Merge pull request #92731 from dfitzmau/OSDOCS-13333

dfitzmau · web-flow · commit 943d8ece55a1 · 2025-05-30T15:34:41.000+01:00
OSDOCS-13333: Add perf scale considerations to whereabouts CNI plugin…
diff --git a/modules/nw-multus-ipam-object.adoc b/modules/nw-multus-ipam-object.adoc
@@ -195,89 +195,3 @@ The following JSON example describes the configuration p for dynamic IP address
   }
 }
 ----
-
-[id="nw-multus-whereabouts_{context}"]
-== Dynamic IP address assignment configuration with Whereabouts
-
-The Whereabouts CNI plugin allows the dynamic assignment of an IP address to a secondary network without the use of a DHCP server. 
-
-The Whereabouts CNI plugin also supports overlapping IP address ranges and configuration of the same CIDR range multiple times within separate `NetworkAttachmentDefinition` CRDs. This provides greater flexibility and management capabilities in multi-tenant environments.
-
-[id="dynamic-ip-address-assignment-objects_{context}"]
-=== Dynamic IP address configuration objects
-
-The following table describes the configuration objects for dynamic IP address assignment with Whereabouts:
-
-.`ipam` whereabouts configuration object
-[cols=".^2,.^2,.^6",options="header"]
-|====
-|Field|Type|Description
-
-|`type`
-|`string`
-|The IPAM address type. The value `whereabouts` is required.
-
-|`range`
-|`string`
-|An IP address and range in CIDR notation. IP addresses are assigned from within this range of addresses.
-
-|`exclude`
-|`array`
-|Optional: A list of zero or more IP addresses and ranges in CIDR notation. IP addresses within an excluded address range are not assigned.
-
-|`network_name`
-|`string`
-| Optional: Helps ensure that each group or domain of pods gets its own set of IP addresses, even if they share the same range of IP addresses. Setting this field is important for keeping networks separate and organized, notably in multi-tenant environments.
-
-|====
-
-[id="dynamic-ip-address-assignment-whereabouts_{context}"]
-=== Dynamic IP address assignment configuration that uses Whereabouts
-
-The following example shows a dynamic address assignment configuration that uses Whereabouts:
-
-.Whereabouts dynamic IP address assignment
-[source,json]
-----
-{
-  "ipam": {
-    "type": "whereabouts",
-    "range": "192.0.2.192/27",
-    "exclude": [
-       "192.0.2.192/30",
-       "192.0.2.196/32"
-    ]
-  }
-}
-----
-
-[id="dynamic-ip-address-assignment-whereabouts-overlapping-ip-ranges_{context}"]
-=== Dynamic IP address assignment that uses Whereabouts with overlapping IP address ranges
-
-The following example shows a dynamic IP address assignment that uses overlapping IP address ranges for multi-tenant networks. 
-
-.NetworkAttachmentDefinition 1
-[source,json]
-----
-{
-  "ipam": {
-    "type": "whereabouts",
-    "range": "192.0.2.192/29",
-    "network_name": "example_net_common", <1>
-  }
-}
-----
-<1> Optional. If set, must match the `network_name` of `NetworkAttachmentDefinition 2`.
-
-.NetworkAttachmentDefinition 2
-[source,json]
-----
-{
-  "ipam": {
-    "type": "whereabouts",
-    "range": "192.0.2.192/24",
-    "network_name": "example_net_common", <1>
-  }
-}
-----
-<1> Optional. If set, must match the `network_name` of `NetworkAttachmentDefinition 1`. 
diff --git a/modules/nw-multus-whereabouts-fast-ipam.adoc b/modules/nw-multus-whereabouts-fast-ipam.adoc
@@ -0,0 +1,169 @@
+// Module included in the following assemblies:
+//
+// * networking/multiple_networks/configuring-additional-network.adoc
+// * networking/hardware_networks/configuring-sriov-net-attach.adoc
+// * virt/vm_networking/virt-connecting-vm-to-sriov.adoc
+
+:_mod-docs-content-type: PROCEDURE
+[id="nw-multus-whereabouts-fast-ipam_{context}"]
+= Fast IPAM configuration for the Whereabouts IPAM CNI plugin
+
+Wherabouts is an IP Address Management (IPAM) Container Network Interface (CNI) plugin that assigns IP addresses at a cluster-wide level. Whereabouts does not require a Dynamic Host Configuration Protocol (DHCP) server.
+
+A typical Wherabouts workflow is described as follows:
+
+. Whereabouts takes an address range in classless inter-domain routing (CIDR) notation, such as `192.168.2.0/24`, and assigns IP addresses within that range, such as `192.168.2.1` to `192.168.2.254`. 
