP address. |
0 commit comments