Enable Platform9 DHCP
Platform9 DHCP is the recommended DHCP (vs whereabouts ) for KubeVirt installations. When leveraging whereabouts there is an issue that occurs during Live Migrations where the Virtual Machine IP address will change when migrated to the target host.
What is Platform9 DHCP
Platform9 created an alternative to whereabouts for the KubeVirt use case by having a DHCP server running inside the pod/vm to cater to the DHCP requests from the virtual machine instance (not the pod in the case of Kubevirt). Multus Network Attachment Definition will use the DHCP server, and there is no need to specify the IPAM plugin. The client/consumer VM will need the dhclient for sending DHCP requests.
Prerequisites
- Kubevirt
- Advanced Networking Operator (Luigi)
- Kubemacpool
Enabling the Platform9 DHCP Addon:
- Using the Advanced Networking Operator (Luigi) add-on, enable dhcpController addon by creating a Network Plugin resource as shown:
apiVersionplumber.k8s.pf9.io/v1kindNetworkPluginsmetadata namenetworkplugins-sample-nosriovspec plugins ... dhcpController- This creates the
dhcp-controller-systemnamespace with the controller for the dnsmasq. This also installs Kubemacpool indhcp-controller-systemnamespace. - Create
HostNetoworkTemplate&NetworkAttachmentDefinition.
apiVersionplumber.k8s.pf9.io/v1kindHostNetworkTemplatemetadata nameovs-br03-configspec # Add fields here ovsConfigbridgeName"ovs-br03" nodeInterface"ens5"---apiVersion"k8s.cni.cncf.io/v1"kindNetworkAttachmentDefinitionmetadata nameovs-dnsmasq-test-woipam annotations k8s.v1.cni.cncf.io/resourceNameovs-cni.network.kubevirt.io/ovs-br03spec config'{ "cniVersion""0.3.1", "type""ovs", "name""ovs-dnsmasq-test-woipam", "bridge""ovs-br03" 'NetworkAttachmentDefinitionused with Platform9 IPAM omits the ipam section in the config, which is present when whereabouts is used as IPAM. Platform9 IPAM also supports OVS-DPDK networks.- Create a DHCP Server
apiVersiondhcp.plumber.k8s.pf9.io/v1alpha1 kindDHCPServermetadata namedhcpserver-samplespec networksnetworkNameovs-dnsmasq-test-woipam interfaceIp192.168.15.14/24 leaseDuration10m vlanIdvlan1 cidr range192.168.15.0/24 range_start192.168.15.30 range_end192.168.15.100 gateway192.168.15.1- About the fields
a . Name: Name of the DHCPServer. Configurations of dnsmasq will be generated in a Configmap with the same name
b. networks: list of all networks that this pod will serve
- networkName: Name of NetworkAttachmentDefinition. Should not have dhcp plugin enabled.
- interfaceIp: IP address that the pod will be allocated. Must have prefix to ensure proper routes are added.
- leaseDuration: Duration the leases offered should be valid for. Provide in valid formats for dnsmasq (eg: 10m, 5h, etc). Defaults to 1h
- vlanId: Dnsmasq network identifier. Used as an identifier while restoring IPs.
- cidr:
range_start, range_end, gatewayare optional. range is compulsory. If range start and end are provided, they will be used in place of the default start and end.
- A configmap is generated based on the DHCPServer. This is a conf file for dnsmasq. It can be overridden by creating a valid configmap with the same name as that of the DHCPServer.
For any specific configurations, you can provide your own configmap. Create a configmap with valid dnsmasq.conf parameters. Along with this, dhcp-range must be in one of these two formats
- dhcp-range=<start_IP>,<end_ip>,<netmask>,<leasetime>
- dhcp-range=<vlanID>,<start_ip>,<end_ip>,<netmask>,<leasetime>
- Sample VM yaml to apply
apiVersionkubevirt.io/v1kindVirtualMachinemetadata nametest-ovs-interface-1spec runningtrue template metadata labels kubevirt.io/sizesmall kubevirt.io/domaintestvm spec domain devices disksnamecontainerdisk disk busvirtionamecloudinitdisk disk busvirtio interfacesnamedefault masqueradebridge nameovs-br03 resources requests memory1024M hostnamemyhostname1 networksnamedefault podnameovs-br03 multus networkNameovs-dnsmasq-test-woipam volumesnamecontainerdisk containerDisk imagequay.io/kubevirt/fedora-cloud-container-disk-demolatestnamecloudinitdisk cloudInitNoCloud userData- #cloud-config passwordfedora chpasswd expireFalse - Sample StatefulSet YAML to apply.
---apiVersionv1kindServicemetadata nameheadlessspec portsport80 nameweb selector apptest clusterIPNone---apiVersionapps/v1kindStatefulSetmetadata nametest2spec replicas1 selector matchLabels apptest2 serviceNameheadless template metadata labels apptest2 annotations k8s.v1.cni.cncf.io/networks'[ "name" "ovs-dnsmasq-test-woipam" ' spec securityContext runAsUser1000 runAsGroup3000 containersnametest2 imagealpine portscontainerPort80 nameweb command"/bin/sh" args-c>- udhcpc -i net1 tail -f /dev/null securityContext runAsUser0 #allowPrivilegeEscalation: false capabilities add"NET_ADMIN"- An IPAllocation is made for every lease stored in the server. It is used to restore leases back to the DHCPServer. Leases are only restored to the vlanID mentioned. Lease will expire at
leaseExpiry. Sample of how an IPAllocation looks
apiVersiondhcp.plumber.k8s.pf9.io/v1alpha1kindIPAllocationmetadata creationTimestamp"2022-11-09T12:18:58Z" generation1 name192.168.15.90 namespacedefault resourceVersion"189858" uid70ee31e1-d3b4-47f0-be92-0eb03cd33d57spec entityReftest-ovs-interface-1 leaseExpiry"1667998138" macAddr1e8df0c46c8e vlanIdvlan3Was this page helpful?