[enterprise-4.16] CNV-49892-49886: Updating NetworkAttachmentDefinition YAML

modules/virt-creating-linux-bridge-nad-cli.adoc

@@ -28,20 +28,21 @@ Configuring IP address management (IPAM) in a network attachment definition for
 apiVersion: "k8s.cni.cncf.io/v1"
 kind: NetworkAttachmentDefinition
 metadata:
-  name: bridge-network <1>
+  name: bridge-network # <1>
   annotations:
-    k8s.v1.cni.cncf.io/resourceName: bridge.network.kubevirt.io/bridge-interface <2>
+    k8s.v1.cni.cncf.io/resourceName: bridge.network.kubevirt.io/bridge-interface # <2>
 spec:
-  config: '{
-    "cniVersion": "0.3.1",
-    "name": "bridge-network", <3>
-    "type": "cnv-bridge", <4>
-    "bridge": "bridge-interface", <5>
-    "macspoofchk": false, <6>
-    "vlan": 100, <7>
-    "disableContainerInterface": "true",
-    "preserveDefaultVlan": false <8>
-  }'
+  config: |
+    {
+      "cniVersion": "0.3.1",
+      "name": "bridge-network", <3>
+      "type": "bridge", <4>
+      "bridge": "bridge-interface", <5>
+      "macspoofchk": false, <6>
+      "vlan": 100, <7>
+      "disableContainerInterface": true,
+      "preserveDefaultVlan": false <8>
+    }
 ----
 <1> The name for the `NetworkAttachmentDefinition` object.
 <2> Optional: Annotation key-value pair for node selection, where `bridge-interface` must match the name of a bridge configured on some nodes. If you add this annotation to your network attachment definition, your virtual machine instances will only run on the nodes that have the `bridge-interface` bridge connected.

modules/virt-pxe-booting-with-mac-address.adoc

@@ -28,30 +28,27 @@ endif::openshift-rosa,openshift-dedicated[]
 apiVersion: "k8s.cni.cncf.io/v1"
 kind: NetworkAttachmentDefinition
 metadata:
-  name: pxe-net-conf
+  name: pxe-net-conf # <1>
 spec:
-  config: '{
-    "cniVersion": "0.3.1",
-    "name": "pxe-net-conf",
-    "plugins": [
-      {
-        "type": "cnv-bridge",
-        "bridge": "br1",
-        "vlan": 1 <1>
-      },
-      {
-        "type": "cnv-tuning" <2>
-      }
-    ]
-  }'
-----
-<1> Optional: The VLAN tag.
-<2> The `cnv-tuning` plugin provides support for custom MAC addresses.
-+
-[NOTE]
-====
-The virtual machine instance will be attached to the bridge `br1` through an access port with the requested VLAN.
-====
+  config: |
+    {
+      "cniVersion": "0.3.1",
+      "name": "pxe-net-conf", <2>
+      "type": "bridge", <3>
+      "bridge": "bridge-interface", <4>
+      "macspoofchk": false, <5>
+      "vlan": 100, <6>
+      "disableContainerInterface": true,
+      "preserveDefaultVlan": false <7>
+    }
+----
+<1> The name for the `NetworkAttachmentDefinition` object.
+<2> The name for the configuration. It is recommended to match the configuration name to the `name` value of the network attachment definition.
+<3> The actual name of the Container Network Interface (CNI) plugin that provides the network for this network attachment definition. This example uses a Linux bridge CNI plugin. You can also use an OVN-Kubernetes localnet or an SR-IOV CNI plugin.
+<4> The name of the Linux bridge configured on the node.
+<5> Optional: A flag to enable the MAC spoof check. When set to `true`, you cannot change the MAC address of the pod or guest interface. This attribute allows only a single MAC address to exit the pod, which provides security against a MAC spoofing attack.
+<6> Optional: The VLAN tag. No additional VLAN configuration is required on the node network configuration policy.
+<7> Optional: Indicates whether the VM connects to the bridge through the default VLAN. The default value is `true`.
 
 . Create the network attachment definition by using the file you created in the previous step:
 +