+. Whereabouts assigns an IP address, the lowest value address in a CIDR range, to a pod and tracks the IP address in a data store for the lifetime of that pod. 
+. When the pod is removed, Whereabouts frees the address from the pod so that the address is available for assignment.
+
+To improve the performance of Whereabouts, especially if nodes in your cluster run a high amount of pods, you can enable the Fast IPAM feature.
+
+:FeatureName: Fast IPAM
+include::snippets/technology-preview.adoc[leveloffset=+1]
+
+The Fast IPAM feature uses `nodeslicepools`, which are managed by the Whereabouts Controller, to optimize IP allocation for nodes.
+
+.Prerequisites
+
+* You added the `whereabouts-shim` configuration to the `Network.operator.openshift.io` custom resource (CR), so that the Cluster Network Operator (CNO) can deploy the Whereabouts Controller. See "Creating a Whereabouts reconciler daemon set". 
+* For the Fast IPAM feature to work, ensure that the `NetworkAttachmentDefinition` (NAD) and the pod exist in the same `openshift-multus` namesapace.
+
+.Procedure
+
+. Confirm that the Whereabouts Controller is running by entering the following command. 
++
+[source,terminal]
+----
+$ oc get pods -n openshift-multus | grep controller
+----
++
+.Example output
+[source,terminal]
+----
+multus-admission-controller-d89bc96f-gbf7s   2/2     Running   0              6h3m
+...
+----
++
+[IMPORTANT]
+====
+If the Whereabouts Controller is not running, the Fast IPAM does not work.
+====
+
+. Create a NAD file for your cluster and add the Fast IPAM details to the file:
++
+.Example NAD file with a Fast IPAM configuration
+[source,yaml,subs="attributes+,quotes"]
+----
+apiVersion: "k8s.cni.cncf.io/v1"
+kind: NetworkAttachmentDefinition
+metadata:
+  name: wb-ipam
+  namespace: openshift-multus <1>
+spec:
+  config: {
+	"cniVersion": "0.3.0",
+	"name": "wb-ipam-cni-name", <2>
+	"type": "bridge",
+	"bridge": "cni0",
+	"ipam": {
+  	"type": "whereabouts", <3>
+  	"range": "10.5.0.0/20", <4>
+  	"node_slice_size": "/24" <5>
+    }
+  }
+# ...
+----
+<1> The namespace where CNO deploys the NAD.
+<2> The name of the Whereabouts IPAM CNI plugin.
+<3> The type of IPAM CNI plugin: `whereabouts`.
+<4> The IP address range for the IP pool that the Whereabouts IPAM CNI plugin uses for allocating IP addresses to pods.
+<5> Sets the slice size of IP addresses available to each node.
+
+. Add the Whereabouts IPAM CNI plugin annotation details to the YAML file for the pod:
++
+[source,yaml,subs="attributes+,quotes"]
+----
+apiVersion: v1
+kind: Pod
+metadata:
+  name: <pod_name> <1>
+  annotations:
+  k8s.v1.cni.cncf.io/networks: openshift-multus/wb-ipam <2>
+spec:
+  containers:
+  - name: samplepod <3>
+  command: ["/bin/ash", "-c", "trap : TERM INT; sleep infinity & wait"] <4>
+  image: alpine
+# ...
+----
+<1> The name of the pod.
+<2> The annotation details that references the Whereabouts IPAM CNI plugin name that exists in the `openshift-multus` namespace.
+<3> The name of the container for the pod.
+<4> Defines the entry point for the container and controls the behavior of the container in the Whereabouts IPAM CNI plugin. 
+
+. Apply the NAD file configuration to pods that exist on nodes that run in your cluster:
++
+[source,terminal]
+----
+$ oc create -f <NAD_file_name>.yaml
+----
+
+.Verification
+
+. Show the IP address details of the pod by entering the following command:
++
+[source,terminal,subs="attributes+,quotes"]
+----
+$ oc describe pod <pod_name>
+----
++
+.Example output
++
+[source,terminal]
+----
+...
+IP:     192.168.2.0
+IPs:
+  IP:   192.168.2.0
+Containers:
+  samplepod:
+    Container ID:   docker://<image_name>
+    Image:          <app_name>:v1
+    Image ID: 
+...
+----
+
+. Access the pod and confirm its interfaces by entering the following command:
++
+[source,terminal]
+----
+$ oc exec <pod_name> -- ip a
+----
++
+.Example output
+[source,terminal]
+----
+...
+3: net1@if23: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
+    link/ether 82:01:98:e5:0c:b7 brd ff:ff:ff:ff:ff:ff
+    inet 192.168.2.0/24 brd 10.10.0.255 scope global net1 <1>
