Customize JCNR Helm Chart for Baremetal Servers
You can deploy and operate Juniper Cloud-Native Router in the L2, L3, or L2-L3 mode on a
baremetal server. You configure the deployment mode by editing the appropriate attributes in
the values.yaml
file prior to deployment.
-
In the
fabricInterface
key of thevalues.yaml
file:-
When all the interfaces have an
interface_mode
key configured, then the mode of deployment would be L2. -
When one or more interfaces have an
interface_mode
key configured along with the rest of the interfaces not having theinterface_mode
key, then the mode of deployment would be L2-L3. -
When none of the interfaces have the
interface_mode
key configured, then the mode of deployment would be L3.
-
Helm Chart Attributes and Descriptions
Juniper_Cloud_Native_Router_release-number/helmchart/values.yaml
file. The configuration keys of the helm chart are shown in the table below. Key | Additional Key Configuration | Description |
---|---|---|
registry | Defines the docker registry for the vRouter, cRPD and jcnr-cni container images.
The default value is enterprise-hub.juniper.net . The images provided
in the tarball are tagged with the default registry name. If you choose to host the
container images to a private registry, replace the default value with your registry
URL. |
|
repository | (Optional) Defines the repository path for the vRouter, cRPD and jcnr-cni
container images. This is a global key and takes precedence over "repository" paths
under "common" section. The default value is
jcnr-container-prod/ . |
|
imagePullSecret | (Optional) Defines the registry authentication credentials. You can configure credentials to either the Juniper repository or your private registry. | |
registryCredentials | Base64 representation of your Docker registry credentials. View the Configure Repository Credentials topic for more information. | |
secretName | Name of the secret object that will be created. | |
common | Defines repsitory paths and tags for the vRouter, cRPD and jcnr-cni container images. Use default unless using a private registry. | |
repository | Defines the repository path. The default value is
atom-docker/cn2/bazel-build/dev/ . The global repository key takes
precedence if defined. |
|
tag | Defines the image tag. The default value is configured to the appropriate tag number for the JCNR release version. | |
replicas | (Optional) Indicates the number of replicas for cRPD. If the value is not specified, then the default value 1 is considered. The value for this key must be specified for multi-node clusters. The value must be equal to the number of nodes to which JCNR must be deployed. | |
storageClass | Not applicable for non-cloud deployments. | |
awsregion | Not applicable for non-EKS deployments. | |
noLocalSwitching | (Optional) Prevents interfaces in a bridge domain from transmitting and receiving ethernet frame copies. Enter one or more comma separated VLAN IDs to ensure that the interfaces belonging to the VLAN IDs do not transmit frames to one another. This key is specific for L2 and L2-L3 deployments. Enabling this key provides the functionality on all access interfaces. For enabling the functionality on trunk interfaces, configure the no-local-switching key in the fabricInterface key. | |
fabricInterface |
Provide a list of interfaces to be bound to the DPDK. You can also provide subnets instead of interface names. If both the interface name and the subnet are specified, then the interface name takes precedence over subnet/gateway combination. The subnet/gateway combination is useful when the interface names vary in a multi-node cluster. Note:
For example: # L2 only - eth1: ddp: "auto" interface_mode: trunk vlan-id-list: [100, 200, 300, 700-705] storm-control-profile: rate_limit_pf1 native-vlan-id: 100 no-local-switching: true # L3 only - eth1: ddp: "off" # L2L3 - eth1: ddp: "auto" - eth2: ddp: "auto" interface_mode: trunk vlan-id-list: [100, 200, 300, 700-705] storm-control-profile: rate_limit_pf1 native-vlan-id: 100 no-local-switching: true |
