6. Managing Networking¶
The Robin platform extends Kubernetes networking via both Calico and SRIOV/Open vSwitch-based CNI (Container Network Interface) drivers. This dual support offers flexibility in using either overlay networks to create non-rigid L3 subnets that span multiple data centers/cloud environments, or bridged networking to get wire-speed network access for high-performance applications. In either mode, Robin enhances the CNI driver to retain the IP address of the Pod when it is restarted or relocated. This provides additional flexibility during the application lifecycle management process for operations such as scaling and migration, as well as ensuring high availability.
6.1. IP-Pool Management¶
An IP-Pool is a construct in Robin that groups together a set of IP addresses. The main properties of an IP-Pool is the aforementioned range of addresses specified, the netmask and the backing network driver. The netmask assigned indicates the number of IP addresses that can be used from the specified range. In addition Robin supports a multitude of network drivers through which the container networking is orchestrated and enabled. The supported drivers include: Calico, OVS, and SR-IOV. For more information on considerations when selecting a driver please review the below section on CNI plugins.
As part of the installation process, Robin creates two Calico backed IP-Pools named robin-default and nonrobin-default respectively for the users convenience. The former uses the range 172.21.0-15.0-255 whilst the later is assigned the range 172.21.16-31.0-255. As the name suggests the nonrobin-default is used by Kubernetes when the applications are deployed using native Kubernetes tools. Its counter-part can be used for the applications deployed via Robin Bundles.
Note
The nonrobin-default IP-Pool is hidden by default as Robin does not utilize it directly.
When creating an application, one can specify an IP-Pool to be used at the Vnode level. As a result, the IP Address assigned to a container can be easily controlled and managed by the user. Moreover, in situations where a container needs multiple IP addresses, one can specify a set of IP-Pools and the number IP Addresses that need to be assigned from each of them in order to satisfy the requirement. However in the aforementioned situation if there are multiple IP-Pools containing default gateways, all of the gateways will programmed as source based routes except for the first.
Along with additional details, the following commands are described in this section:
|
Add an IP-Pool |
|
Add certificates to an existing IP-Pool |
|
Add additional IP ranges to an existing IP-Pool |
|
List IP-Pools |
|
Display detailed information about an IP-Pool |
|
Remove an IP-Pool |
|
Remove a range of IP addresses from an existing IP-Pool |
|
Rename an existing IP-Pool |
6.1.1. Adding an IP-Pool¶
To add an IP-Pool for Robin to utilize during application deployment, issue the following command:
# robin ip-pool add <name>
--ranges <ranges>
--network <network>
--netmask <netmask>
--prefix <prefix>
--zone <zone>
--tenant <tenant>
--vlan <vlan>
--driver <driver>
--gateway <gateway>
--nameserver <nameserver>
--dns-search <dns_search>
--nictags <nic_tags>
--ifcount <if_count>
--routes <routes>
--vfdriver <vf_driver>
--master-interface <master_interface>
--macvlan-mode <macvlan_mode>
|
IP-Pool Name |
|
Comma separated list of IP ranges to assign to IP-Pool. Each range can also be specified in CIDR format |
|
IP network without ranges to be used for static IP allocations |
|
Mask indicating number of IP addresses that can be used from given range |
|
CIDR prefix to be used with the IP Pool |
|
Name of zone in which to create this IP-Pool |
|
Name of Tenant to which this IP-Pool belongs to |
|
VLAN to be associated with this IP-Pool. Note this option is only valid for OVS and SRIOV driver backed IP-Pools |
|
Driver to back this IP-Pool. Valid choices include: OVS, Calico, Secondary, Isolated, MACVLAN and SR-IOV |
|
Default gateway to be used for this IP-Pool |
|
Comma separated list of DNS name servers to be used for Pods deployed using this IP-Pool |
|
Comma separated list of DNS search strings to be used for Pods deployed using this IP-Pool |
|
Comma separated NIC tags to select when assigning interfaces from this network. Each tag must be specified as key/value pair. Only keys “name” and “pci_address” are supported |
|
Preset the interface count when using this network. Applicable only for the SR-IOV driver |
|
Comma separated list of routes to associated with this network |
|
Kernel driver to bind to when attaching an SR-IOV virtual function. Applicable only for the SR-IOV driver |
|
Master interface to be used for the MACVLAN plugin. Applicable only for the MACVLAN driver |
|
Mode for the MACVLAN plugin in order to configure the traffic visibility on the virtual network. Applicable only for the MACVLAN driver. Valid choices include: Private, Vepa and Bridge. The default value is Bridge when the MACVLAN driver is used |
Note
At least one of the --network or --ranges options must be given when creating an IP-Pool however both cannot be used. Similarly either one of the --prefix or --netmask parameters must be utilized but both cannot be specified. If an IP-Pool is created without ranges, it can only be used for static IP Address allocations.
Example 1 (Creating a basic OVS IP-Pool):
# robin ip-pool add demo --ranges 10.9.106.1-255 --netmask 255.255.0.0 --driver ovs
Registered IP pool demo.
Example 2 (Creating an SR-IOV IP-Pool with VLAN):
# robin ip-pool add demo --ranges 10.9.106.1-255 --netmask 255.255.0.0 --driver sriov --vlan 500
Registered IP pool demo.
With the above IP-Pool Robin will select VF’s based on the VLANs allowed for a particular NIC.
Example 3 (Creating an SR-IOV IP-Pool with NIC tags using the pci_address parameter):
# robin ip-pool add demo --ranges 10.9.106.1-255 --netmask 255.255.0.0 --driver sriov --vlan 500 --nictags pci_addr=0000:3b:00.0
Registered IP pool demo.
With the above IP-Pool Robin will select VF’s only from NICs with the pci address “0000:3b:00.0”.
Example 5 (Creating an SR-IOV IP-Pool with NIC tags using the name parameter):
# robin ip-pool add demo --ranges 10.9.106.1-255 --netmask 255.255.0.0 --driver sriov --vlan 500 --nictags name=sriov0
Registered IP pool demo.
With the above IP-Pool Robin will select VF’s only from NICs with the name “sriov0”.
Example 6 (Creating an SR-IOV IP-Pool with Bonded VFs):
# robin ip-pool add demo --ranges 192.168.1.101-110 --netmask 255.255.255.0 --driver sriov --vlan 500 --ifcount 2 --nictags name=sriov0,name=sriov2
Registered IP pool demo.
With the above IP-Pool Robin will select one VF from a NIC named sriov0, one VF from a NIC named sriov2 and bond them together.
Example 7 (Creating an SR-IOV IP-Pool with Bonded VFs based on VLAN):
# robin ip-pool add demo --ranges 192.168.1.101-110 --netmask 255.255.255.0 --driver sriov --vlan 500 --ifcount 2
Registered IP pool demo.
