kubevirt: Network binding plugin

api/v1beta1/hyperconverged_types.go

@@ -220,6 +220,11 @@ type HyperConvergedSpec struct {
 	// the enabling the KSM in the nodes (if available).
 	// +optional
 	KSMConfiguration *v1.KSMConfiguration `json:"ksmConfiguration,omitempty"`
+
+	// NetworkBinding defines the network binding plugins.
+	// Those bindings can be used when defining virtual machine interfaces.
+	// +optional
+	NetworkBinding map[string]v1.InterfaceBindingPlugin `json:"networkBinding,omitempty"`
 }
 
 // CertRotateConfigCA contains the tunables for TLS certificates.

config/crd/bases/hco.kubevirt.io_hyperconvergeds.yaml

@@ -2361,6 +2361,23 @@ spec:
                     or mediatedDevicesTypes(deprecated) is required
                   rule: (has(self.mediatedDeviceTypes) && size(self.mediatedDeviceTypes)>0)
                     || (has(self.mediatedDevicesTypes) && size(self.mediatedDevicesTypes)>0)
+              networkBinding:
+                additionalProperties:
+                  properties:
+                    networkAttachmentDefinition:
+                      description: 'NetworkAttachmentDefinition references to a NetworkAttachmentDefinition
+                        CR object. Format: <name>, <namespace>/<name>. If namespace
+                        is not specified, VMI namespace is assumed. version: 1alphav1'
+                      type: string
+                    sidecarImage:
+                      description: 'SidecarImage references a container image that
+                        runs in the virt-launcher pod. The sidecar handles (libvirt)
+                        domain configuration and optional services. version: 1alphav1'
+                      type: string
+                  type: object
+                description: NetworkBinding defines the network binding plugins. Those
+                  bindings can be used when defining virtual machine interfaces.
+                type: object
               obsoleteCPUs:
                 description: ObsoleteCPUs allows avoiding scheduling of VMs for obsolete
                   CPU models

controllers/hyperconverged/hyperconverged_controller_test.go

@@ -219,6 +219,7 @@ var _ = Describe("HyperconvergedController", func() {
 					"KubevirtSeccompProfile",
 					"HotplugNICs",
 					"VMPersistentState",
+					"NetworkBindingPlugins",
 				}
 				// Get the KV
 				kvList := &kubevirtcorev1.KubeVirtList{}

controllers/operands/kubevirt.go

@@ -107,6 +107,9 @@ const (
 
 	// Enable VM state persistence
 	kvVMPersistentState = "VMPersistentState"
+
+	// Enable using a plugin to bind the pod and the VM network
+	kvHNetworkBindingPluginsGate = "NetworkBindingPlugins"
 )
 
 const (
@@ -132,6 +135,7 @@ var (
 		kvKubevirtSeccompProfile,
 		kvHotplugNicsGate,
 		kvVMPersistentState,
+		kvHNetworkBindingPluginsGate,
 	}
 
 	// holds a list of mandatory KubeVirt feature gates. Some of them are the hard coded feature gates and some of
@@ -402,6 +406,7 @@ func getKVConfig(hc *hcov1beta1.HyperConverged) (*kubevirtcorev1.KubeVirtConfigu
 		DeveloperConfiguration: devConfig,
 		NetworkConfiguration: &kubevirtcorev1.NetworkConfiguration{
 			NetworkInterface: string(kubevirtcorev1.MasqueradeInterface),
+			Binding:          hc.Spec.NetworkBinding,
 		},
 		MigrationConfiguration:       kvLiveMigration,
 		PermittedHostDevices:         toKvPermittedHostDevices(hc.Spec.PermittedHostDevices),

controllers/operands/kubevirt_test.go

@@ -195,6 +195,10 @@ Version: 1.2.3`)
 			hco.Spec.FeatureGates = hcov1beta1.HyperConvergedFeatureGates{
 				WithHostPassthroughCPU: ptr.To(true),
 			}
+			bindingPlugins := map[string]kubevirtcorev1.InterfaceBindingPlugin{
+				"binding1": {SidecarImage: "image1", NetworkAttachmentDefinition: "nad1"},
+			}
+			hco.Spec.NetworkBinding = bindingPlugins
 
 			expectedResource, err := NewKubeVirt(hco, commontestutils.Namespace)
 			Expect(err).ToNot(HaveOccurred())
@@ -240,6 +244,7 @@ Version: 1.2.3`)
 
 			Expect(foundResource.Spec.Configuration.NetworkConfiguration).ToNot(BeNil())
 			Expect(foundResource.Spec.Configuration.NetworkConfiguration.NetworkInterface).Should(Equal(string(kubevirtcorev1.MasqueradeInterface)))
+			Expect(foundResource.Spec.Configuration.NetworkConfiguration.Binding).Should(Equal(bindingPlugins))
 