|
subnet | An alternative mode of input for interface names. For example:
- subnet: 10.40.1.0/24 gateway: 10.40.1.1 ddp: "off" The
|
|
ddp |
(Optional) Indicates the interface-level Dynamic Device Personalization (DDP) configuration. DDP provides datapath optimization at NIC for traffic like GTPU, SCTP, etc. For a bond interface, all slave interface NICs must support DDP for the DDP configuration to be enabled. Setting options include auto, on, or off. The default setting is off. Note:
The interface level |
|
interface_mode |
Set to interface_mode: trunk |
|
vlan-id-list |
Provide a list of VLAN IDs associated with the interface. |
|
storm-control-profile |
Use |
|
native-vlan-id |
Configure fabricInterface: - bond0: interface_mode: trunk vlan-id-list: [100, 200, 300] storm-control-profile: rate_limit_pf1 native-vlan-id: 100 |
|
no-local-switching | Prevents interfaces from communicating directly with each other if the no-local-switching statement is configured. Allowed values are true or false. | |
fabricWorkloadInterface | (Optional) Defines the interfaces to which different workloads are connected. They can be software-based or hardware-based interfaces. | |
log_level | Defines the log severity. Available value options are: DEBUG, INFO, WARN, and ERR. Note:
Leave the log_level set to the default INFO unless instructed to change it by Juniper support. |
|
log_path |
The defined directory stores various JCNR related descriptive logs such as contrail-vrouter-agent.log, contrail-vrouter-dpdk.log, etc. The default value is /var/log/jcnr/. |
|
syslog_notifications |
Indicates the absolute path to the file that stores syslog-ng generated notifications in JSON format. The default value is /var/log/jcnr/jcnr_notifications.json. |
|
corePattern |
Indicates the core pattern to denote how the core file is generated. If this configuration is left blank, then JCNR pods will not overwrite the default pattern. Note:
Set the corePattern value on host before deploying JCNR. You may change the value
in |
|
coreFilePath | Indicates the path for the core file. If the value is left blank, then vRouter considers /var/crashes as the default value. | |
nodeAffinity |
(Optional) Defines labels on nodes to determine where to place the vRouter pods. By default the vRouter pods are deployed to all nodes of a cluster. In the example below, the node affinity label is defined as "key1=jcnr". You must apply this label to each node where JCNR must be deployed: nodeAffinity: - key: key1 operator: In values: - jcnr Note:
This key is a global setting. |
|
key | Key-value pair that represents a node label that must be matched to apply the node affinity. | |
operator | Defines the relationship between the node label and the set of values in the matchExpression parameters in the pod specification. This value can be In, NotIn, Exists, DoesNotExist, Lt, or Gt. | |
cni_bin_dir | (Optional) The default path is /opt/cni/bin. You can override the default cni path with the path in your distribution e.g. /var/opt/cni/bin. | |
grpcTelemetryPort |
(Optional) Enter a value for this parameter to override cRPD telemetry gRPC server default port of 50051. |
|
grpcVrouterPort | (Optional) Enter a value for this parameter to override vRouter gRPC server default port of 50052. | |
vRouterDeployerPort | (Optional) Default value is 8081. Configure to override if the default port is unavailable. | |
restoreInterfaces | Set the value of this key to true to restore the interfaces back to their original state in case the vRouter pod crashes or restarts. | |
bondInterfaceConfigs | (Optional) Enable bond interface configurations only for L2 or L2-L3 deployments. | |
name | Name of the bond interface. | |
mode | Default value is 1 (Active_Backup) | |
slaveInterfaces | Fabric interfaces to be aggregated. | |
primaryInterface |
(Optional) Define primary interface for a bond. If this key is not configured, then the primary interface option is disabled. |
|