With the above IP-Pool Robin will select two VFs from two NICs (one from each) where VLAN 500 is allowed and bond them together.
Example 8 (Creating an SR-IOV IP-Pool with Bonded VFs from the same NIC):
# robin ip-pool add demo --ranges 192.168.1.101-110 --netmask 255.255.255.0 --driver sriov --vlan 500 --ifcount 2 --nictags name=sriov0,name=sriov0
Registered IP pool demo.
With the above IP-Pool Robin will select two VFs from a NIC named sriov0 and bond them together.
Example 9 (Creating an SR-IOV IP-Pool with VF Driver):
# robin ip-pool add demo --ranges 192.168.1.101-110 --netmask 255.255.255.0 --driver sriov --vlan 500 --nictags name=sriov0 --vfdriver igb_uio
Registered IP pool demo.
With the above IP-Pool Robin will select one VF from a NIC named sriov0 and bind it with the specified driver.
Example 10 (Creating an IP-Pool by specifying IP ranges in network/CIDR format):
# robin ip-pool add demo --ranges 192.10.88.0/24 --netmask 255.255.0.0 --driver ovs
Registered IP pool demo.
With the above IP-Pool Robin will configure its ranges utilizing the CIDR format i.e (/24, /16, /26 etc) with which the ranges were represented.
Example 11 (Creating an MACVLAN based IP-Pool):
# robin ip-pool add demo --driver macvlan --ranges 192.168.10.21-30 --prefix 24 --gateway 192.168.10.1 --master-interface=ens18f1 --macvlan-mode bridge
Registered IP pool demo.
With the above IP-Pool Robin will configure the MACVLAN CNI as the primary network driver with the primary master interface as ens18f1 operating in bridge mode.
Note
In all the above examples for SR-IOV backed IP-Pools, when the --vlan option is specified independently of any other parameters it acts as a constraining factor whilst also tagging outgoing packets. In every other scenario only the latter holds true. As a result when options such as the --nictags option is passed alongside the --vlan option, the latter stops becoming a constraining factor.
Adds an IP-Pool for Robin to utilize during application deployment.
End Point: /api/v3/robin_server/ip-pools
Method: POST
URL Parameters: None
Data Parameters:
ip_pool: <dict_of_ip_pool_details>–name: <ip_pool_name>- This mandatory field within the payload specifies the name of the IP-Pool to be created.driver: <ip_pool_driver>- This mandatory field within the payload specifies the network driver to be associated with the IP-Pool. Valid options include: ‘ovs’, ‘sriov’, ‘secondary’, ‘isolated’, ‘macvlan’ and ‘calico’.zoneid: <zone_name>- This mandatory field within the payload specifies the name of the zone in which the IP-Pool should be created.ranges: <list_of_range_dicts>- Utilizing this parameter within the payload, by specifying a list containing dictionaries in the form{'range': <ip_range>}for each range, results in the specified ranges being assigned to this IP-Pool.network: <ip_network>- Utilizing this parameter within the payload, by specifying an IP network without ranges, results in the specified network being used for IP allocations when utilizing this network.netmask: <netmask>- Utilizing this parameter within the payload, by specifying an appropriate mask, results in aforementioned mask being applied to the specified ranges and thus indicating the number of IP addresses that can be used.prefix: <cidr_prefix>- Utilizing this parameter within the payload, by specifying a CIDR prefix, results in the aforementioned prefix being associated with the IP-Pool.tenant: <tenant_name>- Utilizing this parameter within the payload, by specifying a tenant name, results in the IP-Pool being associated with the aforementioned tenant.vlan_number: <vlan_number>- Utilizing this parameter within the payload, by specifying a VLAN number, results in the IP-Pool being associated with the aforementioned VLAN number. Note this option is only valid for OVS and SRIOV driver backed IP-Pools.gateway: <gateway>- Utilizing this parameter within the payload, by specifying a gateway, results aforementioned gateway being set as the default gateway for the IP-Pool.nameserver: <nameservers>- Utilizing this parameter within the payload, by specifying a string of DNS name servers which are comma seperated, results in the aforementioned name servers being used for Pods deployed using this IP-Pool.dns_search: <dns_search_strings>- Utilizing this parameter within the payload, by specifying a string of DNS search strings which are comma seperated, results in the aforementioned search strings being used for Pods deployed using this IP-Pool.nictags: <list_of_tag_dicts>- Utilizing this parameter within the payload, by specifying a list containing dictionaries in the form{<tag_key>: <tag_value>}for each NIC tag, results in only interfaces associated with the aforementioned tags being utilized when using this IP-Pool. Note only keys “name” and “pci_address” are supported.ifcount: <interface_count>- Utilizing this parameter within the payload presets the interface count for allocations to the integer specified when using this network. Valid values include 1 and 2. Note this option is only valid for SRIOV driver backed IP-Pools.routes: <list_of_route_dicts>- Utilizing this parameter within the payload, by specifying a list containing dictionaries in the form{'dest': <destination>, 'gateway': <gateway>}for each route, results in the specified routes being associated with this IP-Pool.vfdriver: <vf_driver>- Utilizing this parameter within the payload, by specifying the name of a kernel driver, results in the aforementioned driver being bound to when attaching an SR-IOV virtual function. Valid options include: ‘igb_uio’, ‘vfio-pci’, and ‘uio_pci_generic’. Note this option is only valid for SRIOV driver backed IP-Pools.master_interface: <master_interface>- Utilizing this parameter within the payload, by specifying the name of a valid interface, results in the aforementioned interface being used as the master interface for the MACVLAN plugin. Note this option is only valid for MACVLAN driver backed IP-Pools.macvlan_mode: <macvlan_mode>- Utilizing this parameter within the payload, by specifying the name of a valid mode, results in the MACVLAN plugin being configured with the aforementioned mode which in turn determines the traffic visibility on the virtual network. Valid options include: ‘private’, ‘vepa’, and ‘bridge’. Note this option is only valid for MACVLAN driver backed IP-Pools and the default value is ‘bridge’.
Note
At least one of the
networkorrangesproperties must be given when creating an IP-Pool however both cannot be used. Similarly either one of theprefixornetmaskproperties must be utilized but both cannot be specified. If an IP-Pool is created without ranges, it can only be used for static IP Address allocations.
Port: RCM Port (default value is 29442)
Headers:
Authorization: <auth_token>: Authorization token to identify which user is sending the request. The token can be acquired from the login API.
