From 825a59cd94af143d2a33f84c5043481eb5bf5533 Mon Sep 17 00:00:00 2001 From: OpenShift CI Bot Date: Thu, 18 Jun 2026 14:00:40 +0000 Subject: [PATCH 1/7] feat(api): add v4InternalSubnet and v6InternalSubnet to OVNKubernetesConfig - Add V4InternalSubnet field for customizing OVN-Kubernetes internal IPv4 subnet (default 100.64.0.0/16), validated via CEL for IPv4 CIDR format, prefix /0-/30, and non-zero first octet - Add V6InternalSubnet field for customizing OVN-Kubernetes internal IPv6 subnet (default fd98::/64), validated via CEL for IPv6 CIDR format, prefix /0-/125 - Both fields are immutable once set, enforced at struct and field level - Regenerate featuregated CRD manifests for HostedCluster and HostedControlPlane Signed-off-by: OpenShift CI Bot Commit-Message-Assisted-by: Claude (via Claude Code) --- api/hypershift/v1beta1/operator.go | 42 ++++++++++++++ .../AAA_ungated.yaml | 56 +++++++++++++++++++ .../ClusterUpdateAcceptRisks.yaml | 56 +++++++++++++++++++ .../ClusterVersionOperatorConfiguration.yaml | 56 +++++++++++++++++++ .../ExternalOIDC.yaml | 56 +++++++++++++++++++ ...ernalOIDCWithUIDAndExtraClaimMappings.yaml | 56 +++++++++++++++++++ .../ExternalOIDCWithUpstreamParity.yaml | 56 +++++++++++++++++++ .../GCPPlatform.yaml | 56 +++++++++++++++++++ .../HCPEtcdBackup.yaml | 56 +++++++++++++++++++ ...perShiftOnlyDynamicResourceAllocation.yaml | 56 +++++++++++++++++++ .../ImageStreamImportMode.yaml | 56 +++++++++++++++++++ .../KMSEncryptionProvider.yaml | 56 +++++++++++++++++++ .../OpenStack.yaml | 56 +++++++++++++++++++ .../TLSAdherence.yaml | 56 +++++++++++++++++++ .../AAA_ungated.yaml | 56 +++++++++++++++++++ .../ClusterUpdateAcceptRisks.yaml | 56 +++++++++++++++++++ .../ClusterVersionOperatorConfiguration.yaml | 56 +++++++++++++++++++ .../ExternalOIDC.yaml | 56 +++++++++++++++++++ ...ernalOIDCWithUIDAndExtraClaimMappings.yaml | 56 +++++++++++++++++++ .../ExternalOIDCWithUpstreamParity.yaml | 56 +++++++++++++++++++ .../GCPPlatform.yaml | 56 +++++++++++++++++++ .../HCPEtcdBackup.yaml | 56 +++++++++++++++++++ ...perShiftOnlyDynamicResourceAllocation.yaml | 56 +++++++++++++++++++ .../ImageStreamImportMode.yaml | 56 +++++++++++++++++++ .../KMSEncryptionProvider.yaml | 56 +++++++++++++++++++ .../OpenStack.yaml | 56 +++++++++++++++++++ .../TLSAdherence.yaml | 56 +++++++++++++++++++ 27 files changed, 1498 insertions(+) diff --git a/api/hypershift/v1beta1/operator.go b/api/hypershift/v1beta1/operator.go index c14858d3fa14..0b58a6a51092 100644 --- a/api/hypershift/v1beta1/operator.go +++ b/api/hypershift/v1beta1/operator.go @@ -82,6 +82,8 @@ type ClusterNetworkOperatorSpec struct { // +kubebuilder:validation:XValidation:rule="!has(oldSelf.ipv6) || has(self.ipv6)", message="ipv6 is immutable once set and cannot be removed" // +kubebuilder:validation:XValidation:rule="!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalJoinSubnet) || (has(self.ipv6) && has(self.ipv6.internalJoinSubnet))", message="ipv6.internalJoinSubnet cannot be removed once set" // +kubebuilder:validation:XValidation:rule="!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))", message="ipv6.internalTransitSwitchSubnet cannot be removed once set" +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)",message="v4InternalSubnet is immutable once set and cannot be removed" +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)",message="v6InternalSubnet is immutable once set and cannot be removed" // +kubebuilder:validation:MinProperties=1 type OVNKubernetesConfig struct { // ipv4 allows users to configure IP settings for IPv4 connections. When omitted, @@ -115,6 +117,46 @@ type OVNKubernetesConfig struct { // +kubebuilder:validation:Maximum=9216 // +optional MTU int32 `json:"mtu,omitempty"` + + // v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + // default one is being already used by something else. It must not overlap with + // any other subnet being used by OpenShift or by the node network. The size of the + // subnet must be larger than the number of nodes. Once set, the value is immutable + // and cannot be modified in subsequent updates. + // The default is 100.64.0.0/16. + // The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + // four decimal octets (0-255) separated by dots, followed by a slash and a prefix + // length. The prefix length must be between 0 and 30 inclusive, and the first + // octet must not be 0. + // The value must be between 9 and 18 characters in length. + // This field is immutable once set. + // +kubebuilder:validation:MaxLength=18 + // +kubebuilder:validation:MinLength=9 + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="v4InternalSubnet is immutable once set" + // +kubebuilder:validation:XValidation:rule="isCIDR(self) && cidr(self).ip().family() == 4",message="Subnet must be in a valid IPv4 CIDR format" + // +kubebuilder:validation:XValidation:rule="isCIDR(self) && cidr(self).prefixLength() <= 30",message="subnet must be in the range /0 to /30 inclusive" + // +kubebuilder:validation:XValidation:rule="isCIDR(self) && cidr(self).ip().family() == 4 && int(self.split('.')[0]) > 0",message="first IP address octet must not be 0" + // +optional + V4InternalSubnet string `json:"v4InternalSubnet,omitempty"` + + // v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + // default one is being already used by something else. It must not overlap with + // any other subnet being used by OpenShift or by the node network. The size of the + // subnet must be larger than the number of nodes. Once set, the value is immutable + // and cannot be modified in subsequent updates. + // The default is fd98::/64. + // The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + // IPv6 address followed by a slash and a prefix length. The prefix length must + // be between 0 and 125 inclusive. + // The value must be between 4 and 48 characters in length. + // This field is immutable once set. + // +kubebuilder:validation:MaxLength=48 + // +kubebuilder:validation:MinLength=4 + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="v6InternalSubnet is immutable once set" + // +kubebuilder:validation:XValidation:rule="isCIDR(self) && cidr(self).ip().family() == 6",message="Subnet must be in valid IPv6 CIDR format" + // +kubebuilder:validation:XValidation:rule="isCIDR(self) && cidr(self).prefixLength() <= 125",message="subnet must be in the range /0 to /125 inclusive" + // +optional + V6InternalSubnet string `json:"v6InternalSubnet,omitempty"` } // OVNIPv4Config contains IPv4-specific configuration options for OVN-Kubernetes. diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/AAA_ungated.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/AAA_ungated.yaml index 4ed2391e13e2..fcf358bb4449 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/AAA_ungated.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/AAA_ungated.yaml @@ -3282,6 +3282,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3306,6 +3356,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ClusterUpdateAcceptRisks.