+       valid_lft forever preferred_lft forever
+    inet6 fe80::8001:98ff:fee5:cb7/64 scope link
+       valid_lft forever preferred_lft forever
+...
+----
+<1> Pod is attached to the `192.168.2.1` IP address on the `net1` interface as expected.
+
+. Check that the node selector pool exists in the `openshift-multus` namespace by entering the following command:
++
+[source,terminal]
+----
+$ oc get nodeslicepool -n openshift-multus
+----
++
+.Example output
+[source,terminal]
+----
+NAME            AGE
+nodeslicepool   32m
+----
diff --git a/modules/nw-multus-whereabouts.adoc b/modules/nw-multus-whereabouts.adoc
@@ -0,0 +1,92 @@
+// Module included in the following assemblies:
+//
+// * networking/multiple_networks/configuring-additional-network.adoc
+// * networking/hardware_networks/configuring-sriov-net-attach.adoc
+// * virt/vm_networking/virt-connecting-vm-to-sriov.adoc
+
+:_mod-docs-content-type: REFERENCE
+[id="nw-multus-whereabouts_{context}"]
+= Dynamic IP address assignment configuration with Whereabouts
+
+The Whereabouts CNI plugin helps the dynamic assignment of an IP address to a secondary network without the use of a DHCP server.
+
+The Whereabouts CNI plugin also supports overlapping IP address ranges and configuration of the same CIDR range multiple times within separate `NetworkAttachmentDefinition` CRDs. This provides greater flexibility and management capabilities in multi-tenant environments.
+
+[id="dynamic-ip-address-assignment-objects_{context}"]
+== Dynamic IP address configuration parameters
+
+The following table describes the configuration objects for dynamic IP address assignment with Whereabouts:
+
+.`ipam` whereabouts configuration parameters
+[cols=".^2,.^2,.^6",options="header"]
+|====
+|Field|Type|Description
+
+|`type`
+|`string`
+|The IPAM address type. The value `whereabouts` is required.
+
+|`range`
+|`string`
+|An IP address and range in CIDR notation. IP addresses are assigned from within this range of addresses.
+
+|`exclude`
+|`array`
+|Optional: A list of zero or more IP addresses and ranges in CIDR notation. IP addresses within an excluded address range are not assigned.
+
+|`network_name`
+|`string`
+| Optional: Helps ensure that each group or domain of pods gets its own set of IP addresses, even if they share the same range of IP addresses. Setting this field is important for keeping networks separate and organized, notably in multi-tenant environments.
+
+|====
+
+[id="dynamic-ip-address-assignment-whereabouts_{context}"]
+== Dynamic IP address assignment configuration with Whereabouts that excludes IP address ranges
+
+The following example shows a dynamic address assignment configuration in a NAD file that uses Whereabouts:
+
+.Whereabouts dynamic IP address assignment that excludes specific IP address ranges
+[source,json]
+----
+{
+  "ipam": {
+    "type": "whereabouts",
+    "range": "192.0.2.192/27",
+    "exclude": [
+       "192.0.2.192/30",
+       "192.0.2.196/32"
+    ]
+  }
+}
+----
+
+[id="dynamic-ip-address-assignment-whereabouts-overlapping-ip-ranges_{context}"]
+== Dynamic IP address assignment that uses Whereabouts with overlapping IP address ranges
+
+The following example shows a dynamic IP address assignment that uses overlapping IP address ranges for multi-tenant networks. 
+
+.NetworkAttachmentDefinition 1
+[source,json]
+----
+{
+  "ipam": {
+    "type": "whereabouts",
+    "range": "192.0.2.192/29",
+    "network_name": "example_net_common", <1>
+  }
+}
+----
+<1> Optional. If set, must match the `network_name` of `NetworkAttachmentDefinition 2`.
+
+.NetworkAttachmentDefinition 2
+[source,json]
+----
+{
+  "ipam": {
+    "type": "whereabouts",
+    "range": "192.0.2.192/24",
+    "network_name": "example_net_common", <1>
+  }
+}
+----
+<1> Optional. If set, must match the `network_name` of `NetworkAttachmentDefinition 1`. 
diff --git a/networking/hardware_networks/configuring-sriov-ib-attach.adoc b/networking/hardware_networks/configuring-sriov-ib-attach.adoc
@@ -19,6 +19,9 @@ include::modules/nw-multus-configure-dualstack-ip-address.adoc[leveloffset=+2]
 // Configuration of IP address assignment for a network attachment
 include::modules/nw-multus-ipam-object.adoc[leveloffset=+2]
 