Success Response Code: 200
Error Response Code: 500 (Internal Server Error), 404 (Not Found Error), 401 (Unauthorized Error), 400 (Invalid API Usage Error), 409 (Duplicate Resource Error)
Example Response:
Output
{
"message":"Registered IP pool demo. \n"
}
6.1.2. Adding certificates to an IP-Pool¶
To add certificates to an IP-Pool in order to make certain addresses accessible in a secure manner, issue the following command:
# robin ip-pool add-certs <name> <certificates>
--keypass <keypass>
--is_hostnames
--no_multinode
|
IP-Pool Name |
|
Path to SSL certificates file |
|
Passphrase of the key |
|
Indicates that the filename specified contains the hostname and its format is <filename>.<certtype> |
|
Indicates that the certificate can be used for multiple hosts |
Example:
# robin ip-pool add-cert demo ~/ssl/demo-cert
Added certificates.
Adds certificates to an IP-Pool in order to make certain addresses accessible in a secure manner.
End Point: /api/v3/robin_server/ip-pools/<ip_pool_name>
Method: PUT
URL Parameters: None
Data Parameters:
action: add_certs- This mandatory field within the payload specifies that the add certificates operation is to be performed.cert_info: <dict_of_cert_details>–filename: <cert_file_name>- This mandatory field within the payload specifies the base file name of the certificate file.certificate: <cert_data>- This mandatory field within the payload specifies the base64 decoded details within the specified file.multinode: [true|false]- Utilizing this parameter within the payload indicates whether or not this certificate can be used for multiple hosts.is_hostnames: [true|false]- Utilizing this parameter within the payload indicates whether or not the specified certificate filename contains the hostname and is in the format <filename>.<certtype>.
Port: RCM Port (default value is 29442)
Headers:
Authorization: <auth_token>: Authorization token to identify which user is sending the request. The token can be acquired from the login API.
Success Response Code: 200
Error Response Code: 500 (Internal Server Error), 404 (Not Found Error), 401 (Unauthorized Error), 400 (Invalid API Usage Error)
Example Response:
Output
{
"message":"Added certificates.\n"
}
6.1.3. Adding ranges to an IP-Pool¶
To add additional ranges to an IP-Pool in order to expand the number of IP Addresses available, issue the following command:
# robin ip-pool add-ranges <name> <ranges>
|
IP-Pool Name |
|
Comma separated list of additional IP ranges to assign to IP-Pool |
Example:
# robin ip-pool add-ranges demo 10.9.107.1-255
Added range.
Adds IP ranges that are currently assigned to an IP-Pool in order to expand the number of available IP ranges.
End Point: /api/v3/robin_server/ip-pools/<ip_pool_name>
Method: PUT
URL Parameters: None
Data Parameters:
action: add_ranges- This mandatory field within the payload specifies that the add ranges operation is to be performed.ranges: <list_of_ranges>- This mandatory field within the payload specifies a list of comma seperated ranges to be added from the given IP-Pool.
Port: RCM Port (default value is 29442)
Headers:
Authorization: <auth_token>: Authorization token to identify which user is sending the request. The token can be acquired from the login API.
Success Response Code: 200
Error Response Code: 500 (Internal Server Error), 404 (Not Found Error), 401 (Unauthorized Error), 400 (Invalid API Usage Error)
Example Response:
Output
{
"message":"Added range.\n"
}
6.1.4. Listing registered IP-Pools¶
To list registered IP-Pools alongside details such as the associated driver and network ranges contained within each pool, issue the following command:
# robin ip-pool list --all
--full
--json
|
Display all registered IP-Pools including hidden ones |
|
Display additional information for listed IP-Pools |
|
Output in JSON |
Example:
# robin ip-pool list --all
Name | Driver | Network | VLAN | Total | Used | Free
-----------------+--------+---------------+------+-------+------+------
nonrobin-default | calico | 172.21.0.0/16 | - | 4096 | 2 | 4094
robin-default | calico | 172.21.0.0/16 | - | 4096 | 0 | 4096
demo | ovs | 10.9.0.0/16 | - | 255 | 0 | 255
Returns all registered IP-Pools alongside details such as the associated driver and network ranges contained within each pool.
End Point: /api/v3/robin_server/ip-pools/
Method: GET
URL Parameters: None
Data Parameters:
all: true- Utilizing this parameter within the payload results in details of hidden IP-Pools being returned as well.
Port: RCM Port (default value is 29442)
Headers:
Authorization: <auth_token>: Authorization token to identify which user is sending the request. The token can be acquired from the login API.
Success Response Code: 200
Error Response Code: 500 (Internal Server Error)
Example Response:
Output
{
"items":[
{
"available":"4092",
"description":null,
"zone":"default",
"tenants":[
],
"subnet":"172.21.0.0",
"vfdriver":null,
"ranges":[
{
"range":"172.21.0-15.0-255"
}
],
"gateway":null,
"name":"nonrobin-default",
"netmask":"255.255.0.0",
"used":"4",
"total":"4096",
"nictags":null,
"dns_search":null,
"zone_id":1,
"driver":"calico",
"routes":[
],
"ifcount":1,
"nameserver":null
},
{
"available":"4094",
"description":null,
"zone":"default",
"tenants":[
"Administrators"
],
"subnet":"172.21.0.0",
"vfdriver":null,
"ranges":[
{
"range":"172.21.16-31.0-255"
}
],
"gateway":null,
"name":"robin-default",
"netmask":"255.255.0.0",
"used":"2",
"total":"4096",
"nictags":null,
"dns_search":null,
"zone_id":1,
"driver":"calico",
"routes":[
],
"ifcount":1,
"nameserver":null
},
{
"available":"255",
"description":null,
"zone":"default",
"tenants":[
"Administrators"
],
"subnet":"10.9.0.0",
"vfdriver":null,
"ranges":[
{
"range":"10.9.106.1-255"
}
],
"gateway":null,
"name":"demo",
"netmask":"255.255.0.0",
"used":"0",
"total":"255",
"nictags":null,
"dns_search":null,
"zone_id":1,
"driver":"ovs",
"routes":[
],
"ifcount":1,
"nameserver":null
}
]
}
To list registered IP-Pools via the robinippool custom resource alongside details such as the associated driver, network ranges, VLANs and bonded NICs contained within each pool, issue the following command:
# kubectl get robinippool
Example:
[root@qct-05 ~]# kubectl get robinippool
NAME NETMASK NETWORK IPPREFIX SUBNET GATEWAY NAMESERVER DRIVER VFDRIVER RANGE(S) VLAN BONDED TRUST SPOOFCHK
robin-default 255.255.0.0 172.21.0.0 calico ["172.21.16-31.0-255"] 1
sec-1 255.255.255.0 24 192.168.1.0 secondary ["192.168.1.11-20"] 1