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ClusterUpdateAcceptRisks.yaml index 9185fb00d932..7177140bcf29 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ClusterUpdateAcceptRisks.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ClusterUpdateAcceptRisks.yaml @@ -3273,6 +3273,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3297,6 +3347,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ClusterVersionOperatorConfiguration.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ClusterVersionOperatorConfiguration.yaml index 2269797a21d4..586020960033 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ClusterVersionOperatorConfiguration.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ClusterVersionOperatorConfiguration.yaml @@ -3273,6 +3273,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3297,6 +3347,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDC.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDC.yaml index 0a1a136fa308..84bfc22ce3a9 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDC.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDC.yaml @@ -3605,6 +3605,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3629,6 +3679,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDCWithUIDAndExtraClaimMappings.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDCWithUIDAndExtraClaimMappings.yaml index cebc53316acf..4906d3b04e1a 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDCWithUIDAndExtraClaimMappings.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDCWithUIDAndExtraClaimMappings.yaml @@ -3745,6 +3745,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3769,6 +3819,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDCWithUpstreamParity.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDCWithUpstreamParity.yaml index 1270fd8cb1fb..4c22eda66569 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDCWithUpstreamParity.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDCWithUpstreamParity.yaml @@ -3736,6 +3736,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3760,6 +3810,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/GCPPlatform.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/GCPPlatform.yaml index f7170ecada7a..02a545dcae6f 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/GCPPlatform.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/GCPPlatform.yaml @@ -3273,6 +3273,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3297,6 +3347,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/HCPEtcdBackup.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/HCPEtcdBackup.yaml index fd458cb1f13b..fc8dd6c64bfe 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/HCPEtcdBackup.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/HCPEtcdBackup.yaml @@ -3338,6 +3338,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3362,6 +3412,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/HyperShiftOnlyDynamicResourceAllocation.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/HyperShiftOnlyDynamicResourceAllocation.yaml index 461ae7dc7982..3e89aee92e7e 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/HyperShiftOnlyDynamicResourceAllocation.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/HyperShiftOnlyDynamicResourceAllocation.yaml @@ -3295,6 +3295,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3319,6 +3369,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ImageStreamImportMode.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ImageStreamImportMode.yaml index f741a117e78b..55eb3916611c 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ImageStreamImportMode.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ImageStreamImportMode.yaml @@ -3291,6 +3291,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3315,6 +3365,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/KMSEncryptionProvider.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/KMSEncryptionProvider.yaml index 33c70e1bc312..4d1ae0061841 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/KMSEncryptionProvider.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/KMSEncryptionProvider.yaml @@ -3349,6 +3349,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3373,6 +3423,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/OpenStack.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/OpenStack.yaml index bdb6610a9248..417386cdc828 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/OpenStack.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/OpenStack.yaml @@ -3273,6 +3273,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3297,6 +3347,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/TLSAdherence.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/TLSAdherence.yaml index 517516cd2f4a..ec9d79df1b26 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/TLSAdherence.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/TLSAdherence.yaml @@ -3313,6 +3313,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3337,6 +3387,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/AAA_ungated.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/AAA_ungated.yaml index 7faf853bd178..a63aae3a138d 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/AAA_ungated.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/AAA_ungated.yaml @@ -3170,6 +3170,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3194,6 +3244,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ClusterUpdateAcceptRisks.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ClusterUpdateAcceptRisks.yaml index 927f2b9ffc23..3ac818564a52 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ClusterUpdateAcceptRisks.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ClusterUpdateAcceptRisks.yaml @@ -3161,6 +3161,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3185,6 +3235,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ClusterVersionOperatorConfiguration.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ClusterVersionOperatorConfiguration.yaml index ad6e7742c0ec..6392cbb63591 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ClusterVersionOperatorConfiguration.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ClusterVersionOperatorConfiguration.yaml @@ -3161,6 +3161,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3185,6 +3235,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDC.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDC.yaml index 1b9da7de5255..e1d09b289692 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDC.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDC.yaml @@ -3493,6 +3493,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3517,6 +3567,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDCWithUIDAndExtraClaimMappings.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDCWithUIDAndExtraClaimMappings.yaml index 3cd3503473be..bfff7b0e315a 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDCWithUIDAndExtraClaimMappings.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDCWithUIDAndExtraClaimMappings.yaml @@ -3633,6 +3633,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3657,6 +3707,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDCWithUpstreamParity.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDCWithUpstreamParity.yaml index 9d7a73cb3bf0..559aeaf08d0e 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDCWithUpstreamParity.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDCWithUpstreamParity.yaml @@ -3624,6 +3624,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3648,6 +3698,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/GCPPlatform.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/GCPPlatform.yaml index 1527b355549f..6b8fd15d1a54 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/GCPPlatform.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/GCPPlatform.yaml @@ -3161,6 +3161,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3185,6 +3235,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/HCPEtcdBackup.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/HCPEtcdBackup.yaml index 36a11500968d..73644a15a1e3 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/HCPEtcdBackup.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/HCPEtcdBackup.yaml @@ -3226,6 +3226,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3250,6 +3300,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/HyperShiftOnlyDynamicResourceAllocation.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/HyperShiftOnlyDynamicResourceAllocation.yaml index 5ea38844b584..0e899b6f787f 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/HyperShiftOnlyDynamicResourceAllocation.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/HyperShiftOnlyDynamicResourceAllocation.yaml @@ -3183,6 +3183,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3207,6 +3257,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ImageStreamImportMode.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ImageStreamImportMode.yaml index 9de4ad90ead5..86cf71e5a91c 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ImageStreamImportMode.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ImageStreamImportMode.yaml @@ -3179,6 +3179,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3203,6 +3253,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/KMSEncryptionProvider.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/KMSEncryptionProvider.yaml index db3f3840a8c2..0d07ee6f1c89 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/KMSEncryptionProvider.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/KMSEncryptionProvider.yaml @@ -3237,6 +3237,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3261,6 +3311,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/OpenStack.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/OpenStack.yaml index c3c0b64fcf23..19e01915aad0 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/OpenStack.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/OpenStack.yaml @@ -3161,6 +3161,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3185,6 +3235,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/TLSAdherence.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/TLSAdherence.yaml index e52cbe485e19..3533c0c1f756 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/TLSAdherence.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/TLSAdherence.yaml @@ -3201,6 +3201,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3225,6 +3275,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot From b6d2cce1db0d5e665bea4597f355707773637d9e Mon Sep 17 00:00:00 2001 From: OpenShift CI Bot Date: Thu, 18 Jun 2026 14:00:46 +0000 Subject: [PATCH 2/7] chore(api): regenerate CRDs, clients, and vendor Signed-off-by: OpenShift CI Bot Commit-Message-Assisted-by: Claude (via Claude Code) --- .../hypershift/v1beta1/ovnkubernetesconfig.go | 24 +- ...e.hostedclusters.networking.testsuite.yaml | 595 ++++++++++++++++++ ...usters-Hypershift-CustomNoUpgrade.crd.yaml | 56 ++ ...hostedclusters-Hypershift-Default.crd.yaml | 56 ++ ...s-Hypershift-TechPreviewNoUpgrade.crd.yaml | 56 ++ ...planes-Hypershift-CustomNoUpgrade.crd.yaml | 56 ++ ...dcontrolplanes-Hypershift-Default.crd.yaml | 56 ++ ...s-Hypershift-TechPreviewNoUpgrade.crd.yaml | 56 ++ .../api/hypershift/v1beta1/operator.go | 42 ++ 9 files changed, 994 insertions(+), 3 deletions(-) diff --git a/client/applyconfiguration/hypershift/v1beta1/ovnkubernetesconfig.go b/client/applyconfiguration/hypershift/v1beta1/ovnkubernetesconfig.go index ec04a89fa382..6ebc638e6b9a 100644 --- a/client/applyconfiguration/hypershift/v1beta1/ovnkubernetesconfig.go +++ b/client/applyconfiguration/hypershift/v1beta1/ovnkubernetesconfig.go @@ -20,9 +20,11 @@ package v1beta1 // OVNKubernetesConfigApplyConfiguration represents a declarative configuration of the OVNKubernetesConfig type for use // with apply. type OVNKubernetesConfigApplyConfiguration struct { - IPv4 *OVNIPv4ConfigApplyConfiguration `json:"ipv4,omitempty"` - IPv6 *OVNIPv6ConfigApplyConfiguration `json:"ipv6,omitempty"` - MTU *int32 `json:"mtu,omitempty"` + IPv4 *OVNIPv4ConfigApplyConfiguration `json:"ipv4,omitempty"` + IPv6 *OVNIPv6ConfigApplyConfiguration `json:"ipv6,omitempty"` + MTU *int32 `json:"mtu,omitempty"` + V4InternalSubnet *string `json:"v4InternalSubnet,omitempty"` + V6InternalSubnet *string `json:"v6InternalSubnet,omitempty"` } // OVNKubernetesConfigApplyConfiguration constructs a declarative configuration of the OVNKubernetesConfig type for use with @@ -54,3 +56,19 @@ func (b *OVNKubernetesConfigApplyConfiguration) WithMTU(value int32) *OVNKuberne b.MTU = &value return b } + +// WithV4InternalSubnet sets the V4InternalSubnet field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the V4InternalSubnet field is set to the value of the last call. +func (b *OVNKubernetesConfigApplyConfiguration) WithV4InternalSubnet(value string) *OVNKubernetesConfigApplyConfiguration { + b.V4InternalSubnet = &value + return b +} + +// WithV6InternalSubnet sets the V6InternalSubnet field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the V6InternalSubnet field is set to the value of the last call. +func (b *OVNKubernetesConfigApplyConfiguration) WithV6InternalSubnet(value string) *OVNKubernetesConfigApplyConfiguration { + b.V6InternalSubnet = &value + return b +} diff --git a/cmd/install/assets/crds/hypershift-operator/tests/hostedclusters.hypershift.openshift.io/stable.hostedclusters.networking.testsuite.yaml b/cmd/install/assets/crds/hypershift-operator/tests/hostedclusters.hypershift.openshift.io/stable.hostedclusters.networking.testsuite.yaml index 8c0073612e1f..58f044d52a77 100644 --- a/cmd/install/assets/crds/hypershift-operator/tests/hostedclusters.hypershift.openshift.io/stable.hostedclusters.networking.testsuite.yaml +++ b/cmd/install/assets/crds/hypershift-operator/tests/hostedclusters.hypershift.openshift.io/stable.hostedclusters.networking.testsuite.yaml @@ -579,6 +579,601 @@ tests: type: Route route: {} + # --- v4InternalSubnet validation --- + - name: When v4InternalSubnet is a valid IPv4 CIDR it should pass + initial: | + apiVersion: hypershift.openshift.io/v1beta1 + kind: HostedCluster + spec: + networking: + networkType: OVNKubernetes + operatorConfiguration: + clusterNetworkOperator: + ovnKubernetesConfig: + v4InternalSubnet: "100.64.0.0/16" + dns: + baseDomain: example.com + platform: + type: AWS + pullSecret: + name: secret + release: + image: quay.io/openshift-release-dev/ocp-release:4.15.11-x86_64 + secretEncryption: + aescbc: + activeKey: + name: key + type: aescbc + services: + - service: APIServer + servicePublishingStrategy: + type: Route + route: {} + - service: OAuthServer + servicePublishingStrategy: + type: Route + route: {} + - service: Konnectivity + servicePublishingStrategy: + type: Route + route: {} + - service: Ignition + servicePublishingStrategy: + type: Route + route: {} + + - name: When v4InternalSubnet is an IPv6 CIDR it should fail + initial: | + apiVersion: hypershift.openshift.io/v1beta1 + kind: HostedCluster + spec: + networking: + networkType: OVNKubernetes + operatorConfiguration: + clusterNetworkOperator: + ovnKubernetesConfig: + v4InternalSubnet: "fd98::/64" + dns: + baseDomain: example.com + platform: + type: AWS + pullSecret: + name: secret + release: + image: quay.io/openshift-release-dev/ocp-release:4.15.11-x86_64 + secretEncryption: + aescbc: + activeKey: + name: key + type: aescbc + services: + - service: APIServer + servicePublishingStrategy: + type: Route + route: {} + - service: OAuthServer + servicePublishingStrategy: + type: Route + route: {} + - service: Konnectivity + servicePublishingStrategy: + type: Route + route: {} + - service: Ignition + servicePublishingStrategy: + type: Route + route: {} + expectedError: "Subnet must be in a valid IPv4 CIDR format" + + - name: When v4InternalSubnet has an invalid CIDR format it should fail + initial: | + apiVersion: hypershift.openshift.io/v1beta1 + kind: HostedCluster + spec: + networking: + networkType: OVNKubernetes + operatorConfiguration: + clusterNetworkOperator: + ovnKubernetesConfig: + v4InternalSubnet: "not-a-cidr!!" + dns: + baseDomain: example.com + platform: + type: AWS + pullSecret: + name: secret + release: + image: quay.io/openshift-release-dev/ocp-release:4.15.11-x86_64 + secretEncryption: + aescbc: + activeKey: + name: key + type: aescbc + services: + - service: APIServer + servicePublishingStrategy: + type: Route + route: {} + - service: OAuthServer + servicePublishingStrategy: + type: Route + route: {} + - service: Konnectivity + servicePublishingStrategy: + type: Route + route: {} + - service: Ignition + servicePublishingStrategy: + type: Route + route: {} + expectedError: "Subnet must be in a valid IPv4 CIDR format" + + - name: When v4InternalSubnet prefix length exceeds /30 it should fail + initial: | + apiVersion: hypershift.openshift.io/v1beta1 + kind: HostedCluster + spec: + networking: + networkType: OVNKubernetes + operatorConfiguration: + clusterNetworkOperator: + ovnKubernetesConfig: + v4InternalSubnet: "10.10.0.0/31" + dns: + baseDomain: example.com + platform: + type: AWS + pullSecret: + name: secret + release: + image: quay.io/openshift-release-dev/ocp-release:4.15.11-x86_64 + secretEncryption: + aescbc: + activeKey: + name: key + type: aescbc + services: + - service: APIServer + servicePublishingStrategy: + type: Route + route: {} + - service: OAuthServer + servicePublishingStrategy: + type: Route + route: {} + - service: Konnectivity + servicePublishingStrategy: + type: Route + route: {} + - service: Ignition + servicePublishingStrategy: + type: Route + route: {} + expectedError: "subnet must be in the range /0 to /30 inclusive" + + - name: When v4InternalSubnet first octet is 0 it should fail + initial: | + apiVersion: hypershift.openshift.io/v1beta1 + kind: HostedCluster + spec: + networking: + networkType: OVNKubernetes + operatorConfiguration: + clusterNetworkOperator: + ovnKubernetesConfig: + v4InternalSubnet: "0.10.0.0/16" + dns: + baseDomain: example.com + platform: + type: AWS + pullSecret: + name: secret + release: + image: quay.io/openshift-release-dev/ocp-release:4.15.11-x86_64 + secretEncryption: + aescbc: + activeKey: + name: key + type: aescbc + services: + - service: APIServer + servicePublishingStrategy: + type: Route + route: {} + - service: OAuthServer + servicePublishingStrategy: + type: Route + route: {} + - service: Konnectivity + servicePublishingStrategy: + type: Route + route: {} + - service: Ignition + servicePublishingStrategy: + type: Route + route: {} + expectedError: "first IP address octet must not be 0" + + # --- v6InternalSubnet validation --- + - name: When v6InternalSubnet is a valid IPv6 CIDR it should pass + initial: | + apiVersion: hypershift.openshift.io/v1beta1 + kind: HostedCluster + spec: + networking: + networkType: OVNKubernetes + operatorConfiguration: + clusterNetworkOperator: + ovnKubernetesConfig: + v6InternalSubnet: "fd98::/64" + dns: + baseDomain: example.com + platform: + type: AWS + pullSecret: + name: secret + release: + image: quay.io/openshift-release-dev/ocp-release:4.15.11-x86_64 + secretEncryption: + aescbc: + activeKey: + name: key + type: aescbc + services: + - service: APIServer + servicePublishingStrategy: + type: Route + route: {} + - service: OAuthServer + servicePublishingStrategy: + type: Route + route: {} + - service: Konnectivity + servicePublishingStrategy: + type: Route + route: {} + - service: Ignition + servicePublishingStrategy: + type: Route + route: {} + + - name: When v6InternalSubnet is an IPv4 CIDR it should fail + initial: | + apiVersion: hypershift.openshift.io/v1beta1 + kind: HostedCluster + spec: + networking: + networkType: OVNKubernetes + operatorConfiguration: + clusterNetworkOperator: + ovnKubernetesConfig: + v6InternalSubnet: "10.10.0.0/16" + dns: + baseDomain: example.com + platform: + type: AWS + pullSecret: + name: secret + release: + image: quay.io/openshift-release-dev/ocp-release:4.15.11-x86_64 + secretEncryption: + aescbc: + activeKey: + name: key + type: aescbc + services: + - service: APIServer + servicePublishingStrategy: + type: Route + route: {} + - service: OAuthServer + servicePublishingStrategy: + type: Route + route: {} + - service: Konnectivity + servicePublishingStrategy: + type: Route + route: {} + - service: Ignition + servicePublishingStrategy: + type: Route + route: {} + expectedError: "Subnet must be in valid IPv6 CIDR format" + + - name: When v6InternalSubnet prefix length exceeds /125 it should fail + initial: | + apiVersion: hypershift.openshift.io/v1beta1 + kind: HostedCluster + spec: + networking: + networkType: OVNKubernetes + operatorConfiguration: + clusterNetworkOperator: + ovnKubernetesConfig: + v6InternalSubnet: "fd98::/126" + dns: + baseDomain: example.com + platform: + type: AWS + pullSecret: + name: secret + release: + image: quay.io/openshift-release-dev/ocp-release:4.15.11-x86_64 + secretEncryption: + aescbc: + activeKey: + name: key + type: aescbc + services: + - service: APIServer + servicePublishingStrategy: + type: Route + route: {} + - service: OAuthServer + servicePublishingStrategy: + type: Route + route: {} + - service: Konnectivity + servicePublishingStrategy: + type: Route + route: {} + - service: Ignition + servicePublishingStrategy: + type: Route + route: {} + expectedError: "subnet must be in the range /0 to /125 inclusive" + + # --- v4/v6InternalSubnet immutability --- + onUpdate: + - name: When v4InternalSubnet is changed on update it should fail + initial: | + apiVersion: hypershift.openshift.io/v1beta1 + kind: HostedCluster + spec: + networking: + networkType: OVNKubernetes + operatorConfiguration: + clusterNetworkOperator: + ovnKubernetesConfig: + v4InternalSubnet: "100.64.0.0/16" + dns: + baseDomain: example.com + platform: + type: AWS + pullSecret: + name: secret + release: + image: quay.io/openshift-release-dev/ocp-release:4.15.11-x86_64 + secretEncryption: + aescbc: + activeKey: + name: key + type: aescbc + services: + - service: APIServer + servicePublishingStrategy: + type: Route + route: {} + - service: OAuthServer + servicePublishingStrategy: + type: Route + route: {} + - service: Konnectivity + servicePublishingStrategy: + type: Route + route: {} + - service: Ignition + servicePublishingStrategy: + type: Route + route: {} + updated: | + apiVersion: hypershift.openshift.io/v1beta1 + kind: HostedCluster + spec: + networking: + networkType: OVNKubernetes + operatorConfiguration: + clusterNetworkOperator: + ovnKubernetesConfig: + v4InternalSubnet: "10.10.0.0/16" + dns: + baseDomain: example.com + platform: + type: AWS + pullSecret: + name: secret + release: + image: quay.io/openshift-release-dev/ocp-release:4.15.11-x86_64 + secretEncryption: + aescbc: + activeKey: + name: key + type: aescbc + services: + - service: APIServer + servicePublishingStrategy: + type: Route + route: {} + - service: OAuthServer + servicePublishingStrategy: + type: Route + route: {} + - service: Konnectivity + servicePublishingStrategy: + type: Route + route: {} + - service: Ignition + servicePublishingStrategy: + type: Route + route: {} + expectedError: "v4InternalSubnet is immutable once set" + + - name: When v6InternalSubnet is changed on update it should fail + initial: | + apiVersion: hypershift.openshift.io/v1beta1 + kind: HostedCluster + spec: + networking: + networkType: OVNKubernetes + operatorConfiguration: + clusterNetworkOperator: + ovnKubernetesConfig: + v6InternalSubnet: "fd98::/64" + dns: + baseDomain: example.com + platform: + type: AWS + pullSecret: + name: secret + release: + image: quay.io/openshift-release-dev/ocp-release:4.15.11-x86_64 + secretEncryption: + aescbc: + activeKey: + name: key + type: aescbc + services: + - service: APIServer + servicePublishingStrategy: + type: Route + route: {} + - service: OAuthServer + servicePublishingStrategy: + type: Route + route: {} + - service: Konnectivity + servicePublishingStrategy: + type: Route + route: {} + - service: Ignition + servicePublishingStrategy: + type: Route + route: {} + updated: | + apiVersion: hypershift.openshift.io/v1beta1 + kind: HostedCluster + spec: + networking: + networkType: OVNKubernetes + operatorConfiguration: + clusterNetworkOperator: + ovnKubernetesConfig: + v6InternalSubnet: "fd99::/64" + dns: + baseDomain: example.com + platform: + type: AWS + pullSecret: + name: secret + release: + image: quay.io/openshift-release-dev/ocp-release:4.15.11-x86_64 + secretEncryption: + aescbc: + activeKey: + name: key + type: aescbc + services: + - service: APIServer + servicePublishingStrategy: + type: Route + route: {} + - service: OAuthServer + servicePublishingStrategy: + type: Route + route: {} + - service: Konnectivity + servicePublishingStrategy: + type: Route + route: {} + - service: Ignition + servicePublishingStrategy: + type: Route + route: {} + expectedError: "v6InternalSubnet is immutable once set" + + - name: When v4InternalSubnet is removed on update it should fail + initial: | + apiVersion: hypershift.openshift.io/v1beta1 + kind: HostedCluster + spec: + networking: + networkType: OVNKubernetes + operatorConfiguration: + clusterNetworkOperator: + ovnKubernetesConfig: + v4InternalSubnet: "100.64.0.0/16" + dns: + baseDomain: example.com + platform: + type: AWS + pullSecret: + name: secret + release: + image: quay.io/openshift-release-dev/ocp-release:4.15.11-x86_64 + secretEncryption: + aescbc: + activeKey: + name: key + type: aescbc + services: + - service: APIServer + servicePublishingStrategy: + type: Route + route: {} + - service: OAuthServer + servicePublishingStrategy: + type: Route + route: {} + - service: Konnectivity + servicePublishingStrategy: + type: Route + route: {} + - service: Ignition + servicePublishingStrategy: + type: Route + route: {} + updated: | + apiVersion: hypershift.openshift.io/v1beta1 + kind: HostedCluster + spec: + networking: + networkType: OVNKubernetes + operatorConfiguration: + clusterNetworkOperator: + ovnKubernetesConfig: + mtu: 1400 + dns: + baseDomain: example.com + platform: + type: AWS + pullSecret: + name: secret + release: + image: quay.io/openshift-release-dev/ocp-release:4.15.11-x86_64 + secretEncryption: + aescbc: + activeKey: + name: key + type: aescbc + services: + - service: APIServer + servicePublishingStrategy: + type: Route + route: {} + - service: OAuthServer + servicePublishingStrategy: + type: Route + route: {} + - service: Konnectivity + servicePublishingStrategy: + type: Route + route: {} + - service: Ignition + servicePublishingStrategy: + type: Route + route: {} + expectedError: "v4InternalSubnet is immutable once set and cannot be removed" + - name: When ovnKubernetesConfig is not set and networkType is not OVNKubernetes it should pass initial: | apiVersion: hypershift.openshift.io/v1beta1 diff --git a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-CustomNoUpgrade.crd.yaml b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-CustomNoUpgrade.crd.yaml index d406b89a759f..8a82beadb8c3 100644 --- a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-CustomNoUpgrade.crd.yaml +++ b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-CustomNoUpgrade.crd.yaml @@ -4104,6 +4104,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -4128,6 +4178,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-Default.crd.yaml b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-Default.crd.yaml index bbafc3f882a8..0c3035c524e5 100644 --- a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-Default.crd.yaml +++ b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-Default.crd.yaml @@ -3774,6 +3774,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3798,6 +3848,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-TechPreviewNoUpgrade.crd.yaml b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-TechPreviewNoUpgrade.crd.yaml