Pods attached to a Primary User Defined Network use this network for all workload traffic, but maintain a connection to the default cluster network for traffic from the kubelet for healthchecks.

The Pod Details view in the console shows only the infrstructure-locked cluster network IP (10.128.x.0/23)

Because a user has defined a specific network and CIDR they will expect to see the IP allocated from this network in the console and may be confused by this display.  

4.18++    

  Always

    1. Create appropriately labeled namespace

---
apiVersion: v1
kind: Namespace
metadata:
  name: demo-pudn
  labels:
    # required at namespace creation when hosting a primary UDN
    k8s.ovn.org/primary-user-defined-network: ""


     2. Create a primary UDN (Layer2 and Layer3 topologies behave the same)

---
apiVersion: k8s.ovn.org/v1
kind: UserDefinedNetwork
metadata:
  finalizers:
    - k8s.ovn.org/user-defined-network-protection
  name: primary-udn-l3
  namespace: demo-pudn
spec:
  topology: Layer3
  layer3:
    ipam:
      lifecycle: Persistent
    role: Primary
    subnets:
      - cidr: 10.3.0.0/16
        hostSubnet: 24


     3. Launch a pod in the namespace

oc project demo-pudn
GUID=$(uuidgen | head -c4 | tr A-Z a-z)
IMG="registry.redhat.io/openshift4/ose-cli"
LABEL="app=oc-client-${GUID}"
oc run "oc-client-${GUID}" \
    --labels="$LABEL" \
    --rm -ti --tty \
    --image "$IMG"


     4. See IP address having default route ovn-udn1 on 10.3.x.0/24 and eth0 on 10.128.x.0/23


[root@oc-client-9669 /]# ip -br -4 a
lo               UNKNOWN        127.0.0.1/8
eth0@if3729      UP             10.129.6.216/23
ovn-udn1@if3730  UP             10.3.4.11/24

[root@oc-client-9669 /]# ip route get 1.1.1.1
1.1.1.1 via 10.3.4.1 dev ovn-udn1 src 10.3.4.11 uid 0
    cache

  Observe only eth0 IP is visible in the management console

  Only the ovn-udn1 IP visible in the management console.
 OR
  The ovn-udn1 IP shown as primary IP and the eth0 IP shown as kubelet / infrastructure / healthcheck IP