sec-2 255.255.255.0 24 192.168.2.0 secondary ["192.168.2.11-20"] 1
sriov-b1 255.255.255.0 192.168.110.0 sriov ["192.168.110.165-170"] 20 2 off on
sriov-b2 255.255.255.0 192.168.111.0 sriov ["192.168.111.165-170"] 20 2 off on
sriov1 255.255.255.0 192.168.10.0 sriov igb_uio ["192.168.10.101-164"] 20 1 off on
sriov10 255.255.255.0 192.168.100.0 sriov native ["192.168.100.101-164"] 20 1 off on
sriov2 255.255.255.0 192.168.20.0 sriov igb_uio ["192.168.20.101-164"] 20 1 off on
sriov3 255.255.255.0 192.168.30.0 sriov igb_uio ["192.168.30.101-164"] 20 1 off on
sriov4 255.255.255.0 192.168.40.0 sriov igb_uio ["192.168.40.101-164"] 20 1 off on
sriov5 255.255.255.0 192.168.50.0 sriov native ["192.168.50.101-164"] 20 2 off on
sriov6 255.255.255.0 192.168.60.0 sriov native ["192.168.60.101-164"] 20 2 off on
sriov7 255.255.255.0 192.168.70.0 sriov native ["192.168.70.101-164"] 20 1 off on
sriov8 255.255.255.0 192.168.80.0 sriov native ["192.168.80.101-164"] 20 1 off on
sriov9 255.255.255.0 192.168.90.0 sriov native ["192.168.90.101-164"] 20 1 off on
sriov98 255.255.255.0 192.168.98.0 sriov igb_uio ["192.168.98.101-164"] 20 1 off on
sriov99 255.255.255.0 192.168.99.0 sriov igb_uio ["192.168.99.101-164"]
6.1.5. Show information about a specific IP-Pool¶
To view details about a particular IP-Pool including its utilization, associated driver, and the network range(s) it covers, issue the following command:
# robin ip-pool info <name>
--json
|
Name of IP-Pool |
|
Output in JSON |
Example:
# robin ip-pool info demo
IPPool: demo
Driver: ovs
Subnet: 10.10.2.0
Netmask: 255.255.255.0
Range: 10.10.2.102-130
Pool Utilization: 0/29/29 (Used/Available/Total)
Returns details about a particular IP-Pool including its utilization, associated driver, and the network range(s) it covers.
End Point: /api/v3/robin_server/ip-pools/
Method: GET
URL Parameters: None
Data Parameters:
name: <ip-pool-name>- This mandatory parameter within the payload specifies which IP-Pool actually needs to be queried.
Port: RCM Port (default value is 29442)
Headers:
Authorization: <auth_token>: Authorization token to identify which user is sending the request. The token can be acquired from the login API.
Success Response Code: 200
Error Response Code: 500 (Internal Server Error), 404 (Not Found Error), 401 (Unauthorized Error)
Example Response:
Output
{
"items":[
{
"available":"255",
"description":null,
"zone":"default",
"tenants":[
"Administrators"
],
"subnet":"10.9.0.0",
"vfdriver":null,
"ranges":[
{
"range":"10.9.106.1-255"
}
],
"gateway":null,
"name":"demo",
"netmask":"255.255.0.0",
"used":"0",
"total":"255",
"nictags":null,
"dns_search":null,
"zone_id":1,
"driver":"ovs",
"routes":[
],
"ifcount":1,
"nameserver":null
}
]
}
6.1.6. Removing an IP-Pool¶
To remove an IP-Pool from Robin, issue the following command:
# robin ip-pool remove <name>
--yes
|
IP-Pool Name |
|
Do not prompt the user for confirmation of deletion |
Example:
# robin ip-pool remove demo --yes
Unregistered IP-Pool 'demo'.
Removes an IP-Pool from Robin.
End Point: /api/v3/robin_server/ip-pools/<ip_pool_name>
Method: DELETE
URL Parameters: None
Data Parameters: None
Port: RCM Port (default value is 29442)
Headers:
Authorization: <auth_token>: Authorization token to identify which user is sending the request. The token can be acquired from the login API.
Success Response Code: 200
Error Response Code: 500 (Internal Server Error), 404 (Not Found Error), 401 (Unauthorized Error)
Example Response:
Output
{
"message":"Unregistered IP pool demo.\n"
}
6.1.7. Removing ranges from an IP-Pool¶
To remove IP ranges that are currently assigned to an IP-Pool in order to reduce the number of available IP ranges, issue the following command:
# robin ip-pool remove-ranges <name> <ranges>
--yes
|
IP-Pool Name |
|
Comma separated list of IP ranges to remove from an IP-Pool |
|
Do not prompt the user for confirmation of removal |
Example:
# robin ip-pool remove-ranges demo 10.9.107.1-255 --yes
Removed range.
Removes IP ranges that are currently assigned to an IP-Pool in order to reduce the number of available IP ranges.
End Point: /api/v3/robin_server/ip-pools/<ip_pool_name>
Method: PUT
URL Parameters: None
Data Parameters:
action: remove_ranges- This mandatory field within the payload specifies that the remove ranges operation is to be performed.ranges: <list_of_ranges>- This mandatory field within the payload specifies a list of comma seperated ranges to be removed from the given IP-Pool.
Port: RCM Port (default value is 29442)
Headers:
Authorization: <auth_token>: Authorization token to identify which user is sending the request. The token can be acquired from the login API.
Success Response Code: 200
Error Response Code: 500 (Internal Server Error), 404 (Not Found Error), 401 (Unauthorized Error), 400 (Invalid API Usage Error)
Example Response:
Output
{
"message":"Removed range.\n"
}
6.1.8. Renaming an IP-Pool¶
To rename an IP-Pool, issue the following command:
# robin ip-pool rename <name> <new_name>
|
IP-Pool Name |
|
New name of the specified IP-Pool |
Example:
# robin ip-pool rename demo demo_change
IP-Pool 'demo' renamed to 'demo_change'.
Renames an existing IP-Pool.
End Point: /api/v3/robin_server/ip-pools/<ip_pool_name>
Method: PUT
URL Parameters: None
Data Parameters:
action: rename- This mandatory field within the payload specifies that the rename operation is to be performed.new_name: <new_ippool_name>- This mandatory field within the payload specifies the new name for the specified IP-Pool.
Port: RCM Port (default value is 29442)
Headers:
Authorization: <auth_token>: Authorization token to identify which user is sending the request. The token can be acquired from the login API.
Success Response Code: 200
Error Response Code: 500 (Internal Server Error), 404 (Not Found Error), 401 (Unauthorized Error), 400 (Invalid API Usage Error)
Example Response:
Output
{
"message":"IP-Pool 'demo' renamed to 'demo_change'.\n"
}
6.2. VLAN Support¶
The VLAN (Virtual LAN) feature allows one to logically group a set of devices in the same L2 domain irrespective of how they are physically connected. Additionally one can carve out logical groups even if the devices are connected to the same L2 switch. Listed below are some of the advantages of using VLANs:
Performance - Broadcast traffic is sent to all the nodes in an L2 domain. VLANs allow creating groups or virtual L2 domains, thus containing the broadcast traffic to the created logical groups.
