-
Story
-
Resolution: Unresolved
-
Undefined
-
None
-
openshift-4.17
-
Product / Portfolio Work
-
False
-
-
False
-
None
-
None
-
Rejected
-
None
We are migrating existing virtual machines from VMware to OpenShift Virtualization. Virtual machines are attached to existing VLANs using OVNKubernetes localnet.
We are performing a migration of a large-scale VMware deployment where we can expect to encounter virtual machines that have multiple NICs attached to the same VMware network. Unfortunately, based on the testing in the lab environment, it looks like it is not possible to migrate such a virtual machine using MTV.
The lab cluster is OCP 4.17.11 with OpenShift Virtualization 4.17.3.
This is an NNCP that defines the bridge mapping for attaching VMs:
apiVersion: nmstate.io/v1 kind: NodeNetworkConfigurationPolicy metadata: name: br-ex-vlan100 spec: desiredState: ovn: bridge-mappings: - localnet: br-ex-vlan100 bridge: br-ex state: present
A network attachment definition that attaches a VM to the custom VLAN 101:
apiVersion: k8s.cni.cncf.io/v1
kind: NetworkAttachmentDefinition
metadata:
name: br-ex-vlan101
namespace: vm-test
spec:
config: |
{
"cniVersion": "0.3.1",
"name": "br-ex-vlan101",
"type": "ovn-k8s-cni-overlay",
"topology": "localnet",
"vlanID": 101,
"netAttachDefName": "vm-test/br-ex-vlan101"
}
A virtual machine definition that refers to the same network attachment definition for two different interfaces:
$ oc get vm vm2 -o yaml
... networks: - multus: networkName: br-ex-vlan101 name: net2 - multus: networkName: br-ex-vlan101 name: net3 ...
Unfortunately, the virtual machine pod will not come up:
$ oc get events
13m Warning FailedCreatePodSandBox pod/virt-launcher-vm2-9hslg Failed to create pod sandbox: rpc error: code = Unknown desc = failed to create pod network sandbox k8s_virt-launcher-vm2-9hslg_vm-test_3a6a5f88-88ed-40e3-a269-1fbb63bbce8a_0(c4c265f17a461a3ff9f0f61c52dfce0d0643c4380fb81c8d38cc57bad340a5c0): error adding pod vm-test_virt-launcher-vm2-9hslg to CNI network "multus-cni-network": plugin type="multus-shim" name="multus-cni-network" failed (add): CmdAdd (shim): CNI request failed with status 400: 'ContainerID:"c4c265f17a461a3ff9f0f61c52dfce0d0643c4380fb81c8d38cc57bad340a5c0" Netns:"/var/run/netns/37358c6b-c20e-4199-91a7-b69bc18bdf58" IfName:"eth0" Args:"IgnoreUnknown=1;K8S_POD_NAMESPACE=vm-test;K8S_POD_NAME=virt-launcher-vm2-9hslg;K8S_POD_INFRA_CONTAINER_ID=c4c265f17a461a3ff9f0f61c52dfce0d0643c4380fb81c8d38cc57bad340a5c0;K8S_POD_UID=3a6a5f88-88ed-40e3-a269-1fbb63bbce8a" Path:"" ERRORED: error configuring pod [vm-test/virt-launcher-vm2-9hslg] networking: [vm-test/virt-launcher-vm2-9hslg/3a6a5f88-88ed-40e3-a269-1fbb63bbce8a:br-ex-vlan101]: error adding container to network "br-ex-vlan101": CNI request failed with status 400: '[vm-test/virt-launcher-vm2-9hslg c4c265f17a461a3ff9f0f61c52dfce0d0643c4380fb81c8d38cc57bad340a5c0 network br-ex-vlan101 NAD vm-test/br-ex-vlan101] [vm-test/virt-launcher-vm2-9hslg c4c265f17a461a3ff9f0f61c52dfce0d0643c4380fb81c8d38cc57bad340a5c0 network br-ex-vlan101 NAD vm-test/br-ex-vlan101] failed to get pod annotation: timed out waiting for annotations: context deadline exceeded...
Suggested workaround for this issue is to create two different network attachment definitions that refer to the very same bridge mapping and use them both in the virtual machine definition. In this case, the virtual machine comes up and is connected to the same VLAN on both interfaces. The problem is that when migrating existing VMs using MTV, we don't have an option to map a single VMware network to two different network attachment definitions.