mtu | Maximum Transmission Unit (MTU) value for all physical interfaces (VFs and PFs). Default value is 9000. | |
cpu_core_mask |
Indicates the vRouter forward core mask. If qos is enabled, you will need to allocate 4 CPU cores (primary and siblings). |
|
stormControlProfiles | Configure the rate limit profiles for BUM traffic on fabric interfaces in bytes per second. | |
dpdkCommandAdditionalArgs |
Pass any additional dpdk cmd line parameters. The --yield_option 0 is set by default and it implies the dpdk forwarding cores will not yield the cpu cores it is assigned to. Additional common parameters that can be added are tx and rx descriptors and mempool. For example: dpdkCommandAdditionalArgs: "--yield_option 0 --dpdk_txd_sz 2048 --dpdk_rxd_sz 2048 --vr_mempool_sz 131072" |
|
ddp |
(Optional) Indicates the global Dynamic Device Personalization (DDP) configuration. DDP provides datapath optimization at NIC for traffic like GTPU, SCTP, etc. For a bond interface, all slave interface NICs must support DDP for the DDP configuration to be enabled. Setting options include auto, on, or off. The default setting is off. Note:
The interface level |
|
qosEnable |
Set to true or false to enable or disable QoS. Note:
QoS is not supported on Intel X710 NIC. |
|
vrouter_dpdk_uio_driver | The uio driver is vfio-pci . |
|
agentModeType |
Can be dpdk or xdp. Setting agentModeType to dpdk will bringup dpdk datapath. Setting agentModeType to xdp uses ebpf. The default value is dpdk. |
|
fabricRpfCheckDisable |
Set this flag to false to enable the RPF check on all the fabric interfaces of the JNCR. By default RPF check is disabled. | |
persistConfig |
Set this flag to true if you wish jcnr-cni generated pod configuration to persist even after uninstallation. The option must be set only for L2 mode. The default value is false. |
Sample Helm Charts
Helm Chart for L2 Only Deployment
A working L2 only helm chart sample is shown below. The configured sections are highlighted in bold:
#################################################################### # Common Configuration (global vars) # #################################################################### global: registry: enterprise-hub.juniper.net/ # uncomment below if all images are available in the same path; it will # take precedence over "repository" paths under "common" section below repository: jcnr-container-prod/ # uncomment below if you are using a private registry that needs authentication # registryCredentials - Base64 representation of your Docker registry credentials # secretName - Name of the Secret object that will be created #imagePullSecret: #registryCredentials: <base64-encoded-credential> #secretName: regcred common: vrouter: repository: atom-docker/cn2/bazel-build/dev/x86_64/ tag: R23.4-85 crpd: repository: junos-docker-local/warthog/amd64/ tag: 23.4R1.8 jcnrcni: repository: junos-docker-local/warthog/amd64/ tag: 23.4-20231215-50817e3 telemetryExporter: repository: atom-docker/cn2/bazel-build/dev/x86_64/ tag: R23.4-85 # Number of replicas for cRPD; this option must be used for multinode clusters # JCNR will take 1 as default if replicas is not specified #replicas: "3" # storageClass: Name of the storage class for cRPD. This option is must for # cloud deployments such as AWS where gp2 can be used #storageClass: gp2 # Set AWS Region for AWS deployments #awsregion: us-east-1 #noLocalSwitching: [700] # fabricInterface: provide a list of interfaces to be bound to dpdk # You can also provide subnets instead of interface names. Interfaces name take precedence over # Subnet/Gateway combination if both specified (although there is no reason to specify both) # Subnet/Gateway combination comes handy when the interface names vary in a multi-node cluster fabricInterface: ######################### # L2 only - bond0: interface_mode: trunk vlan-id-list: [1110-1141] - ens2f2v0: interface_mode: trunk vlan-id-list: [1110-1141] - ens2f3v0: interface_mode: trunk vlan-id-list: [1110-1141] - ens1f0v0: interface_mode: trunk