Isolation and Security - VLANs allow one to control the broadcast domain and enforce which logical groups can talk to one another
Flexibility - A device can be easily added/removed from a VLAN logical group without actually changing the physical connectivity
Cost Reduction - VLANs can be used to create broadcast domains without the need for expensive routers
Along with additional details, the following commands are described in this section:
|
Register a VLAN |
|
List VLANs |
|
Unregister a VLAN |
|
Configure a VLAN for an interface on a host |
|
Remove a VLAN from an interface on a host |
6.2.1. Registering a VLAN¶
To register a VLAN with Robin so it can be configured for an interface, issue the following command:
# robin vlan add <vlan_number>
--skip-vlan-interface
--add-vlan-interface
Note
The Robin server might need to access pods deployed in a particular VLAN. As a result a VLAN interface needs to be created on the current Robin Master. This VLAN interface is created, when --add-vlan-interface is enabled, on the aforementioned node when an IP-Pool is created and has an associated VLAN. The IP address linked to the VLAN interface is picked from the addresses provided in the IP Pool. In some deployments, VLAN routing could be provided in a different manner and thus a VLAN interface might not be needed on the Robin Master. If this is the case, you can create VLAN with --skip-vlan-interface option (this is the default behavior).
|
VLAN number/identifier |
|
Skips VLAN interface configuration on the Robin Master node |
|
Configures the VLAN interface on the Robin Master node |
Example:
# robin vlan add 9 --wait
Job: 180 Name: VLANAdd State: PROCESSED Error: 0
Job: 180 Name: VLANAdd State: COMPLETED Error: 0
Registers a VLAN with Robin so it can be configured for an interface.
End Point: /api/v3/robin_server/vlans
Method: POST
URL Parameters: None
Data Parameters:
vlan: <vlan_number>- This mandatory field within the payload specifies the VLAN number for the VLAN to be registered.skip_vlan_interface: [true|false]- This mandatory field within the payload is a boolean value that specifies whether or not the VLAN interface should be configured on the Robin Master node.
Port: RCM Port (default value is 29442)
Headers:
Authorization: <auth_token>: Authorization token to identify which user is sending the request. The token can be acquired from the login API.
Success Response Code: 202
Error Response Code: 500 (Internal Server Error), 404 (Not Found Error), 401 (Unauthorized Error), 400 (Invalid API Usage Error), 409 (Duplicate Resource Error)
Example Response:
Output
{
"jobid":209
}
6.2.2. Listing all VLANs¶
To list registered VLANs alongside details such as the IP-Pools it is assigned to and the number of NICs associated with it, issue the following command:
# robin vlan list --json
|
Output in JSON |
Example:
# robin vlan list
VLAN | IP Pools | Instance Count | Interface Count
-----+----------+----------------+-----------------
9 | None | 0 | 0
Returns all registered VLANs alongside details such as the IP-Pools it is assigned to and the number of NICs associated with it.
End Point: /api/v3/robin_server/vlans/
Method: GET
URL Parameters: None
Data Parameters: None
Port: RCM Port (default value is 29442)
Headers:
Authorization: <auth_token>: Authorization token to identify which user is sending the request. The token can be acquired from the login API.
Success Response Code: 200
Error Response Code: 500 (Internal Server Error)
Example Response:
Output
{
"items":[
{
"skip_vlan_interface":true,
"ip_pools":[
],
"instance_cnt":0,
"number":9,
"nic_cnt":0
}
]
}
6.2.3. Configuring a VLAN on a host¶
Before installing Robin on a VLAN based setup, it is expected that an administrator would have planned which VLANs are to be used for deploying applications and thus configured the installation appropriately. However in order to configure a VLAN post installation, issue the following command:
# robin host add-vlan [<hosts>]
--vlans <vlans>
--interface <interface>
--all
--untagged
|
A comma separated list of hosts to add VLANs to. If this isn’t provided, then –all must be used |
|
Range of VLANs to be added (Use ‘ALL’ to enable all vlans) |
|
Interface on host on which VLANs should be added |
|
VLANs will be added to every host in the cluster |
|
Network traffic will not be tagged with the VLAN number |
Example:
# robin host add-vlan vnode89.robinsystems.com --vlans 9 --interface br0 --untagged
Job: 180 Name: HostVLANAdd State: PROCESSED Error: 0
Job: 180 Name: HostVLANAdd State: COMPLETED Error: 0
Configures a VLAN on a host after Robin installation.
End Point: /api/v3/robin_server/hosts/<hostname>
Method: PUT
URL Parameters: None
Data Parameters:
action: add_vlans- This mandatory field within the payload specifies that the add VLAN operation is to be performed.vlans: <range_of_vlans>- Utilizing this parameter in the payload, by specifying a range of VLANs, results in the aforementioned VLANs being configured on the host.all_vlans: true- Utilizing this parameter in the payload results in all possible VLANs being configured on this host. The default value is False.interface: <interface_name>- Utilizing this parameter in the payload, by specifying an interface name, results in the given VLANs being configured on the aforementioned interface.untagged: true- Utilizing this parameter in the payload results in the VLAN being configured on SRIOV interfaces as untagged. The default value is False.
Note
Either the vlans or all_vlans parameter must be present in the request body.
Port: RCM Port (default value is 29442)
Headers:
Authorization: <auth_token>: Authorization token to identify which user is sending the request. The token can be acquired from the login API.
Success Response Code: 202
Error Response Code: 500 (Internal Server Error), 404 (Not Found Error), 401 (Unauthorized Error), 400 (Invalid API Usage Error)
Example Response:
Output
{
"jobid":217
}
6.2.4. Removing a VLAN from a host¶
In order to remove a VLAN that is configured on an interface which is present on a host, issue the following command:
# robin host remove-vlan [<hosts>]
--vlans <vlans>
--interface <interface>
--all
|
A comma separated list of hosts to remove VLANs from. If this isn’t provided, then –all must be used |
|
Range of VLANs to be removed (Use ‘ALL’ to indicate all vlans) |
|
Interface on host from which VLANs should be removed |
|
VLANs will be removed on every host in the cluster |
Example:
# robin host remove-vlan vnode89.robinsystems.com --vlans 9 --interface br0
Job: 180 Name: HostVLANRemove State: PROCESSED Error: 0
Job: 180 Name: HostVLANRemove State: COMPLETED Error: 0
Removes a VLAN that is configured on an interface which is present on a host.