 			// LiveMigration Configurations
 			mc := foundResource.Spec.Configuration.MigrationConfiguration

deploy/crds/hco00.crd.yaml

@@ -2361,6 +2361,23 @@ spec:
                     or mediatedDevicesTypes(deprecated) is required
                   rule: (has(self.mediatedDeviceTypes) && size(self.mediatedDeviceTypes)>0)
                     || (has(self.mediatedDevicesTypes) && size(self.mediatedDevicesTypes)>0)
+              networkBinding:
+                additionalProperties:
+                  properties:
+                    networkAttachmentDefinition:
+                      description: 'NetworkAttachmentDefinition references to a NetworkAttachmentDefinition
+                        CR object. Format: <name>, <namespace>/<name>. If namespace
+                        is not specified, VMI namespace is assumed. version: 1alphav1'
+                      type: string
+                    sidecarImage:
+                      description: 'SidecarImage references a container image that
+                        runs in the virt-launcher pod. The sidecar handles (libvirt)
+                        domain configuration and optional services. version: 1alphav1'
+                      type: string
+                  type: object
+                description: NetworkBinding defines the network binding plugins. Those
+                  bindings can be used when defining virtual machine interfaces.
+                type: object
               obsoleteCPUs:
                 description: ObsoleteCPUs allows avoiding scheduling of VMs for obsolete
                   CPU models

deploy/index-image/community-kubevirt-hyperconverged/1.11.0/manifests/hco00.crd.yaml

@@ -2361,6 +2361,23 @@ spec:
                     or mediatedDevicesTypes(deprecated) is required
                   rule: (has(self.mediatedDeviceTypes) && size(self.mediatedDeviceTypes)>0)
                     || (has(self.mediatedDevicesTypes) && size(self.mediatedDevicesTypes)>0)
+              networkBinding:
+                additionalProperties:
+                  properties:
+                    networkAttachmentDefinition:
+                      description: 'NetworkAttachmentDefinition references to a NetworkAttachmentDefinition
+                        CR object. Format: <name>, <namespace>/<name>. If namespace
+                        is not specified, VMI namespace is assumed. version: 1alphav1'
+                      type: string
+                    sidecarImage:
+                      description: 'SidecarImage references a container image that
+                        runs in the virt-launcher pod. The sidecar handles (libvirt)
+                        domain configuration and optional services. version: 1alphav1'
+                      type: string
+                  type: object
+                description: NetworkBinding defines the network binding plugins. Those
+                  bindings can be used when defining virtual machine interfaces.
+                type: object
               obsoleteCPUs:
                 description: ObsoleteCPUs allows avoiding scheduling of VMs for obsolete
                   CPU models

deploy/olm-catalog/community-kubevirt-hyperconverged/1.11.0/manifests/hco00.crd.yaml

@@ -2361,6 +2361,23 @@ spec:
                     or mediatedDevicesTypes(deprecated) is required
                   rule: (has(self.mediatedDeviceTypes) && size(self.mediatedDeviceTypes)>0)
                     || (has(self.mediatedDevicesTypes) && size(self.mediatedDevicesTypes)>0)
+              networkBinding:
+                additionalProperties:
+                  properties:
+                    networkAttachmentDefinition:
+                      description: 'NetworkAttachmentDefinition references to a NetworkAttachmentDefinition
+                        CR object. Format: <name>, <namespace>/<name>. If namespace
+                        is not specified, VMI namespace is assumed. version: 1alphav1'
+                      type: string
+                    sidecarImage:
+                      description: 'SidecarImage references a container image that
+                        runs in the virt-launcher pod. The sidecar handles (libvirt)
+                        domain configuration and optional services. version: 1alphav1'
+                      type: string
+                  type: object
+                description: NetworkBinding defines the network binding plugins. Those
+                  bindings can be used when defining virtual machine interfaces.
+                type: object
               obsoleteCPUs:
                 description: ObsoleteCPUs allows avoiding scheduling of VMs for obsolete
                   CPU models

docs/api.md

@@ -199,6 +199,7 @@ HyperConvergedSpec defines the desired state of HyperConverged
 | virtualMachineOptions | VirtualMachineOptions holds the cluster level information regarding the virtual machine. | *[VirtualMachineOptions](#virtualmachineoptions) |  | false |
 | commonBootImageNamespace | CommonBootImageNamespace override the default namespace of the common boot images, in order to hide them.\n\nIf not set, HCO won't set any namespace, letting SSP to use the default. If set, use the namespace to create the DataImportCronTemplates and the common image streams, with this namespace. This field is not set by default. | *string |  | false |
 | ksmConfiguration | KSMConfiguration holds the information regarding the enabling the KSM in the nodes (if available). | *v1.KSMConfiguration |  | false |
+| networkBinding | NetworkBinding defines the network binding plugins. Those bindings can be used when defining virtual machine interfaces. | map[string]v1.InterfaceBindingPlugin |  | false |
 
 [Back to TOC](#table-of-contents)
 

docs/cluster-configuration.md

@@ -759,6 +759,25 @@ spec:
   kubeSecondaryDNSNameServerIP: "127.0.0.1"
 ```
 
+## Network Binding plugin
+In order to set NetworkBinding, set it on HyperConverged CR under spec.networkBinding field.
+Default: empty map (no binding plugins).
+
+### Network Binding plugin example
+```yaml
+apiVersion: hco.kubevirt.io/v1beta1
+kind: HyperConverged
+metadata:
+  name: kubevirt-hyperconverged
+spec:
+  networkBinding:
+    custom-binding1:
+      sidecarImage: quay.io/custom-binding1-image
+    custom-binding2:
+      sidecarImage: quay.io/custom-binding2-image
+      networkAttachmentDefinition: customBinding2Nad
+```
+
 ## Modify common golden images
 Golden images are root disk images for commonly used operating systems. HCO provides several common images, but it is possible to modify them, if needed.