vlan-id-list: [1110-1141] ddp: "auto" interface_mode: trunk storm-control-profile: rate_limit_pf1 native-vlan-id: 1110 no-local-switching: true ######################### # L3 only #- eth11: # ddp: "off" # ddp parameter is optional; options include auto or on or off; default: off #- eth2: # ddp: "off" # ddp parameter is optional; options include auto or on or off; default: off ######################## # L2L3 #- eth1: # ddp: "auto" # ddp parameter is optional; options include auto or on or off; default: off #- eth2: # ddp: "auto" # ddp parameter is optional; options include auto or on or off; default: off # interface_mode: trunk # vlan-id-list: [100, 200, 300, 700-705] # storm-control-profile: rate_limit_pf1 # native-vlan-id: 100 # no-local-switching: true ################################## # Provide subnets instead of interface names # Interfaces will be auto-detected in each subnet # Only one of the interfaces or subnet range must # be configured. This form of input is particularly # helpful when the interface names vary in a multi-node # K8s cluster #- subnet: 10.40.1.0/24 # gateway: 10.40.1.1 # ddp: "off" # ddp parameter is optional; options include auto or on or off; default: off #- subnet: 192.168.1.0/24 # gateway: 192.168.1.1 # ddp: "off" # ddp parameter is optional; options include auto or on or off; default: off ################################## # fabricWorkloadInterface is applicable only for Pure L2 deployments # fabricWorkloadInterface: - ens1f1v0: interface_mode: access vlan-id-list: [1110] ######################### # defines the log severity. Possible options: DEBUG, INFO, WARN, ERR log_level: "INFO" # "log_path": this directory will contain various jcnr related descriptive logs # such as contrail-vrouter-agent.log, contrail-vrouter-dpdk.log etc. log_path: "/var/log/jcnr/" # "syslog_notifications": absolute path to the file that will contain syslog-ng # generated notifications in json format syslog_notifications: "/var/log/jcnr/jcnr_notifications.json" # core pattern to denote how the core file will be generated # if left empty, JCNR pods will not overwrite the default pattern corePattern: "" # path for the core file; vrouter considers /var/crashes as default value if not specified coreFilePath: /var/crash # nodeAffinity: Can be used to inject nodeAffinity for vRouter, cRPD and syslog-ng pods # You may label the nodes where we wish to deploy JCNR and inject affinity accodingly #nodeAffinity: #- key: node-role.kubernetes.io/worker # operator: Exists #- key: node-role.kubernetes.io/master # operator: DoesNotExist #- key: kubernetes.io/hostname # operator: In # values: # - example-host-1 # cni_bin_dir: Path where the CNI binary will be put; default: /opt/cni/bin # this may be overriden in distributions other than vanilla K8s # e.g. OpenShift - you may use /var/lib/cni/bin or /etc/kubernetes/cni/net.d #cni_bin_dir: /var/lib/cni/bin # grpcTelemetryPort: use this parameter to override cRPD telemetry gRPC server default port of 50051 #grpcTelemetryPort: 50055 # grpcVrouterPort: use this parameter to override vRouter gRPC server default port of 50052 #grpcVrouterPort: 50060 # vRouterDeployerPort: use this parameter to override vRouter deployer port default port of 8081 #vRouterDeployerPort: 8082 jcnr-vrouter: # restoreInterfaces: setting this to true will restore the interfaces # back to their original state in case vrouter pod crashes or restarts restoreInterfaces: false # Enable bond interface configurations L2 only or L2 L3 deployment bondInterfaceConfigs: - name: "bond0" mode: 1 # ACTIVE_BACKUP MODE slaveInterfaces: - "ens2f0v0" - "ens2f1v0" # primaryInterface: "ens2f0v0" # MTU for all physical interfaces( all VF’s and PF’s) mtu: "9000" # vrouter fwd core mask # if qos is enabled, you will need to allocate 4 CPU cores (primary and siblings) cpu_core_mask: "2,3,22,23" # rate limit profiles for bum traffic on fabric interfaces in bytes per second stormControlProfiles: rate_limit_pf1: bandwidth: level: 0 #rate_limit_pf2: # bandwidth: # level: 0 dpdkCommandAdditionalArgs: "--yield_option 0" # Set ddp to enable Dynamic Device Personalization (DDP) # Provides datapath optimization at NIC for traffic like GTPU, SCTP etc. # Options include auto or on or off; default: off ddp: "auto" # Set true/false to Enable or Disable QOS, note: QOS is not supported on X710 NIC. qosEnable: false # uio driver will be vfio-pci or uio_pci_generic vrouter_dpdk_uio_driver: "vfio-pci" # agentModeType will be dpdk or xdp. set agentModeType dpdk will bringup dpdk datapath. set agentModeType to xdp to use ebpf. agentModeType: dpdk # fabricRpfCheckDisable: Set this flag to false to enable the RPF check on all the fabric interfaces of the JNCR, by default RPF check is disabled #fabricRpfCheckDisable: false #jcnr-cni: # persistConfig: set this flag to true if you wish jcnr-cni generated pod configuration to persist even after uninstallation # use this option only in case of l2 mode # default value is false if not specfied #persistConfig: true
Helm Chart for L3 Only Deployment
A working L3 only helm chart sample is shown below. The configured sections are highlighted in bold:
#################################################################### # Common Configuration (global vars) # #################################################################### global: registry: enterprise-hub.juniper.net/ # uncomment below if all images are available in the same path; it will # take precedence over "repository" paths under "common" section below repository: jcnr-container-prod/ # uncomment below if you are using a private registry that needs authentication # registryCredentials - Base64 representation of your Docker registry credentials # secretName - Name of the Secret object that will be created #imagePullSecret: #registryCredentials: <base64-encoded-credential> #secretName: regcred common: vrouter: repository: atom-docker/cn2/bazel-build/dev/x86_64/ tag: R23.4-85 crpd: repository: junos-docker-local/warthog/amd64/ tag: 23.4R1.8 jcnrcni: repository: junos-docker-local/warthog/amd64/ tag: 23.4-20231215-50817e3 telemetryExporter: repository: atom-docker/cn2/bazel-build/dev/x86_64/ tag: R23.4-85 # Number of replicas for cRPD; this option must be used for multinode clusters # JCNR will take 1 as default if replicas is not specified #replicas: "3" # storageClass: Name of the storage class for cRPD. This option is must for # cloud deployments such as AWS where gp2 can be used #storageClass: gp2 # Set AWS Region for AWS deployments #awsregion: us-east-1 #noLocalSwitching: [700] # fabricInterface: provide a list of interfaces to be bound to dpdk # You can also provide subnets instead of interface names. Interfaces name take precedence over # Subnet/Gateway combination if both specified (although there is no reason to specify both) # Subnet/Gateway combination comes handy when the interface names vary in a multi-node cluster fabricInterface: ######################### # L2 only #- eth1: # ddp: "auto" # ddp parameter is optional; options include auto or on or off; default: off # interface_mode: trunk # vlan-id-list: [100, 200, 300, 700-705] # storm-control-profile: rate_limit_pf1 # native-vlan-id: 100 # no-local-switching: true #- eth2: # ddp: "auto" # ddp parameter is optional; options include auto or on or off; default: off # interface_mode: trunk # vlan-id-list: [700] # storm-control-profile: rate_limit_pf1 # native-vlan-id: 100 # no-local-switching: true #- bond0: # ddp: "auto" # auto/on/off # ddp parameter is optional; options include auto or on or off; default: off # interface_mode: trunk # vlan-id-list: [100, 200, 300, 700-705] # storm-control-profile: rate_limit_pf1 # #native-vlan-id: 100 # #no-local-switching: true ######################### # L3 only - ens2f2: ddp: "auto" - ens1f1: ddp: "auto" ######################## # L2L3 #- eth1: # ddp: "auto" # ddp parameter is optional; options include auto or on or off; default: off #- eth2: # ddp: "auto" # ddp parameter is optional; options include auto or on or off; default: off # interface_mode: trunk # vlan-id-list: [100, 200, 300, 700-705] # storm-control-profile: rate_limit_pf1 # native-vlan-id: 100 # no-local-switching: true ################################## # Provide subnets instead of interface names # Interfaces will be auto-detected in each subnet # Only one of the interfaces or subnet range must # be configured. This form of input is particularly # helpful when the interface names vary in a multi-node # K8s cluster #- subnet: 10.40.1.0/24 # gateway: 10.40.1.1 # ddp: "off" # ddp parameter is optional; options include auto or on or off; default: off #- subnet: 192.168.1.0/24 # gateway: 192.168.1.1 # ddp: "off" # ddp parameter is optional; options include auto or on or off; default: off ################################## # fabricWorkloadInterface is applicable only for Pure L2 deployments # #fabricWorkloadInterface: #- enp59s0f1v0: # interface_mode: access # vlan-id-list: [700] #- enp59s0f1v1: # interface_mode: trunk # vlan-id-list: [800, 900] ######################### # defines the log severity. Possible options: DEBUG, INFO, WARN, ERR log_level: "INFO" # "log_path": this directory will contain various jcnr related descriptive logs # such as contrail-vrouter-agent.log, contrail-vrouter-dpdk.log etc. log_path: "/var/log/jcnr/" # "syslog_notifications": absolute path to the file that will contain syslog-ng # generated notifications in json format syslog_notifications: "/var/log/jcnr/jcnr_notifications.json" # core pattern to denote how the core file will be generated # if left empty, JCNR pods will not overwrite the default pattern corePattern: "" # path for the core file; vrouter considers /var/crashes as default value if not specified coreFilePath: /var/crash # nodeAffinity: Can be used to inject nodeAffinity for vRouter, cRPD and syslog-ng pods # You may label the nodes where we wish to deploy JCNR and inject affinity accodingly #nodeAffinity: #- key: node-role.kubernetes.io/worker # operator: Exists #- key: node-role.kubernetes.io/master # operator: DoesNotExist #- key: kubernetes.io/hostname # operator: In # values: # - example-host-1 # cni_bin_dir: Path where the CNI binary will be put; default: /opt/cni/bin # this may be overriden in distributions other than vanilla K8s # e.g. OpenShift - you may use /var/lib/cni/bin or /etc/kubernetes/cni/net.d #cni_bin_dir: /var/lib/cni/bin # grpcTelemetryPort: use this parameter to override cRPD telemetry gRPC server default port of 50051 #grpcTelemetryPort: 50055 # grpcVrouterPort: use this parameter to override vRouter gRPC server default port of 50052 #grpcVrouterPort: 50060 # vRouterDeployerPort: use this parameter to override vRouter deployer port default port of 8081 #vRouterDeployerPort: 8082 jcnr-vrouter: # restoreInterfaces: setting this to true will restore the interfaces # back to their original state in case vrouter pod crashes or restarts restoreInterfaces: false # Enable bond interface configurations L2 only or L2 L3 deployment #bondInterfaceConfigs: # - name: "bond0" # mode: 1 # ACTIVE_BACKUP MODE # slaveInterfaces: # - "enp59s0f0v0" # - "enp59s0f0v1" # primaryInterface: "enp59s0f0v0" # MTU for all physical interfaces( all VF’s and PF’s) mtu: "9000" # vrouter fwd core mask # if qos is enabled, you will need to allocate 4 CPU cores (primary and siblings) cpu_core_mask: "2,3,22,23" # rate limit profiles for bum traffic on fabric interfaces in bytes per second stormControlProfiles: rate_limit_pf1: bandwidth: level: 0 #rate_limit_pf2: # bandwidth: # level: 0 dpdkCommandAdditionalArgs: "--yield_option 0" # Set ddp to enable Dynamic Device Personalization (DDP) # Provides datapath optimization at NIC for traffic like GTPU, SCTP etc. # Options include auto or on or off; default: off ddp: "auto" # Set true/false to Enable or Disable QOS, note: QOS is not supported on X710 NIC. qosEnable: false # uio driver will be vfio-pci or uio_pci_generic vrouter_dpdk_uio_driver: "vfio-pci" # agentModeType will be dpdk or xdp. set agentModeType dpdk will bringup dpdk datapath. set agentModeType to xdp to use ebpf. agentModeType: dpdk # fabricRpfCheckDisable: Set this flag to false to enable the RPF check on all the fabric interfaces of the JNCR, by default RPF check is disabled #fabricRpfCheckDisable: false #jcnr-cni: # persistConfig: set this flag to true if you wish jcnr-cni generated pod configuration to persist even after uninstallation # use this option only in case of l2 mode # default value is false if not specfied #persistConfig: true