End Point: /api/v3/robin_server/hosts/<hostname>
Method: PUT
URL Parameters: None
Data Parameters:
action: remove_vlans- This mandatory field within the payload specifies that the remove VLAN operation is to be performed.vlans: <range_of_vlans>- This mandatory field within the payload specifies the range of VLANs to be removed.interface: <interface_name>- Utilizing this parameter in the payload indicates the interface on the specified host from which the VLAN(s) should be removed.
Port: RCM Port (default value is 29442)
Headers:
Authorization: <auth_token>: Authorization token to identify which user is sending the request. The token can be acquired from the login API.
Success Response Code: 202
Error Response Code: 500 (Internal Server Error), 404 (Not Found Error), 401 (Unauthorized Error), 400 (Invalid API Usage Error)
Example Response:
Output
{
"jobid":213
}
6.2.5. Unregistering a VLAN¶
To unregister a VLAN from Robin, issue the following command:
# robin vlan remove <vlan_number>
--yes
Note
The VLAN must be removed from all hosts it was configured on before it can be unregistered.
|
VLAN number/identifier |
|
Do not prompt the user for confirmation of removal |
Example:
# robin vlan remove 9 --wait --yes
Job: 182 Name: VLANRemove State: PROCESSED Error: 0
Job: 182 Name: VLANRemove State: COMPLETED Error: 0
Unregisters a VLAN from robin.
End Point: /api/v3/robin_server/vlans/<vlan_number>
Method: DELETE
URL Parameters: None
Data Parameters: None
Port: RCM Port (default value is 29442)
Headers:
Authorization: <auth_token>: Authorization token to identify which user is sending the request. The token can be acquired from the login API.
Success Response Code: 202
Error Response Code: 500 (Internal Server Error), 404 (Not Found Error), 401 (Unauthorized Error)
Example Response:
Output
{
"jobid":83
}
6.2.6. Assumptions made about VLAN Configurations¶
Below are a list of assumptions and/or rules that made with regards to VLAN integration with Robin:
Upstream ports are configured as trunk ports and the right VLANs are allowed on these ports.
On a single host with multiple ports, then same VLAN is not configured on different ports (an exception to this rule is SR-IOV ports).
Multiple IP subnets can be configured to be carried using the same VLAN.
The same IP subnet cannot be configured for two different VLANs.
6.3. MACVLAN Support¶
With VLAN, you can create multiple sub-interfaces that uses the same MAC addresses, but the traffic is filtered based on the VLAN tag. With MACVLAN, each slave interface created on the top of the master interface is assigned a different MAC address.
You can directly bound the MACVLAN slave interface to a namespace instead of relying on a tap or veth device along with a bridge to provide underlay network connectivity.
To provide fault-tolerant connectivity to the workloads, Robin recommends using Bonded interfaces. You can also configure MACVLAN on Linux VLAN interfaces (eth0.<vlan>) to provide tagging support for workloads. For more information, see here.
MACVLAN supports containers using MACVLAN CNI, and for KVM, MACVTAP interfaces are used.
Points to consider when using MACVLAN
Robin supports the MACVLAN Bridge mode.
The MACVLAN design does not allow you to ping a workload (VM or container) from the host where the workload is deployed.
Due to the design constraint mentioned in the previous point, if you use MACVLAN as the default network for the workload, Kubernetes services may not work as expected.
It is recommended to have a dedicated interface on the node to provide MACVLAN based connectivity to the workloads.
OVS and MACVLAN provide similar kinds of connectivity, it is recommended not to use an OVS interface as the MACVLAN master interface.
By default, Robin installs OVS, but you can use the installer options
—skip-ovs-clusteror—skip-ovs-nodeto disable OVS configuration at a cluster or node level.If you are using MACVLAN as the primary CNI interface for a Pod, static routes including default gateway can be configured using the
--routesoption during IP Pool creation.
6.4. Advanced Compute and Networking Support¶
6.4.1. Supported Functionalities When Using Kubernetes YAML or Helm Chart for Deployment¶
The following are the networking based functionalities that are supported:
Multiple interfaces support
OVS support
SR-IOV device allocation
Note
Virtual Network Function deployment (including the networking components) is not currently supported via YAML/Helm Charts.
6.4.2. Specifying Dedicated CPU Request¶
If your Pod needs dedicated CPUs, then the Pod must be in guaranteed QoS class (requests = limits) and should ask for integer CPU requests.
Also, Pods need to have CPU and memory specified in requests and limits.
spec:
containers:
-name: nginx
image: nginx
resources:
limits:
memory: "200Mi"
cpu: "2"
requests:
memory: "200Mi"
cpu: "2
Check Pod’s QoS Class after deploying by following the example mentioned below:
kubectl describe Pod Pod-l2fwd-78554948b7-zrfvj | grep -i qos
QoS Class: Guaranteed
6.4.3. Prerequisites for Using Network Annotations¶
To use network annotations, you must meet the following prerequisites:
The namespace in which Helm Charts or YAML based objects are planned to be deployed in should be registered with Robin. Details on the command by which to achieve this can be found here.
All Kubernetes objects including controllers, Pods etc. that request network resources must meet one of the following conditions in order to have the appropriate network resources allocated to them by the Robin orchestrator:
Both
appandreleaselabels need to be present within the object definition. This is considered the old style of naming.Both
app.kubernetes.io/nameandapp.kubernetes.io/instancelabels need to be present within the object definition. This is considered the new style of naming. For more information on updated naming conventions, see Recommended Labels.
Note
Each controller including all StatefulSets, ReplicaSets, Deployments, and Daemonsets within a Kubernetes cluster must have a unique combination of
appandreleaselabels.
6.4.4. Robin Annotation for Multiple Interfaces Support¶
Robin platform supports configuring multiple IPV4/IPV6 addresses on a single pod interface. With this support, you should be able to configure multiple IPV4, multiple IPV6, or both IPV4 and IPV6 addresses on a single pod interface.
Robin provides a new annotation for adding multiple network interfaces for Deployments, Pods, Statefulsets, or DaemonSets.
After you add these annotations, Robin takes care of the remaining tasks, such as planning, creating network attachment definitions, defining objects, etc.
To get the Robin interface list, you use Robin’s custom resource: robinippool. For more information, review the section detailed here. The following is the annotation for multiple interfaces.
robin.io/networks: '[{"ippool": "ovs1"}, {"ippool": "sriovigb"}]'
Note
A Pod that needs only a Calico interface does not require Robin annotation.
6.4.5. New Driver Type: secondary¶
To support multiple IPV4 and IPV6 or a combination of both IP addresses, Robin provides a new driver type by name secondary. Just like OVS, SR-IOV, and Calico, secondary is a new driver type for Robin IP pools.
If you need to use multiple IP address configurations on a single interface, you must create IP pools using the new secondary driver type. You can create multiple IP pools using the secondary driver type for assigning an IP address from each pool. Each IP pool that is created using the secondary driver should have a primary(not a driver type) IP pool associated with it. The primary IP pool can be one of these: OVS or SR-IOV driver type IP pool.