+// Dynamic IP address assignment configuration with Whereabouts
+include::modules/nw-multus-whereabouts.adoc[leveloffset=+2]
+
 // Configuring SR-IOV additional network
 include::modules/nw-sriov-network-attachment.adoc[leveloffset=+1]
 
diff --git a/networking/hardware_networks/configuring-sriov-net-attach.adoc b/networking/hardware_networks/configuring-sriov-net-attach.adoc
@@ -19,6 +19,9 @@ include::modules/nw-multus-configure-dualstack-ip-address.adoc[leveloffset=+2]
 // Configuration of IP address assignment for a network attachment
 include::modules/nw-multus-ipam-object.adoc[leveloffset=+2]
 
+// Dynamic IP address assignment configuration with Whereabouts
+include::modules/nw-multus-whereabouts.adoc[leveloffset=+3]
+
 // Configuring SR-IOV additional network
 include::modules/nw-sriov-network-attachment.adoc[leveloffset=+1]
 
diff --git a/networking/multiple_networks/configuring-additional-network.adoc b/networking/multiple_networks/configuring-additional-network.adoc
@@ -231,6 +231,9 @@ include::modules/configuring-pods-static-ip.adoc[leveloffset=+3]
 // Configuration of IP address assignment for an additional network
 include::modules/nw-multus-ipam-object.adoc[leveloffset=+1]
 
+// Dynamic IP address assignment configuration with Whereabouts
+include::modules/nw-multus-whereabouts.adoc[leveloffset=+2]
+
 // Creating a whereabouts-reconciler daemon set
 include::modules/nw-multus-creating-whereabouts-reconciler-daemon-set.adoc[leveloffset=+2]
 
diff --git a/networking/multiple_networks/secondary_networks/configuring-ip-secondary-nwt.adoc b/networking/multiple_networks/secondary_networks/configuring-ip-secondary-nwt.adoc
