diff --git a/modules/virt-creating-linux-bridge-nad-cli.adoc b/modules/virt-creating-linux-bridge-nad-cli.adoc index c2d7c0998091..446fbd01be37 100644 --- a/modules/virt-creating-linux-bridge-nad-cli.adoc +++ b/modules/virt-creating-linux-bridge-nad-cli.adoc @@ -28,20 +28,21 @@ Configuring IP address management (IPAM) in a network attachment definition for apiVersion: "k8s.cni.cncf.io/v1" kind: NetworkAttachmentDefinition metadata: - name: bridge-network <1> + name: bridge-network # <1> annotations: - k8s.v1.cni.cncf.io/resourceName: bridge.network.kubevirt.io/bridge-interface <2> + k8s.v1.cni.cncf.io/resourceName: bridge.network.kubevirt.io/bridge-interface # <2> spec: - config: '{ - "cniVersion": "0.3.1", - "name": "bridge-network", <3> - "type": "cnv-bridge", <4> - "bridge": "bridge-interface", <5> - "macspoofchk": false, <6> - "vlan": 100, <7> - "disableContainerInterface": "true", - "preserveDefaultVlan": false <8> - }' + config: | + { + "cniVersion": "0.3.1", + "name": "bridge-network", <3> + "type": "bridge", <4> + "bridge": "bridge-interface", <5> + "macspoofchk": false, <6> + "vlan": 100, <7> + "disableContainerInterface": true, + "preserveDefaultVlan": false <8> + } ---- <1> The name for the `NetworkAttachmentDefinition` object. <2> Optional: Annotation key-value pair for node selection, where `bridge-interface` must match the name of a bridge configured on some nodes. If you add this annotation to your network attachment definition, your virtual machine instances will only run on the nodes that have the `bridge-interface` bridge connected. diff --git a/modules/virt-pxe-booting-with-mac-address.adoc b/modules/virt-pxe-booting-with-mac-address.adoc index 5554a04e7767..98b5694fceb3 100644 --- a/modules/virt-pxe-booting-with-mac-address.adoc +++ b/modules/virt-pxe-booting-with-mac-address.adoc @@ -28,30 +28,27 @@ endif::openshift-rosa,openshift-dedicated[] apiVersion: "k8s.cni.cncf.io/v1" kind: NetworkAttachmentDefinition metadata: - name: pxe-net-conf + name: pxe-net-conf # <1> spec: - config: '{ - "cniVersion": "0.3.1", - "name": "pxe-net-conf", - "plugins": [ - { - "type": "cnv-bridge", - "bridge": "br1", - "vlan": 1 <1> - }, - { - "type": "cnv-tuning" <2> - } - ] - }' ----- -<1> Optional: The VLAN tag. -<2> The `cnv-tuning` plugin provides support for custom MAC addresses. -+ -[NOTE] -==== -The virtual machine instance will be attached to the bridge `br1` through an access port with the requested VLAN. -==== + config: | + { + "cniVersion": "0.3.1", + "name": "pxe-net-conf", <2> + "type": "bridge", <3> + "bridge": "bridge-interface", <4> + "macspoofchk": false, <5> + "vlan": 100, <6> + "disableContainerInterface": true, + "preserveDefaultVlan": false <7> + } +---- +<1> The name for the `NetworkAttachmentDefinition` object. +<2> The name for the configuration. It is recommended to match the configuration name to the `name` value of the network attachment definition. +<3> The actual name of the Container Network Interface (CNI) plugin that provides the network for this network attachment definition. This example uses a Linux bridge CNI plugin. You can also use an OVN-Kubernetes localnet or an SR-IOV CNI plugin. +<4> The name of the Linux bridge configured on the node. +<5> Optional: A flag to enable the MAC spoof check. When set to `true`, you cannot change the MAC address of the pod or guest interface. This attribute allows only a single MAC address to exit the pod, which provides security against a MAC spoofing attack. +<6> Optional: The VLAN tag. No additional VLAN configuration is required on the node network configuration policy. +<7> Optional: Indicates whether the VM connects to the bridge through the default VLAN. The default value is `true`. . Create the network attachment definition by using the file you created in the previous step: +