6.4.6. Multiple Interfaces Annotations Examples¶
The following are the annotations examples:
IP Pools for this Example:
robin ip-pool add sriov1 --driver sriov --ranges 192.168.1.1-25 --netmask 255.255.0.0
robin ip-pool add ovs1 --driver ovs --ranges 192.168.1.1-100 --netmask 255.255.0.0
robin ip-pool add sriovigb --driver sriov --ranges 192.168.1.101-150 --netmask 255.255.0.0 --vfdriver igb_uio
robin ip-pool add sriov-bond --ranges 192.168.112.0-200 --netmask 255.255.255.0 --driver sriov --ifcount 2
Pod with calico and OVS interface
annotations:
robin.io/networks: '[{"ippool": "ovs1"}]'
Pod with calico and SRIOV (iavf)
annotations:
robin.io/networks: '[{"ippool": "sriov1"}]'
Pod with calico, OVS and SRIOV (iavf)
annotations:
robin.io/networks: '[{"ippool": "ovs1"}, {"ippool": "sriov1"}]'
Pod with SRIOV, FPGA and calico
annotations:
robin.io/networks: '[{"ippool": "sriov1"}]'
robin.io/devices: '[{"type": "fpga", "devid": "0x0d90", "vendor": "0x8086", "driver": "igbuio", "count": 1, "name": "random"}]'
FPGA without the name key
annotations:
robin.io/networks: '[{"ippool": "sriov1"}]'
robin.io/devices: '[{"type": "fpga", "devid": "0x0d90", "vendor": "0x8086", "driver": "igbuio", "count": 1}]''
Pod with SRIOV ibg_uio and calico
annotations:
robin.io/networks: '[{"ippool": "sriovigb"}]'
Pod with only OVS (no calico)
annotations:
robin.io/default-network: '{"ippool": "ovs1"}'
Pod with OVS and SRIOV(no calico)
annotations:
robin.io/default-network: '{"ippool": "ovs1"}'
robin.io/networks: '[{"ippool": "sriov1"}]
Pod with calico and two MACVLAN interfaces
annotations:
robin.io/networks: '[{"ippool": "mv1"}, {"ippool": "mv2"}]'
Pod with MACVLAN as default-network
annotations:
robin.io/default-network: '{"ippool": "mv1"}'
robin.io/networks: '[{"ippool": "mv2"}]'
Bonded SRIOV and calico
annotations:
robin.io/networks: '[{"ippool": "sriov-bond"}]'
Static IP
annotations:
robin.io/networks: '[{"ippool": "sriov1", "static_ips": ["192.168.96.10-15", "192.168.96.17"]}]'
robin.io/networks: '[{"ippool": "sriov121", "static_ips": ["192.168.121.105"]}, {"ippool": "sriov120", "static_ips": ["192.168.120.105"]}]''
Static IP with policy pool/range
annotations:
# Use IPs only from the range provided
robin.io/networks: '[{"ippool": "sriov1", "static_ip_policy": "range", "static_ips": ["192.168.96.10-15", "192.168.96.17"]}]'
annotations:
# Use IPs from range provided and if all used, pick any available IP from the IPPool
robin.io/networks: '[{"ippool": "sriov1", "static_ip_policy": "ippool", "static_ips": ["192.168.96.10-15", "192.168.96.17"]}]
Note
The difference between statick_ip_policy: range and ip-pool. The range option is used when IPs should be given only from IPs specified in the annotations. The range option is the default option. The ip-pool is used when the IPs in the annotations are exhausted or already used. Pick any available IP from a specified IP pool.
6.4.6.1. Dual Stack Allot Example¶
IP pools used
robin ip-pool add sriov7 --ranges fd74:ca9b:3a09:8687:c0:a8:1:65-a4 --prefix 64 --driver sriov --nictags name=enp175s0f0 --ifcount 1 --vlan 20
robin ip-pool add sec-1 --driver secondary --ranges fd74:ca9b:3a09:868b:c0:a8:b:65-a4 --prefix 64
robin ip-pool add sec-2 --driver secondary --ranges fd74:ca9b:3a09:868c:c0:a8:c:65-a4 --prefix 64
robin ip-pool add sec-4 --driver secondary --ranges 192.0.2.25-30 --prefix 24
Annotation used
annotations:
robin.io/networks: '[{"ippool": "sriov7"}, {"ippool": "sec-2", "primary": "sriov7"}, {"ippool": "sec-1", "primary": "sriov7"}, {"ippool": "sec-4", "primary": "sriov7"}]
Resulting Interface in the Pod
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.0.2.25 netmask 255.255.255.0 broadcast 192.0.2.255
inet6 fd74:ca9b:3a09:868c:c0:a8:c:89 prefixlen 64 scopeid
0x0<global>
inet6 fd74:ca9b:3a09:8687:c0:a8:1:6c prefixlen 64 scopeid
0x0<global>
inet6 fd74:ca9b:3a09:868b:c0:a8:b:7c prefixlen 64 scopeid
0x0<global>
inet6 fe80::548f:f6ff:feb8:545 prefixlen 64 scopeid
0x20<link>
ether 56:8f:f6:b8:05:45 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
6.4.7. Robin Isolated CNI Plugin¶
Robin Cloud Native Platform(CNP) provides a new CNI plugin called robin-isolated. You can use the plugin to configure an IP address on the lo interface of a Pod.
To use the robin-isolated CNI plugin, you must create an IP pool with driver type isolated.
Example:
Create IP pool
robin ip-pool add isolated-pool --ranges 88.10.20.100-150 --netmask 255.255.255.0 --driver isolated
Provide IP pool in network annotation.
annotations:
robin.io/networks: '[{"ippool": "isolated-pool"}]'
6.4.8. Secondary IP Pool and IP Addressing Support¶
Create a primary IP pool (OVS/SR-IOV only. No Calico pool can be used as primary) as shown below:
robin ip-pool add ovs-1 --ranges 10.9.10.151-200 --netmask 255.255.255.0 --driver ovs
Now create multiple secondary IP pools as follows.
robin ip-pool add sec-1 --ranges 192.168.10.151-200 --netmask 255.255.255.0 --driver secondary
robin ip-pool add sec-2 --ranges 192.168.30.151-200 --netmask 255.255.255.0 --driver secondary
Lastly create Pod using the appropriate annotations. The example below will configure 3 IP addresses on a single Pod interface i.e eth0.
annotations:
robin.io/networks: '[{"ippool": "ovs-1"}, {"ippool": "sec-1", "primary": "ovs-1"}, {"ippool": "sec-2", "primary": "ovs-1"}]}]'
6.4.9. Custom Interface Names¶
The custom interface name feature allows users to provide a custom name for a network interface for easy identification. In addition this feature allows users to implement custom interface names inside a Pod based on the requirements of a network function. If you do not provide a custom name for a network interface, Robin uses the default interface naming scheme.
Points to consider:
You cannot set the interface name to be eth0 or lo as the Pod will remain in ContainerCreating state.
You can set interface name to be net if available.
annotations:
robin.io/networks: '[{"ippool": "sriov100", "interface_name": "sr1"}]
6.4.10. Network Annotation options¶
You can use the following options to customize the interface allocated. The following six options are supported in both in the input_yaml and network annotations:
trustbond_modemtunw_typecontainerspoofchk
Note
The trust and spoofchk are L2 options for Virtual Functions.
trust and spoofchk
Example: By using input.yaml for Bundles:
By input.yaml for Bundles:
1 appname: "centos-app"
2 ippools: ["robin-default"]
3 media: HDD
4 roles:
5 - name: pktgen
6 ippools:
7 - ippool: sriov103
8 "trust": "on"
9 "spoofchk": "on"
10 - ippool: sriov104
11 "trust": "on"
12 "spoofchk": "on"
By Pod yaml using annotations
12 robin.io/networks: '[{"ippool": "sriov99", "trust": "on", "spoofchk": "on"}]'
Bond_mode
The bond_mode option is for bond CNI. Robin supports only active-backup mode and it is the default mode.
Anyway it can be specified like below using input.yaml 1 appname: "centos-app" 2 ippools: ["robin-default"] 3 media: HDD 4 roles: 5 - name: pktgen 6 ippools: 7 - ippool: sriov103 8 bond_mode: active-backup By Pod yaml using annotations 12 robin.io/networks: '[{"ippool": "sriov99", "bond_mode": "active-backup"}]
Allocate Device or Interface to a Specific Container in a Pod
When a Pod has multiple containers and if you want to allocate a device or interface to a specific container, you can specify container name in the annotation.
annotations: robin.io/networks: {"ippool": "sriov1", "container": "container1"} robin.io/devices: '[{"container": "container2", type": "fpga", "devid": "0x0d90", "vendor": "0x8086", "driver": "igbuio", "count": 1}]
mtu
The mtu option is to set the mtu for VF (backend switch port and PF mtu set has to be taken care by net-admin)
With input.yaml 1 appname: "centos-app" 2 ippools: ["robin-default"] 3 media: HDD 4 roles: 5 - name: pktgen 6 ippools: 7 - ippool: sriov103 9 "mtu": "9000" With Pod yaml robin.io/networks: '[{"ippool": "sriov103", "name": "FRONTHAUL", "trust": "on", "spoofchk": "on", "mtu": "9000"}, {"ippool": "sriov104", "name": "FRONTHAUL", "trust": "on", "spoofchk": "on", "mtu": "9000"}]'
name
You can use the parameter ‘’name’’ in the YAML file so that the environment variables related to the interface have a name as a prefix. With input YAML it has to be bundle-net params and with the Pod YAML, that tie-up is not available.
1 appname: "centos-app" 2 ippools: ["robin-default"] 3 media: HDD 4 roles: 5 - name: pktgen 6 ippools: 7 - ippool: sriov103 8 name: mynet1 With Pod yaml robin.io/networks: '[{"ippool": "sriov103", "name": "FRONTHAUL", "trust": "on", "spoofchk": "on", "mtu": "9000"}, {"ippool": "sriov104", "name": "FRONTHAUL", "trust": "on", "spoofchk": "on", "mtu": "9000"}]
6.4.11. Kubernetes Annotations for Device Requests¶
Similar to multiple interfaces, Robin provides a new annotation for devices to add in Deployments, Pods, Statefulsets, or DaemonSets.
The following is the annotation for device requests:
robin.io/devices: '[{"type": "fpga", "devid": "0x0d90", "vendor": "0x8086", "driver": "vfiopci", "count": 1, "name": "fec"}]’
6.4.12. Getting CPU IDs Inside a Pod¶
If you need allocating CPU IDs inside containers requesting guaranteed CPUs, you can access them in the /robinenv file.
Example:
[root@Pod-l2fwd l2fwd]# cat /robinenv
ROBIN_CPUSET=5,6,29,30
ROBIN_CPUSET_ORDERED=5:29,6:30
ROBIN_CPUSET_RANGE=5-6,29-30
6.4.13. Environment Variables to use with Annotations¶
Robin exposes a set of environment variables prefixed with the phrase “ROBIN” within Pods deployed via YAML files. A subset of the aforementioned variables are displayed below and can be accessed via the env command from within the Pod.
Example:
[root@Pod-pktgen-5-668b9d6d5c-58822 pktgen]# env | grep ROBIN
ROBIN_SRIOV5_SUBNET=fd74:ca9b:3a09:8685:0000:0000:0000:0000
ROBIN_NONROBIN_DEFAULT_IP_ADDRESS=fd74:ca9b:3a09:868c:0172:0018:0000:42af
ROBIN_NONROBIN_DEFAULT_DRIVER=calico
ROBIN_SRIOV5_VFIDS=9,7
ROBIN_SRIOV5_DRIVER=sriov
ROBIN_NONROBIN_DEFAULT_NETMASK=ffff:ffff:ffff:ffff:ffff:ffff:ffff:c000
ROBIN_SRIOV5_IP_ADDRESS=fd74:ca9b:3a09:8685:00c0:00a8:0001:006f
ROBIN_SRIOV5_PFNAMES=enp175s0f1,enp175s0f0
ROBIN_SRIOV5_PCI_ADDR=0000:af:0b.1,0000:af:02.7
ROBIN_NONROBIN_DEFAULT_SUBNET=fd74:ca9b:3a09:868c:0172:0018:0000:4000
ROBIN_SRIOV5_MTU=1500
ROBIN_SRIOV5_VFDRIVER=iavf
ROBIN_MEMORY=209715200
ROBIN_SRIOV5_INTF_NAMES=eth1,eth2
ROBIN_SRIOV5_VLAN=20
ROBIN_SRIOV5_NETMASK=ffff:ffff:ffff:ffff:0000:0000:0000:0000
6.4.14. Change in CPU Reservation in Robin Bundles¶
Starting with Robin v5.3.5, if you need dedicated CPUs, you need to mention the reserve CPU=true or false in your bundle.
If you set:
reserve = true, Robin provides a reserved CPU
reserve = false, Robin provides a shared CPU
Example
compute:
memory: 1G
hugepages_1gi: 3G
cpu:
reserve: true
cores: 5
Note
With Robin supporting the Topology Manager, the CPU pools feature in Robin bundles is deprecated. So, the isol key inside the cpu section in the manifest is also deprecated.
The following are deprecated:
Isolated shared
Isolated dedicated
Non-isolated