Uploaded image for project: 'Virtualization Strategy'
  1. Virtualization Strategy
  2. VIRTSTRAT-581

CNI certification+ for VM-friendly networking

XMLWordPrintable

    • Product / Portfolio Work
    • False
    • Hide

      None

      Show
      None
    • False
    • Not Selected

      Summary

      Enhance the CNI certification framework by adding an additional tier for CNI providers that support advanced VM networking capabilities. This tier certifies CNIs that can provide VMs with:

      • Sticky IP addresses - IP persistence during live migration
      • Direct addressability - IPs reachable from other VMs on the same network without NAT

      Background

      The current CNI certification includes basic OpenShift Virtualization validation, but does not cover advanced networking capabilities required for seamless VM workloads, expected by majority of our customers.

      The recommended approach for this integration uses Managed Tap binding (rather than Bridge binding, which has known issues with DHCP). Partners implementing these capabilities need an official certification path and documented process.

      Requirements

      1. Define Official Process

      • Document the additional requirements beyond base CNI certification, this should extend the existing documentation
      • (optional) Publish guidance for CNI vendors, introduction to binding plugins, acceptance criteria of the additional test cases, etc.

      2. Stakeholder Buy-in

      • Obtain alignment from the Certification team on the new tier (and changes to the test execution)
      • Obtain alignment from the Support team on support boundaries (relative to the current support of certified CNIs)

      3. Automated Self-Certification Tooling

      • Develop automated test suite for the extended certification
      • Options to explore:
        • Move from Sonobuoy to the downstream checkup and implement additional test cases through T2
      • Test cases should cover:
        • Live migration IP preservation
        • (optional) VM restart IP preservation
        • Cross-VM direct connectivity validation
      • Enable partners to run certification tests independently

      4. MTV Integration

      •  

      5. OpenShift UI Integration

      • Make it possible to connect to pod network with a binding that the CNI vendor defines as the default

      Success Criteria

      • Published documentation for the process
      • At least one partner successfully certified through the new process
      • Automated test suite available for partner self-validation
      • MTV integration documented and functional
      • UI integration documented and functional

      Related Components

      • CNV Network - Core certification framework
      • CNV User Interface - Binding selection support
      • Migration Toolkit for Virtualization - IP preservation during migration

              phoracek@redhat.com Petr Horacek
              phoracek@redhat.com Petr Horacek
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: