External

• https://docs.openshift.com/container-platform/3.5/architecture/additional_concepts/sdn.html
• https://docs.openshift.com/container-platform/3.5/install_config/configuring_sdn.html

Internal

• OpenShift Concepts

Overview

TODO: unify with the upper layer OpenShift_Concepts#SDN.2C_Overlay_Network

Pods get IP addresses from the cluster network, and the address allocation and packet routing is provided by a software-defined network (SDN), implemented using Open vSwitch (OVS). A specific behavior is provided by the SDN plug-in chosen at installation: subnet, multitenant and networkpolicy.

SDN Plug-Ins

subnet

The "ova-subnet" plug-in provides a "flat" network: every pod in the cluster can communicate with every other pod and service, regardless of the project (namespace).

Ansible configuration file:

os_sdn_network_plugin_name='redhat/openshift-ovs-subnet'

multitenant

The "ova-multitenant" is a plug-in that provides project-level isolation for pods and services. Each project gets a unique Virtual Network ID (VNID)

Virtual Network ID (VNID)

Configuration

Ansible configuration file:

os_sdn_network_plugin_name='redhat/openshift-ovs-multitenant'

networkpolicy

Operations

Information about the network plugin and network status:

oc get clusternetwork

Information about virtual networks assigned to each project:

oc get namespaces