Helm Chart for L2-L3 Deployment
A working L2-L3 helm chart sample is shown below. The configured sections are highlighted in bold:
#################################################################### # Common Configuration (global vars) # #################################################################### global: registry: enterprise-hub.juniper.net/ # uncomment below if all images are available in the same path; it will # take precedence over "repository" paths under "common" section below repository: jcnr-container-prod/ # uncomment below if you are using a private registry that needs authentication # registryCredentials - Base64 representation of your Docker registry credentials # secretName - Name of the Secret object that will be created #imagePullSecret: #registryCredentials: <base64-encoded-credential> #secretName: regcred common: vrouter: repository: atom-docker/cn2/bazel-build/dev/x86_64/ tag: R23.4-85 crpd: repository: junos-docker-local/warthog/amd64/ tag: 23.4R1.8 jcnrcni: repository: junos-docker-local/warthog/amd64/ tag: 23.4-20231215-50817e3 telemetryExporter: repository: atom-docker/cn2/bazel-build/dev/x86_64/ tag: R23.4-85 # Number of replicas for cRPD; this option must be used for multinode clusters # JCNR will take 1 as default if replicas is not specified #replicas: "3" # storageClass: Name of the storage class for cRPD. This option is must for # cloud deployments such as AWS where gp2 can be used #storageClass: gp2 # Set AWS Region for AWS deployments #awsregion: us-east-1 #noLocalSwitching: [700] # fabricInterface: provide a list of interfaces to be bound to dpdk # You can also provide subnets instead of interface names. Interfaces name take precedence over # Subnet/Gateway combination if both specified (although there is no reason to specify both) # Subnet/Gateway combination comes handy when the interface names vary in a multi-node cluster fabricInterface: ######################### # L2 only #- eth1: # ddp: "auto" # ddp parameter is optional; options include auto or on or off; default: off # interface_mode: trunk # vlan-id-list: [100, 200, 300, 700-705] # storm-control-profile: rate_limit_pf1 # native-vlan-id: 100 # no-local-switching: true #- eth2: # ddp: "auto" # ddp parameter is optional; options include auto or on or off; default: off # interface_mode: trunk # vlan-id-list: [700] # storm-control-profile: rate_limit_pf1 # native-vlan-id: 100 # no-local-switching: true #- bond0: # ddp: "auto" # auto/on/off # ddp parameter is optional; options include auto or on or off; default: off # interface_mode: trunk # vlan-id-list: [100, 200, 300, 700-705] # storm-control-profile: rate_limit_pf1 # #native-vlan-id: 100 # #no-local-switching: true ######################### # L3 only #- eth11: # ddp: "off" # ddp parameter is optional; options include auto or on or off; default: off #- eth2: # ddp: "off" # ddp parameter is optional; options include auto or on or off; default: off ######################## # L2L3 - bond0: interface_mode: trunk vlan-id-list: [1110-1141] storm-control-profile: rate_limit_pf1 ddp: "auto" - ens2f0v1: ddp: "auto" - enp179s0f1v0: interface_mode: trunk vlan-id-list: [1110-1141] ddp: "auto" - enp179s0f1v1: ddp: "auto" ################################## # Provide subnets instead of interface names # Interfaces will be auto-detected in each subnet # Only one of the interfaces or subnet range must # be configured. This form of input is particularly # helpful when the interface names vary in a multi-node # K8s cluster #- subnet: 10.40.1.0/24 # gateway: 10.40.1.1 # ddp: "off" # ddp parameter is optional; options include auto or on or off; default: off #- subnet: 192.168.1.0/24 # gateway: 192.168.1.1 # ddp: "off" # ddp parameter is optional; options include auto or on or off; default: off ################################## # fabricWorkloadInterface is applicable only for Pure L2 deployments # #fabricWorkloadInterface: #- enp59s0f1v0: # interface_mode: access # vlan-id-list: [700] #- enp59s0f1v1: # interface_mode: trunk # vlan-id-list: [800, 900] ######################### # defines the log severity. Possible options: DEBUG, INFO, WARN, ERR log_level: "INFO" # "log_path": this directory will contain various jcnr related descriptive logs # such as contrail-vrouter-agent.log, contrail-vrouter-dpdk.log etc. log_path: "/var/log/jcnr/" # "syslog_notifications": absolute path to the file that will contain syslog-ng # generated notifications in json format syslog_notifications: "/var/log/jcnr/jcnr_notifications.json" # core pattern to denote how the core file will be generated # if left empty, JCNR pods will not overwrite the default pattern corePattern: "" # path for the core file; vrouter considers /var/crashes as default value if not specified coreFilePath: /var/crash # nodeAffinity: Can be used to inject nodeAffinity for vRouter, cRPD and syslog-ng pods # You may label the nodes where we wish to deploy JCNR and inject affinity accodingly #nodeAffinity: #- key: node-role.kubernetes.io/worker # operator: Exists #- key: node-role.kubernetes.io/master # operator: DoesNotExist #- key: kubernetes.io/hostname # operator: In # values: # - example-host-1 # cni_bin_dir: Path where the CNI binary will be put; default: /opt/cni/bin # this may be overriden in distributions other than vanilla K8s # e.g. OpenShift - you may use /var/lib/cni/bin or /etc/kubernetes/cni/net.d #cni_bin_dir: /var/lib/cni/bin # grpcTelemetryPort: use this parameter to override cRPD telemetry gRPC server default port of 50051 #grpcTelemetryPort: 50055 # grpcVrouterPort: use this parameter to override vRouter gRPC server default port of 50052 #grpcVrouterPort: 50060 # vRouterDeployerPort: use this parameter to override vRouter deployer port default port of 8081 #vRouterDeployerPort: 8082 jcnr-vrouter: # restoreInterfaces: setting this to true will restore the interfaces # back to their original state in case vrouter pod crashes or restarts restoreInterfaces: false # Enable bond interface configurations L2 only or L2 L3 deployment bondInterfaceConfigs: - name: "bond0" mode: 1 # ACTIVE_BACKUP MODE slaveInterfaces: - "ens2f0v0" - "ens2f1v0" # primaryInterface: "enp59s0f0v0" # MTU for all physical interfaces( all VF’s and PF’s) mtu: "9000" # vrouter fwd core mask # if qos is enabled, you will need to allocate 4 CPU cores (primary and siblings) cpu_core_mask: "2,3,22,23" # rate limit profiles for bum traffic on fabric interfaces in bytes per second stormControlProfiles: rate_limit_pf1: bandwidth: level: 0 #rate_limit_pf2: # bandwidth: # level: 0 dpdkCommandAdditionalArgs: "--yield_option 0" # Set ddp to enable Dynamic Device Personalization (DDP) # Provides datapath optimization at NIC for traffic like GTPU, SCTP etc. # Options include auto or on or off; default: off ddp: "auto" # Set true/false to Enable or Disable QOS, note: QOS is not supported on X710 NIC. qosEnable: false # uio driver will be vfio-pci or uio_pci_generic vrouter_dpdk_uio_driver: "vfio-pci" # agentModeType will be dpdk or xdp. set agentModeType dpdk will bringup dpdk datapath. set agentModeType to xdp to use ebpf. agentModeType: dpdk # fabricRpfCheckDisable: Set this flag to false to enable the RPF check on all the fabric interfaces of the JNCR, by default RPF check is disabled #fabricRpfCheckDisable: false #jcnr-cni: # persistConfig: set this flag to true if you wish jcnr-cni generated pod configuration to persist even after uninstallation # use this option only in case of l2 mode # default value is false if not specfied #persistConfig: true