index 30d17382b0f8..43a32af6af58 100644 --- a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-TechPreviewNoUpgrade.crd.yaml +++ b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-TechPreviewNoUpgrade.crd.yaml @@ -3975,6 +3975,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3999,6 +4049,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-CustomNoUpgrade.crd.yaml b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-CustomNoUpgrade.crd.yaml index 798d4f0664f8..768305e0d4f2 100644 --- a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-CustomNoUpgrade.crd.yaml +++ b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-CustomNoUpgrade.crd.yaml @@ -3992,6 +3992,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -4016,6 +4066,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-Default.crd.yaml b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-Default.crd.yaml index 5fd583a45ffa..390ae82a2000 100644 --- a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-Default.crd.yaml +++ b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-Default.crd.yaml @@ -3662,6 +3662,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3686,6 +3736,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-TechPreviewNoUpgrade.crd.yaml b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-TechPreviewNoUpgrade.crd.yaml index 25068f5cf7f6..7d7517af56a9 100644 --- a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-TechPreviewNoUpgrade.crd.yaml +++ b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-TechPreviewNoUpgrade.crd.yaml @@ -3863,6 +3863,56 @@ spec: x-kubernetes-validations: - message: mtu is immutable once set rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is 100.64.0.0/16. + The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + four decimal octets (0-255) separated by dots, followed by a slash and a prefix + length. The prefix length must be between 0 and 30 inclusive, and the first + octet must not be 0. + The value must be between 9 and 18 characters in length. + This field is immutable once set. + maxLength: 18 + minLength: 9 + type: string + x-kubernetes-validations: + - message: v4InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in a valid IPv4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && cidr(self).ip().family() == 4 + && int(self.split('.')[0]) > 0 + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. Once set, the value is immutable + and cannot be modified in subsequent updates. + The default is fd98::/64. + The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + IPv6 address followed by a slash and a prefix length. The prefix length must + be between 0 and 125 inclusive. + The value must be between 4 and 48 characters in length. + This field is immutable once set. + maxLength: 48 + minLength: 4 + type: string + x-kubernetes-validations: + - message: v6InternalSubnet is immutable once set + rule: self == oldSelf + - message: Subnet must be in valid IPv6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 type: object x-kubernetes-validations: - message: internalJoinSubnet and internalTransitSwitchSubnet @@ -3887,6 +3937,12 @@ spec: once set rule: '!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))' + - message: v4InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)' + - message: v6InternalSubnet is immutable once set and cannot + be removed + rule: '!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)' type: object x-kubernetes-validations: - message: ovnKubernetesConfig is immutable once set and cannot diff --git a/vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/operator.go b/vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/operator.go index c14858d3fa14..0b58a6a51092 100644 --- a/vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/operator.go +++ b/vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/operator.go @@ -82,6 +82,8 @@ type ClusterNetworkOperatorSpec struct { // +kubebuilder:validation:XValidation:rule="!has(oldSelf.ipv6) || has(self.ipv6)", message="ipv6 is immutable once set and cannot be removed" // +kubebuilder:validation:XValidation:rule="!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalJoinSubnet) || (has(self.ipv6) && has(self.ipv6.internalJoinSubnet))", message="ipv6.internalJoinSubnet cannot be removed once set" // +kubebuilder:validation:XValidation:rule="!has(oldSelf.ipv6) || !has(oldSelf.ipv6.internalTransitSwitchSubnet) || (has(self.ipv6) && has(self.ipv6.internalTransitSwitchSubnet))", message="ipv6.internalTransitSwitchSubnet cannot be removed once set" +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.v4InternalSubnet) || has(self.v4InternalSubnet)",message="v4InternalSubnet is immutable once set and cannot be removed" +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.v6InternalSubnet) || has(self.v6InternalSubnet)",message="v6InternalSubnet is immutable once set and cannot be removed" // +kubebuilder:validation:MinProperties=1 type OVNKubernetesConfig struct { // ipv4 allows users to configure IP settings for IPv4 connections. When omitted, @@ -115,6 +117,46 @@ type OVNKubernetesConfig struct { // +kubebuilder:validation:Maximum=9216 // +optional MTU int32 `json:"mtu,omitempty"` + + // v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + // default one is being already used by something else. It must not overlap with + // any other subnet being used by OpenShift or by the node network. The size of the + // subnet must be larger than the number of nodes. Once set, the value is immutable + // and cannot be modified in subsequent updates. + // The default is 100.64.0.0/16. + // The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of + // four decimal octets (0-255) separated by dots, followed by a slash and a prefix + // length. The prefix length must be between 0 and 30 inclusive, and the first + // octet must not be 0. + // The value must be between 9 and 18 characters in length. + // This field is immutable once set. + // +kubebuilder:validation:MaxLength=18 + // +kubebuilder:validation:MinLength=9 + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="v4InternalSubnet is immutable once set" + // +kubebuilder:validation:XValidation:rule="isCIDR(self) && cidr(self).ip().family() == 4",message="Subnet must be in a valid IPv4 CIDR format" + // +kubebuilder:validation:XValidation:rule="isCIDR(self) && cidr(self).prefixLength() <= 30",message="subnet must be in the range /0 to /30 inclusive" + // +kubebuilder:validation:XValidation:rule="isCIDR(self) && cidr(self).ip().family() == 4 && int(self.split('.')