Support KubeVirt Provider Network

pkg/cloudprovider/provider/kubevirt/provider.go

@@ -19,8 +19,10 @@ package kubevirt
 import (
 	"context"
 	"encoding/base64"
+	"encoding/json"
 	"errors"
 	"fmt"
+	"net"
 	"net/url"
 	"os"
 	"strconv"
@@ -113,6 +115,11 @@ type Config struct {
 	TopologySpreadConstraints []corev1.TopologySpreadConstraint
 	Region                    string
 	Zone                      string
+
+	ProviderNetworkName string
+	SubnetName          string
+	SubnetCIDRBlock     string
+	SubnetGatewayIP     string
 }
 
 // StorageTarget represents targeted storage definition that will be used to provision VirtualMachine volumes. Currently,
@@ -343,6 +350,15 @@ func (p *provider) getConfig(provSpec clusterv1alpha1.ProviderSpec) (*Config, *p
 		config.Region = rawConfig.VirtualMachine.Location.Region
 	}
 
+	if rawConfig.VirtualMachine.ProviderNetwork != nil {
+		config.ProviderNetworkName = rawConfig.VirtualMachine.ProviderNetwork.Name
+		if rawConfig.VirtualMachine.ProviderNetwork.VPC.Subnet != nil {
+			config.SubnetName = rawConfig.VirtualMachine.ProviderNetwork.VPC.Subnet.Name
+			config.SubnetCIDRBlock = rawConfig.VirtualMachine.ProviderNetwork.VPC.Subnet.CIDRBlock
+			config.SubnetGatewayIP = rawConfig.VirtualMachine.ProviderNetwork.VPC.Subnet.GatewayIP
+		}
+	}
+
 	return &config, pconfig, nil
 }
 
@@ -686,9 +702,14 @@ func (p *provider) newVirtualMachine(c *Config, pc *providerconfigtypes.Config,
 		annotations["kubevirt.io/ignitiondata"] = userdata
 	}
 
-	annotations["ovn.kubernetes.io/allow_live_migration"] = "true"
 	annotations["kubevirt.io/allow-pod-bridge-network-live-migration"] = "true"
 
+	if strings.ToLower(c.ProviderNetworkName) == "kubeovn" {
+		if err := setOVNAnnotations(c, annotations); err != nil {
+			return nil, fmt.Errorf("failed to set OVN annotations: %w", err)
+		}
+	}
+
 	for k, v := range machine.Annotations {
 		if strings.HasPrefix(k, "cdi.kubevirt.io") {
 			dvAnnotations[k] = v
@@ -1042,3 +1063,45 @@ func getStorageTopologies(ctx context.Context, storageClasName string, c *Config
 
 	return nil
 }
+
+func setOVNAnnotations(c *Config, annotations map[string]string) error {
+	annotations["ovn.kubernetes.io/allow_live_migration"] = "true"
+
+	if c.SubnetName != "" {
+		annotations["ovn.kubernetes.io/logical_switch"] = c.SubnetName
+	}
+
+	var subnetGatewayIP string
+	if c.SubnetGatewayIP == "" {
+		_, ipNet, err := net.ParseCIDR(c.SubnetCIDRBlock)
+		if err != nil {
+			return err
+		}
+
+		firstIP := ipNet.IP.To4()
+		if firstIP == nil {
+			return errors.New("invalid IPv4 address")
+		}
+
+		firstIP[3]++
+		subnetGatewayIP = firstIP.String()
+	} else {
+		subnetGatewayIP = c.SubnetGatewayIP
+	}
+
+	routes := []struct {
+		Gw string `json:"gw"`
+	}{
+		{
+			Gw: subnetGatewayIP,
+		},
+	}
+	marshalledRoutes, err := json.Marshal(routes)
+	if err != nil {
+		return err
+	}
+
+	annotations["ovn.kubernetes.io/routes"] = string(marshalledRoutes)
+
+	return nil
+}

pkg/cloudprovider/provider/kubevirt/provider_test.go

@@ -21,6 +21,7 @@ import (
 	"context"
 	"embed"
 	"html/template"
+	"k8c.io/machine-controller/pkg/cloudprovider/provider/kubevirt/types"
 	"path"
 	"reflect"
 	"testing"
@@ -68,6 +69,7 @@ type kubevirtProviderSpecConf struct {
 	OsImageSource            imageSource
 	OsImageSourceURL         string
 	PullMethod               cdiv1beta1.RegistryPullMethod
+	ProviderNetwork          *types.ProviderNetwork
 }
 
 func (k kubevirtProviderSpecConf) rawProviderSpec(t *testing.T) []byte {
@@ -101,6 +103,18 @@ func (k kubevirtProviderSpecConf) rawProviderSpec(t *testing.T) []byte {
 		},
 		{{- end }}
 		"virtualMachine": {
+            {{- if .ProviderNetwork }}
+            "providerNetwork": {
+               "name": "kubeovn",
+               "vpc": {
+                 "name": "test-vpc",
+                 "subnet": {
+                   "name": "test-subnet",
+                   "cidrBlock": "10.10.0.0/16"
+                 }
+               }
+            },
+            {{- end }}
 			{{- if .Instancetype }}
 			"instancetype": {
 				"name": "{{ .Instancetype.Name }}",
@@ -202,6 +216,14 @@ func TestNewVirtualMachine(t *testing.T) {
 				},
 			},
 		},
+		{
+			name: "kubeovn-provider-network",
+			specConf: kubevirtProviderSpecConf{
+				ProviderNetwork: &types.ProviderNetwork{Name: "KubeOVN", VPC: types.VPC{Name: "test-vpc", Subnet: &types.Subnet{
+					Name:      "test-subnet",
+					CIDRBlock: "10.10.0.0/24",
+				}}}},
+		},
 		{
 			name:     "topologyspreadconstraints",
 			specConf: kubevirtProviderSpecConf{TopologySpreadConstraint: true},

pkg/cloudprovider/provider/kubevirt/testdata/affinity-no-values.yaml

@@ -29,7 +29,6 @@ spec:
   template:
     metadata:
       annotations:
-        "ovn.kubernetes.io/allow_live_migration": "true"
         "kubevirt.io/allow-pod-bridge-network-live-migration": "true"
       labels:
         cluster.x-k8s.io/cluster-name: cluster-name

pkg/cloudprovider/provider/kubevirt/testdata/affinity.yaml

@@ -29,7 +29,6 @@ spec:
   template:
     metadata:
       annotations:
-        "ovn.kubernetes.io/allow_live_migration": "true"
         "kubevirt.io/allow-pod-bridge-network-live-migration": "true"
       labels:
         cluster.x-k8s.io/cluster-name: cluster-name

pkg/cloudprovider/provider/kubevirt/testdata/custom-local-disk.yaml

@@ -30,7 +30,6 @@ spec:
     metadata:
       creationTimestamp: null
       annotations:
-        "ovn.kubernetes.io/allow_live_migration": "true"
         "kubevirt.io/allow-pod-bridge-network-live-migration": "true"
       labels:
         cluster.x-k8s.io/cluster-name: cluster-name

pkg/cloudprovider/provider/kubevirt/testdata/http-image-source.yaml

@@ -29,7 +29,6 @@ spec:
     metadata:
       creationTimestamp: null
       annotations:
-        "ovn.kubernetes.io/allow_live_migration": "true"
         "kubevirt.io/allow-pod-bridge-network-live-migration": "true"
       labels:
         kubevirt.io/vm: http-image-source

pkg/cloudprovider/provider/kubevirt/testdata/instancetype-preference-custom.yaml

@@ -35,7 +35,6 @@ spec:
   template:
     metadata:
       annotations:
-        "ovn.kubernetes.io/allow_live_migration": "true"
         "kubevirt.io/allow-pod-bridge-network-live-migration": "true"
       labels:
         cluster.x-k8s.io/cluster-name: cluster-name

pkg/cloudprovider/provider/kubevirt/testdata/instancetype-preference-standard.yaml

