HostNetwork configuration and underlay selection user guide#999
HostNetwork configuration and underlay selection user guide#999rrajendran17 wants to merge 2 commits intoharvester:mainfrom
Conversation
github-actions
bot
requested review from
akashraj4261,
dariavladykina and
jillian-maroket
There was a problem hiding this comment.
Pull request overview
Adds a new networking documentation page describing how to configure HostNetworkConfig for VLAN sub-interfaces (DHCP/static, node selectors, mgmt network) and how to select a non-management underlay for Kube-OVN overlay VM traffic.
Changes:
- New user guide for creating
HostNetworkConfigresources with DHCP/static addressing and optional node targeting. - Documentation for setting an overlay underlay via
underlay: true, including behavior/limitations and verification steps. - Adds a troubleshooting section and operational behavior notes (reboots, node additions, deletes/updates).
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
docs/networking/hostnetworkconfig.md
Outdated
| a node | ||
| Node does not have an uplink | ||
| or label selector mismatch | ||
| Check VlanConfig node.verify selector; |
There was a problem hiding this comment.
The resolution text Check VlanConfig node.verify selector; is unclear and appears to contain a typo ("node.verify"). Please update it to reference the actual VlanConfig node selector field and what users should verify (e.g., that the selector matches the node labels).
| Check VlanConfig node.verify selector; | |
| Verify that the VlanConfig spec.nodeSelector matches the labels on the target nodes |
docs/networking/hostnetworkconfig.md
Outdated
| ### Troubleshooting | ||
|
|
||
| Symptom Likely Cause Resolution | ||
|
|
||
| 1.Webhook rejects the resource VLAN ID is 0, or missing node IPs in static mode Verify cluster network | ||
| status; use VLAN ID ≥ 1; provide IPs for all nodes | ||
|
|
||
| 2.Sub-interface not created on | ||
| a node | ||
| Node does not have an uplink | ||
| or label selector mismatch | ||
| Check VlanConfig node.verify selector; | ||
|
|
||
| 3.DHCP lease not obtained No DHCP server reachable on the VLAN Confirm DHCP server | ||
| is reachable on the configured VLAN from the node | ||
|
|
||
| 4.underlay: true rejected Another HostNetworkConfig is already set as the | ||
| underlay, or coverage is not cluster-wide | ||
| Remove the underlay flag from the existing config first; ensure the new config covers all nodes | ||
|
|
||
| 5.VM traffic not using new underlay KubeOVN annotation not yet propagated Check | ||
| ovn.kubernetes.io/ tunnel_interface annotation on each node; allow time for KubeOVN to reconcile | ||
|
|
There was a problem hiding this comment.
The "Troubleshooting" section is not valid Markdown table/list formatting (spacing will be collapsed, and entries like 1.Webhook won't render as an ordered list). Consider rewriting this as a proper Markdown table (| Symptom | Likely cause | Resolution |) or a structured list so it renders predictably.
| ### Troubleshooting | |
| Symptom Likely Cause Resolution | |
| 1.Webhook rejects the resource VLAN ID is 0, or missing node IPs in static mode Verify cluster network | |
| status; use VLAN ID ≥ 1; provide IPs for all nodes | |
| 2.Sub-interface not created on | |
| a node | |
| Node does not have an uplink | |
| or label selector mismatch | |
| Check VlanConfig node.verify selector; | |
| 3.DHCP lease not obtained No DHCP server reachable on the VLAN Confirm DHCP server | |
| is reachable on the configured VLAN from the node | |
| 4.underlay: true rejected Another HostNetworkConfig is already set as the | |
| underlay, or coverage is not cluster-wide | |
| Remove the underlay flag from the existing config first; ensure the new config covers all nodes | |
| 5.VM traffic not using new underlay KubeOVN annotation not yet propagated Check | |
| ovn.kubernetes.io/ tunnel_interface annotation on each node; allow time for KubeOVN to reconcile | |
| ### Troubleshooting | |
| | Symptom | Likely cause | Resolution | | |
| | ----------------------------------- | -------------------------------------------------- | ---------- | | |
| | Webhook rejects the resource | VLAN ID is 0, or missing node IPs in static mode | Verify cluster network status; use VLAN ID ≥ 1; provide IPs for all nodes | | |
| | Sub-interface not created on a node | Node does not have an uplink, or label selector mismatch | Check VlanConfig node selector; ensure the node has the required uplink configuration | | |
| | DHCP lease not obtained | No DHCP server reachable on the VLAN | Confirm DHCP server is reachable on the configured VLAN from the node | | |
| | `underlay: true` rejected | Another HostNetworkConfig is already set as the underlay, or coverage is not cluster-wide | Remove the underlay flag from the existing config first; ensure the new config covers all nodes | | |
| | VM traffic not using new underlay | KubeOVN annotation not yet propagated | Check `ovn.kubernetes.io/tunnel_interface` annotation on each node; allow time for KubeOVN to reconcile | |
docs/networking/hostnetworkconfig.md
Outdated
| Remove the underlay flag from the existing config first; ensure the new config covers all nodes | ||
|
|
||
| 5.VM traffic not using new underlay KubeOVN annotation not yet propagated Check | ||
| ovn.kubernetes.io/ tunnel_interface annotation on each node; allow time for KubeOVN to reconcile |
There was a problem hiding this comment.
This troubleshooting item breaks the annotation name across whitespace (ovn.kubernetes.io/ tunnel_interface), which can confuse users copying it. Keep it as the exact annotation key ovn.kubernetes.io/tunnel_interface on one line.
| ovn.kubernetes.io/ tunnel_interface annotation on each node; allow time for KubeOVN to reconcile | |
| ovn.kubernetes.io/tunnel_interface annotation on each node; allow time for KubeOVN to reconcile |
| ``` | ||
| apiVersion: network.harvesterhci.io/v1beta1 | ||
| kind: HostNetworkConfig | ||
| metadata: | ||
| name: br1-vlan2012-dhcp | ||
| spec: | ||
| clusterNetwork: br-1 | ||
| vlanID: 2012 | ||
| mode: dhcp | ||
| ``` |
There was a problem hiding this comment.
The YAML examples are fenced with plain triple-backticks, but networking docs elsewhere consistently use language-tagged fences (e.g., ```yaml) for manifests. Adding the yaml info string improves readability/syntax highlighting and keeps this page consistent with the rest of the section.
| Harvester supports the creation of VLAN sub-interfaces on cluster networks and the assignment of IPv4 addresses to those interfaces. This enables Layer 3 connectivity from Harvester nodes to external networks — for dedicated storage, isolated application traffic, or integration with existing routing infrastructure. | ||
| A related capability allows users to designate one of these VLAN interfaces as the underlay for KubeOVN overlay networks used by virtual machines, separating VM inter-node traffic from management traffic. | ||
|
|
There was a problem hiding this comment.
The text uses both "KubeOVN" and "Kube-OVN" on the same page (frontmatter keywords use "Kube-OVN"). Please standardize on the project name used across the docs ("Kube-OVN") so search/keywords and references are consistent.
rrajendran17
force-pushed
the
hostnetworkconfig-userdoc
branch
2 times, most recently
from
beb642b to
48a8bc4
Compare
|
Signed-off-by: Renuka Devi Rajendran <renuka.rajendran@suse.com>
rrajendran17
force-pushed
the
hostnetworkconfig-userdoc
branch
from
95406d2 to
7b3aeba
Compare
| ### Prerequisites | ||
| Before creating a HostNetworkConfig, ensure the following: | ||
|
|
||
| The target cluster network (e.g., br-1, mgmt) is created and in Ready state. |
There was a problem hiding this comment.
| The target cluster network (e.g., br-1, mgmt) is created and in Ready state. | |
| The target cluster network (for example, br-1, mgmt) is created and in Ready state. |
Problem:
User guide for hostnetworkconfig and underlay selection for overlay networks
Solution:
User guide for hostnetworkconfig and underlay selection for overlay networks
Related Issue(s):
harvester/harvester#8101
harvester/harvester#7834