[0]) > 0",message="first IP address octet must not be 0" + // +optional + V4InternalSubnet string `json:"v4InternalSubnet,omitempty"` + + // v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + // default one is being already used by something else. It must not overlap with + // any other subnet being used by OpenShift or by the node network. The size of the + // subnet must be larger than the number of nodes. Once set, the value is immutable + // and cannot be modified in subsequent updates. + // The default is fd98::/64. + // The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an + // IPv6 address followed by a slash and a prefix length. The prefix length must + // be between 0 and 125 inclusive. + // The value must be between 4 and 48 characters in length. + // This field is immutable once set. + // +kubebuilder:validation:MaxLength=48 + // +kubebuilder:validation:MinLength=4 + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="v6InternalSubnet is immutable once set" + // +kubebuilder:validation:XValidation:rule="isCIDR(self) && cidr(self).ip().family() == 6",message="Subnet must be in valid IPv6 CIDR format" + // +kubebuilder:validation:XValidation:rule="isCIDR(self) && cidr(self).prefixLength() <= 125",message="subnet must be in the range /0 to /125 inclusive" + // +optional + V6InternalSubnet string `json:"v6InternalSubnet,omitempty"` } // OVNIPv4Config contains IPv4-specific configuration options for OVN-Kubernetes. From de474da4fa3bd097f4f76ccfd437c9ca3398ba62 Mon Sep 17 00:00:00 2001 From: OpenShift CI Bot Date: Thu, 18 Jun 2026 14:00:53 +0000 Subject: [PATCH 3/7] feat(hypershift-operator): add CIDR overlap validation for v4/v6InternalSubnet - Extract appendCIDREntry helper for compile-time safe CIDR entry construction - Add v4InternalSubnet and v6InternalSubnet to CIDR overlap validation in validateSliceNetworkCIDRs - Add unit tests for overlap detection against machine, cluster, and service networks, as well as cross-field overlap with internalJoinSubnet Signed-off-by: OpenShift CI Bot Commit-Message-Assisted-by: Claude (via Claude Code) --- .../hostedcluster/hostedcluster_controller.go | 35 +++---- .../hostedcluster_controller_test.go | 95 +++++++++++++++++++ 2 files changed, 114 insertions(+), 16 deletions(-) diff --git a/hypershift-operator/controllers/hostedcluster/hostedcluster_controller.go b/hypershift-operator/controllers/hostedcluster/hostedcluster_controller.go index 61c5c63bb16c..a19283c0d099 100644 --- a/hypershift-operator/controllers/hostedcluster/hostedcluster_controller.go +++ b/hypershift-operator/controllers/hostedcluster/hostedcluster_controller.go @@ -4373,23 +4373,15 @@ func validateSliceNetworkCIDRs(hc *hyperv1.HostedCluster) field.ErrorList { if hc.Spec.Networking.NetworkType == hyperv1.OVNKubernetes && hc.Spec.OperatorConfiguration != nil && hc.Spec.OperatorConfiguration.ClusterNetworkOperator != nil && - hc.Spec.OperatorConfiguration.ClusterNetworkOperator.OVNKubernetesConfig != nil && - hc.Spec.OperatorConfiguration.ClusterNetworkOperator.OVNKubernetesConfig.IPv4 != nil { - ovnConfig := hc.Spec.OperatorConfiguration.ClusterNetworkOperator.OVNKubernetesConfig.IPv4 - if ovnConfig.InternalJoinSubnet != "" { - _, cidr, err := net.ParseCIDR(ovnConfig.InternalJoinSubnet) - if err == nil { - ce := cidrEntry{*cidr, *field.NewPath("spec", "operatorConfiguration", "clusterNetworkOperator", "ovnKubernetesConfig", "ipv4", "internalJoinSubnet")} - cidrEntries = append(cidrEntries, ce) - } - } - if ovnConfig.InternalTransitSwitchSubnet != "" { - _, cidr, err := net.ParseCIDR(ovnConfig.InternalTransitSwitchSubnet) - if err == nil { - ce := cidrEntry{*cidr, *field.NewPath("spec", "operatorConfiguration", "clusterNetworkOperator", "ovnKubernetesConfig", "ipv4", "internalTransitSwitchSubnet")} - cidrEntries = append(cidrEntries, ce) - } + hc.Spec.OperatorConfiguration.ClusterNetworkOperator.OVNKubernetesConfig != nil { + ovnKubeConfig := hc.Spec.OperatorConfiguration.ClusterNetworkOperator.OVNKubernetesConfig + ovnBasePath := []string{"spec", "operatorConfiguration", "clusterNetworkOperator", "ovnKubernetesConfig"} + if ovnKubeConfig.IPv4 != nil { + cidrEntries = appendCIDREntry(cidrEntries, ovnKubeConfig.IPv4.InternalJoinSubnet, append(ovnBasePath, "ipv4", "internalJoinSubnet")...) + cidrEntries = appendCIDREntry(cidrEntries, ovnKubeConfig.IPv4.InternalTransitSwitchSubnet, append(ovnBasePath, "ipv4", "internalTransitSwitchSubnet")...) } + cidrEntries = appendCIDREntry(cidrEntries, ovnKubeConfig.V4InternalSubnet, append(ovnBasePath, "v4InternalSubnet")...) + cidrEntries = appendCIDREntry(cidrEntries, ovnKubeConfig.V6InternalSubnet, append(ovnBasePath, "v6InternalSubnet")...) } if hc.Spec.Networking.NetworkType == hyperv1.OVNKubernetes { @@ -4438,6 +4430,17 @@ func validateSliceNetworkCIDRs(hc *hyperv1.HostedCluster) field.ErrorList { return compareCIDREntries(cidrEntries) } +func appendCIDREntry(entries []cidrEntry, cidrStr string, pathElements ...string) []cidrEntry { + if cidrStr == "" || len(pathElements) == 0 { + return entries + } + _, cidr, err := net.ParseCIDR(cidrStr) + if err != nil { + return entries + } + return append(entries, cidrEntry{*cidr, *field.NewPath(pathElements[0], pathElements[1:]...)}) +} + type cidrEntry struct { net net.IPNet path field.Path diff --git a/hypershift-operator/controllers/hostedcluster/hostedcluster_controller_test.go b/hypershift-operator/controllers/hostedcluster/hostedcluster_controller_test.go index 4554f0cbc5b5..a46e6666a6f6 100644 --- a/hypershift-operator/controllers/hostedcluster/hostedcluster_controller_test.go +++ b/hypershift-operator/controllers/hostedcluster/hostedcluster_controller_test.go @@ -4467,6 +4467,101 @@ func TestValidateSliceNetworkCIDRs(t *testing.T) { ovnConfig: nil, wantErr: false, }, + { + name: "When OVN-Kubernetes v4InternalSubnet does not overlap, it should succeed", + mn: []hyperv1.MachineNetworkEntry{{CIDR: *ipnet.MustParseCIDR("192.168.1.0/24")}}, + cn: []hyperv1.ClusterNetworkEntry{{CIDR: *ipnet.MustParseCIDR("10.128.0.0/14")}}, + sn: []hyperv1.ServiceNetworkEntry{{CIDR: *ipnet.MustParseCIDR("172.30.0.0/16")}}, + networkType: hyperv1.OVNKubernetes, + ovnConfig: &hyperv1.OVNKubernetesConfig{ + V4InternalSubnet: "100.64.0.0/16", + }, + wantErr: false, + }, + { + name: "When OVN-Kubernetes v4InternalSubnet overlaps with MachineNetwork, it should fail", + mn: []hyperv1.MachineNetworkEntry{{CIDR: *ipnet.MustParseCIDR("192.168.1.0/24")}}, + cn: []hyperv1.ClusterNetworkEntry{{CIDR: *ipnet.MustParseCIDR("10.128.0.0/14")}}, + sn: []hyperv1.ServiceNetworkEntry{{CIDR: *ipnet.MustParseCIDR("172.30.0.0/16")}}, + networkType: hyperv1.OVNKubernetes, + ovnConfig: &hyperv1.OVNKubernetesConfig{ + V4InternalSubnet: "192.168.0.0/16", + }, + wantErr: true, + }, + { + name: "When OVN-Kubernetes v4InternalSubnet overlaps with ClusterNetwork, it should fail", + mn: []hyperv1.MachineNetworkEntry{{CIDR: *ipnet.MustParseCIDR("192.168.1.0/24")}}, + cn: []hyperv1.ClusterNetworkEntry{{CIDR: *ipnet.MustParseCIDR("10.128.0.0/14")}}, + sn: []hyperv1.ServiceNetworkEntry{{CIDR: *ipnet.MustParseCIDR("172.30.0.0/16")}}, + networkType: hyperv1.OVNKubernetes, + ovnConfig: &hyperv1.OVNKubernetesConfig{ + V4InternalSubnet: "10.129.0.0/16", + }, + wantErr: true, + }, + { + name: "When OVN-Kubernetes v4InternalSubnet overlaps with InternalJoinSubnet, it should