@@ -35,7 +35,6 @@ spec:
     metadata:
       creationTimestamp: null
       annotations:
-        "ovn.kubernetes.io/allow_live_migration": "true"
         "kubevirt.io/allow-pod-bridge-network-live-migration": "true"
       labels:
         cluster.x-k8s.io/cluster-name: cluster-name

pkg/cloudprovider/provider/kubevirt/testdata/kubeovn-provider-network.yaml

@@ -0,0 +1,81 @@
+apiVersion: kubevirt.io/v1
+kind: VirtualMachine
+metadata:
+  annotations:
+  labels:
+    cluster.x-k8s.io/cluster-name: cluster-name
+    cluster.x-k8s.io/role: worker
+    kubevirt.io/vm: kubeovn-provider-network
+    md: md-name
+  name: kubeovn-provider-network
+  namespace: test-namespace
+spec:
+  dataVolumeTemplates:
+    - metadata:
+        name: kubeovn-provider-network
+      spec:
+        pvc:
+          accessModes:
+            - ReadWriteOnce
+          resources:
+            requests:
+              storage: 10Gi
+          storageClassName: longhorn
+        source:
+          http:
+            url: http://x.y.z.t/ubuntu.img
+  runStrategy: Once
+  template:
+    metadata:
+      creationTimestamp: null
+      annotations:
+        ovn.kubernetes.io/allow_live_migration: "true"
+        ovn.kubernetes.io/logical_switch: test-subnet
+        ovn.kubernetes.io/routes: '[{"gw":"10.10.0.1"}]'
+        "kubevirt.io/allow-pod-bridge-network-live-migration": "true"
+      labels:
+        cluster.x-k8s.io/cluster-name: cluster-name
+        cluster.x-k8s.io/role: worker
+        kubevirt.io/vm: kubeovn-provider-network
+        md: md-name
+    spec:
+      affinity: {}
+      domain:
+        devices:
+          disks:
+            - disk:
+                bus: virtio
+              name: datavolumedisk
+            - disk:
+                bus: virtio
+              name: cloudinitdisk
+          interfaces:
+            - name: default
+              bridge: {}
+        resources:
+          limits:
+            cpu: "2"
+            memory: 2Gi
+          requests:
+            cpu: "2"
+            memory: 2Gi
+      networks:
+        - name: default
+          pod: {}
+      terminationGracePeriodSeconds: 30
+      topologyspreadconstraints:
+        - maxskew: 1
+          topologykey: kubernetes.io/hostname
+          whenunsatisfiable: ScheduleAnyway
+          labelselector:
+            matchlabels:
+              md: md-name
+      volumes:
+        - dataVolume:
+            name: kubeovn-provider-network
+          name: datavolumedisk
+        - cloudInitNoCloud:
+            secretRef:
+              name: udsn
+          name: cloudinitdisk
+      evictionStrategy: External

pkg/cloudprovider/provider/kubevirt/testdata/nominal-case.yaml

@@ -29,7 +29,6 @@ spec:
     metadata:
       creationTimestamp: null
       annotations:
-        "ovn.kubernetes.io/allow_live_migration": "true"
         "kubevirt.io/allow-pod-bridge-network-live-migration": "true"
       labels:
         cluster.x-k8s.io/cluster-name: cluster-name

pkg/cloudprovider/provider/kubevirt/testdata/pvc-image-source.yaml

@@ -30,7 +30,6 @@ spec:
     metadata:
       creationTimestamp: null
       annotations:
-        "ovn.kubernetes.io/allow_live_migration": "true"
         "kubevirt.io/allow-pod-bridge-network-live-migration": "true"
       labels:
         kubevirt.io/vm: pvc-image-source

pkg/cloudprovider/provider/kubevirt/testdata/registry-image-source-pod.yaml

@@ -30,7 +30,6 @@ spec:
     metadata:
       creationTimestamp: null
       annotations:
-        "ovn.kubernetes.io/allow_live_migration": "true"
         "kubevirt.io/allow-pod-bridge-network-live-migration": "true"
       labels:
         kubevirt.io/vm: registry-image-source-pod

