Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
network, bridge binding: Enable container interface
Migrating a VM with secondary interfaces that uses bridge binding may cause long periods of traffic disruption. This occurs when the interface is defined with an explicit MAC address (manually or automatically through KubeMacPool) on nodes that have IPv6 enabled. During the migration, frames may be forwarded to the destination node while the domain is active on the source and still not running at the destination. When the migration destination pod is created an IPv6 NS (Neighbor Solicitation) and NA (Neighbor Advertisement) are sent automatically by the kernel. The switches at the endpoints (e.g.: migration destination node) tables get updated and the traffic is forwarded to the migration destination before the migration is completed [1]. Assuming the used bridge CNI to connect the pod to the node can create the pod interface in a "link-down" state [2], the IPv6 NS/NA packets are avoided. However, there is a need to explicitly set the "link-up" when Kubevirt later processes them. As part of the pod network configuration calculation, Kubevirt now explicitly asks to set the relevant interfaces for the bridge binding as "UP". Fixes: https://issues.redhat.com/browse/CNV-28040 [1] https://bugzilla.redhat.com/show_bug.cgi?id=2186372#c6 [2] containernetworking/plugins#951 Signed-off-by: Or Mergi <ormergi@redhat.com>
- Loading branch information
