This epic is a followup to https://issues.redhat.com/browse/CORENET-6025 with the goal of making the feature generally available.

Epic Goal

Allow import of VMs connected to an overlay network with IPAM. This includes:

1. Specifying the IP address of the VM for OVNK to use (but not assign) via persistent IP or some other mechanism
2. Detect/expose the MAC for the VM to be configured in OVNK for the VM
3. When creating the UDN, be able to specify the gateway IP address, so the migrated VM can keep the same default route.
4. Support unNATed ingress/egress for VMs when using BGP(limited to cluster UDNs)
5.  [TBD] When creating the UDN, allow excludeSubnets to be used with L2 UDNs to ensure OVNK does not use an IP address from the range that VMs have already been assigned outside of the cluster.

Slack channel: #udn-cnv-sdn-static-ips

Why is this important?

Some users are running VMs in virtualization platforms having a managed IP configuration.

For this kind of users, we need to have a way to enable their existing VMs to run properly after being migrated into OpenShift, without any guest configuration changes.

For that, we need to import the VMs from their existing platforms, preserving their existing MACs, IPs, and gateway configuration.

Planning Done Checklist

The following items must be completed on the Epic prior to moving the Epic from Planning to the ToDo status

• Priority+ is set by engineering
• Epic must be Linked to a +Parent Feature
• Target version+ must be set
• Assignee+ must be set
• (Enhancement Proposal is Implementable
• (No outstanding questions about major work breakdown
• (Are all Stakeholders known? Have they all been notified about this item?
• Does this epic affect SD? {}Have they been notified{+}? (View plan definition for current suggested assignee)
  1. Please use the “Discussion Needed: Service Delivery Architecture Overview” checkbox to facilitate the conversation with SD Architects. The SD architecture team monitors this checkbox which should then spur the conversation between SD and epic stakeholders. Once the conversation has occurred, uncheck the “Discussion Needed: Service Delivery Architecture Overview” checkbox and record the outcome of the discussion in the epic description here.
  2. The guidance here is that unless it is very clear that your epic doesn’t have any managed services impact, default to use the Discussion Needed checkbox to facilitate that conversation.

Additional information on each of the above items can be found here: Networking Definition of Planned

Acceptance Criteria

• CI - MUST be running successfully with tests automated
• Release Technical Enablement - Provide necessary release enablement
  details and documents.
• Secondary L2 overlay networks can be created using (Cluster)UserDefined networks. A new attribute opts-out from OVN Kubernetes IPAM.
• These UDNs are assigned with a subnet and default GW IP.
• These UDNs provide NAT'd routed egress
• These UDNs allow routed ingress (since we don't know which IPs are used by individual enpoints in the network, we don't plan to support Services). This would be the same BGP-based advertisement as for the primary UDN
• IPs are not assigned by OVN Kubernetes, IP spoof filtering is disabled\

Non-goals

• We do not expect selector-based MultiNetworkPolicies or Services to work, since OVN Kubernetes has no awareness of the assigned IPs, and that's fine.

Dependencies (internal and external)

1. BGP ingress working on primary UDN

Previous Work (Optional):

1. SDN-4919
2. CNV-17002 

Open questions::

1. ...

Done Checklist

• CI - CI is running, tests are automated and merged.
• Release Enablement <link to Feature Enablement Presentation>
• DEV - Upstream code and tests merged: <link to meaningful PR or GitHub Issue>
• DEV - Upstream documentation merged: <link to meaningful PR or GitHub Issue>
• DEV - Downstream build attached to advisory: <link to errata>
• QE - Test plans in Polarion: <link or reference to Polarion>
• QE - Automated tests merged: <link or reference to automated tests>
• DOC - Downstream documentation merged: <link to meaningful PR>