pkg/cloudprovider/provider/kubevirt/testdata/registry-image-source.yaml

@@ -30,7 +30,6 @@ spec:
     metadata:
       creationTimestamp: null
       annotations:
-        "ovn.kubernetes.io/allow_live_migration": "true"
         "kubevirt.io/allow-pod-bridge-network-live-migration": "true"
       labels:
         kubevirt.io/vm: registry-image-source

pkg/cloudprovider/provider/kubevirt/testdata/secondary-disks.yaml

@@ -55,7 +55,6 @@ spec:
     metadata:
       creationTimestamp: null
       annotations:
-        "ovn.kubernetes.io/allow_live_migration": "true"
         "kubevirt.io/allow-pod-bridge-network-live-migration": "true"
       labels:
         cluster.x-k8s.io/cluster-name: cluster-name

pkg/cloudprovider/provider/kubevirt/testdata/topologyspreadconstraints.yaml

@@ -29,7 +29,6 @@ spec:
     metadata:
       creationTimestamp: null
       annotations:
-        "ovn.kubernetes.io/allow_live_migration": "true"
         "kubevirt.io/allow-pod-bridge-network-live-migration": "true"
       labels:
         cluster.x-k8s.io/cluster-name: cluster-name

pkg/cloudprovider/provider/kubevirt/testdata/use-storage-as-storage-target.yaml

@@ -30,7 +30,6 @@ spec:
     metadata:
       creationTimestamp: null
       annotations:
-        "ovn.kubernetes.io/allow_live_migration": "true"
         "kubevirt.io/allow-pod-bridge-network-live-migration": "true"
       labels:
         cluster.x-k8s.io/cluster-name: cluster-name

pkg/cloudprovider/provider/kubevirt/types/types.go

@@ -53,11 +53,12 @@ type VirtualMachine struct {
 	// Instancetype is optional.
 	Instancetype *kubevirtv1.InstancetypeMatcher `json:"instancetype,omitempty"`
 	// Preference is optional.
-	Preference *kubevirtv1.PreferenceMatcher       `json:"preference,omitempty"`
-	Template   Template                            `json:"template,omitempty"`
-	DNSPolicy  providerconfigtypes.ConfigVarString `json:"dnsPolicy,omitempty"`
-	DNSConfig  *corev1.PodDNSConfig                `json:"dnsConfig,omitempty"`
-	Location   *Location                           `json:"location,omitempty"`
+	Preference      *kubevirtv1.PreferenceMatcher       `json:"preference,omitempty"`
+	Template        Template                            `json:"template,omitempty"`
+	DNSPolicy       providerconfigtypes.ConfigVarString `json:"dnsPolicy,omitempty"`
+	DNSConfig       *corev1.PodDNSConfig                `json:"dnsConfig,omitempty"`
+	Location        *Location                           `json:"location,omitempty"`
+	ProviderNetwork *ProviderNetwork                    `json:"providerNetwork,omitempty"`
 }
 
 // Flavor.
@@ -132,6 +133,26 @@ type Location struct {
 	Zone   string `json:"zone,omitempty"`
 }
 
+// ProviderNetwork describes the infra cluster network fabric that is being used.
+type ProviderNetwork struct {
+	Name string `json:"name"`
+	VPC  VPC    `json:"vpc"`
+}
+
+// VPC  is a virtual network dedicated to a single tenant within a KubeVirt, where the resources in the VPC
+// is isolated from any other resources within the KubeVirt infra cluster.
+type VPC struct {
+	Name   string  `json:"name"`
+	Subnet *Subnet `json:"subnet,omitempty"`
+}
+
+// Subnet a smaller, segmented portion of a larger network, like a Virtual Private Cloud (VPC).
+type Subnet struct {
+	Name      string `json:"name"`
+	CIDRBlock string `json:"cidrBlock"`
+	GatewayIP string `json:"gatewayIP,omitempty"`
+}
+
 func GetConfig(pconfig providerconfigtypes.Config) (*RawConfig, error) {
 	rawConfig := &RawConfig{}