fail", + mn: []hyperv1.MachineNetworkEntry{{CIDR: *ipnet.MustParseCIDR("192.168.1.0/24")}}, + cn: []hyperv1.ClusterNetworkEntry{{CIDR: *ipnet.MustParseCIDR("10.128.0.0/14")}}, + sn: []hyperv1.ServiceNetworkEntry{{CIDR: *ipnet.MustParseCIDR("172.30.0.0/16")}}, + networkType: hyperv1.OVNKubernetes, + ovnConfig: &hyperv1.OVNKubernetesConfig{ + V4InternalSubnet: "100.64.0.0/16", + IPv4: &hyperv1.OVNIPv4Config{ + InternalJoinSubnet: "100.64.0.0/24", + }, + }, + wantErr: true, + }, + { + name: "When OVN-Kubernetes v4InternalSubnet with IPv4 subnets and no overlap, it should succeed", + mn: []hyperv1.MachineNetworkEntry{{CIDR: *ipnet.MustParseCIDR("192.168.1.0/24")}}, + cn: []hyperv1.ClusterNetworkEntry{{CIDR: *ipnet.MustParseCIDR("10.128.0.0/14")}}, + sn: []hyperv1.ServiceNetworkEntry{{CIDR: *ipnet.MustParseCIDR("172.30.0.0/16")}}, + networkType: hyperv1.OVNKubernetes, + ovnConfig: &hyperv1.OVNKubernetesConfig{ + V4InternalSubnet: "100.64.0.0/16", + IPv4: &hyperv1.OVNIPv4Config{ + InternalJoinSubnet: "100.66.0.0/16", + InternalTransitSwitchSubnet: "100.88.0.0/16", + }, + }, + wantErr: false, + }, + { + name: "When OVN-Kubernetes v6InternalSubnet does not overlap, it should succeed", + mn: []hyperv1.MachineNetworkEntry{{CIDR: *ipnet.MustParseCIDR("fd01::/48")}}, + cn: []hyperv1.ClusterNetworkEntry{{CIDR: *ipnet.MustParseCIDR("fd02::/48")}}, + sn: []hyperv1.ServiceNetworkEntry{{CIDR: *ipnet.MustParseCIDR("fd03::/112")}}, + networkType: hyperv1.OVNKubernetes, + ovnConfig: &hyperv1.OVNKubernetesConfig{ + V6InternalSubnet: "fd99::/64", + }, + wantErr: false, + }, + { + name: "When OVN-Kubernetes v6InternalSubnet overlaps with MachineNetwork, it should fail", + mn: []hyperv1.MachineNetworkEntry{{CIDR: *ipnet.MustParseCIDR("fd01::/48")}}, + cn: []hyperv1.ClusterNetworkEntry{{CIDR: *ipnet.MustParseCIDR("fd02::/48")}}, + sn: []hyperv1.ServiceNetworkEntry{{CIDR: *ipnet.MustParseCIDR("fd03::/112")}}, + networkType: hyperv1.OVNKubernetes, + ovnConfig: &hyperv1.OVNKubernetesConfig{ + V6InternalSubnet: "fd01::1:0/64", + }, + wantErr: true, + }, + { + name: "When OVN-Kubernetes v6InternalSubnet overlaps with ClusterNetwork, it should fail", + mn: []hyperv1.MachineNetworkEntry{{CIDR: *ipnet.MustParseCIDR("fd01::/48")}}, + cn: []hyperv1.ClusterNetworkEntry{{CIDR: *ipnet.MustParseCIDR("fd02::/48")}}, + sn: []hyperv1.ServiceNetworkEntry{{CIDR: *ipnet.MustParseCIDR("fd03::/112")}}, + networkType: hyperv1.OVNKubernetes, + ovnConfig: &hyperv1.OVNKubernetesConfig{ + V6InternalSubnet: "fd02::1:0/64", + }, + wantErr: true, + }, } for _, tt := range tests { From acbc52f6c6a7fd2217e6bd2470d3632cebff3cc0 Mon Sep 17 00:00:00 2001 From: OpenShift CI Bot Date: Thu, 18 Jun 2026 14:00:59 +0000 Subject: [PATCH 4/7] feat(control-plane-operator): propagate v4/v6InternalSubnet to network operator - Extract applyOVNConfig to reduce cyclomatic complexity in ReconcileNetworkOperator - Propagate V4InternalSubnet and V6InternalSubnet from HostedCluster OVN config to the guest cluster network operator CR - User-specified values override platform defaults (e.g. KubeVirt's 100.66.0.0/16) - Add tests for AWS propagation, KubeVirt override, combined fields, and non-OVN network type no-ops Signed-off-by: OpenShift CI Bot Commit-Message-Assisted-by: Claude (via Claude Code) --- .../resources/network/reconcile.go | 73 ++++---- .../resources/network/reconcile_test.go | 164 ++++++++++++++++++ 2 files changed, 207 insertions(+), 30 deletions(-) diff --git a/control-plane-operator/hostedclusterconfigoperator/controllers/resources/network/reconcile.go b/control-plane-operator/hostedclusterconfigoperator/controllers/resources/network/reconcile.go index 1d22a3e2d4a5..be583cadc5b8 100644 --- a/control-plane-operator/hostedclusterconfigoperator/controllers/resources/network/reconcile.go +++ b/control-plane-operator/hostedclusterconfigoperator/controllers/resources/network/reconcile.go @@ -89,36 +89,7 @@ func ReconcileNetworkOperator(network *operatorv1.Network, networkType hyperv1.N if network.Spec.DefaultNetwork.OVNKubernetesConfig == nil { network.Spec.DefaultNetwork.OVNKubernetesConfig = &operatorv1.OVNKubernetesConfig{} } - ovnCfg := network.Spec.DefaultNetwork.OVNKubernetesConfig - // Apply IPv4 configuration - if ovnConfig.IPv4 != nil { - if ovnCfg.IPv4 == nil { - ovnCfg.IPv4 = &operatorv1.IPv4OVNKubernetesConfig{} - } - if ovnConfig.IPv4.InternalJoinSubnet != "" { - ovnCfg.IPv4.InternalJoinSubnet = ovnConfig.IPv4.InternalJoinSubnet - } - if ovnConfig.IPv4.InternalTransitSwitchSubnet != "" { - ovnCfg.IPv4.InternalTransitSwitchSubnet = ovnConfig.IPv4.InternalTransitSwitchSubnet - } - } - // Apply IPv6 configuration - if ovnConfig.IPv6.InternalJoinSubnet != "" { - if ovnCfg.IPv6 == nil { - ovnCfg.IPv6 = &operatorv1.IPv6OVNKubernetesConfig{} - } - ovnCfg.IPv6.InternalJoinSubnet = ovnConfig.IPv6.InternalJoinSubnet - } - if ovnConfig.IPv6.InternalTransitSwitchSubnet != "" { - if ovnCfg.IPv6 == nil { - ovnCfg.IPv6 = &operatorv1.IPv6OVNKubernetesConfig{} - } - ovnCfg.IPv6.InternalTransitSwitchSubnet = ovnConfig.IPv6.InternalTransitSwitchSubnet - } - // Apply MTU configuration - if ovnConfig.MTU > 0 { - ovnCfg.MTU = ptr.To(uint32(ovnConfig.MTU)) - } + applyOVNConfig(network.Spec.DefaultNetwork.OVNKubernetesConfig, ovnConfig) } // Setting the management state is required in order to create @@ -135,6 +106,48 @@ func ReconcileNetworkOperator(network *operatorv1.Network, networkType hyperv1.N } } +// applyOVNConfig applies user-specified OVN configuration to the network operator config. +// User-specified values take precedence over platform defaults (e.g., KubeVirt's 100.66.0.0/16). +func applyOVNConfig(ovnCfg *operatorv1.OVNKubernetesConfig, ovnConfig *hyperv1.OVNKubernetesConfig) { + // Apply IPv4 configuration + if ovnConfig.IPv4 != nil { + if ovnCfg.IPv4 == nil { + ovnCfg.IPv4 = &operatorv1.IPv4OVNKubernetesConfig{} + } + if ovnConfig.IPv4.InternalJoinSubnet != "" { + ovnCfg.IPv4.InternalJoinSubnet = ovnConfig.IPv4.InternalJoinSubnet + } + if ovnConfig.IPv4.InternalTransitSwitchSubnet != "" { + ovnCfg.IPv4.InternalTransitSwitchSubnet = ovnConfig.IPv4.InternalTransitSwitchSubnet + } + } + // Apply IPv6 configuration + if ovnConfig.IPv6.InternalJoinSubnet != "" { + if ovnCfg.IPv6 == nil { + ovnCfg.IPv6 = &operatorv1.IPv6OVNKubernetesConfig{} + } + ovnCfg.IPv6.InternalJoinSubnet = ovnConfig.IPv6.InternalJoinSubnet + } + if ovnConfig.IPv6.InternalTransitSwitchSubnet != "" { + if ovnCfg.IPv6 == nil { + ovnCfg.IPv6 = &operatorv1.IPv6OVNKubernetesConfig{} + } + ovnCfg.IPv6.InternalTransitSwitchSubnet = ovnConfig.IPv6.InternalTransitSwitchSubnet + } + // Apply MTU configuration + if ovnConfig.MTU > 0 { + ovnCfg.MTU = ptr.To(uint32(ovnConfig.MTU)) + } + // Apply V4InternalSubnet configuration. + if ovnConfig.V4InternalSubnet != "" { + ovnCfg.V4InternalSubnet = ovnConfig.V4InternalSubnet + } + // Apply V6InternalSubnet configuration. + if ovnConfig.V6InternalSubnet != "" { + ovnCfg.V6InternalSubnet = ovnConfig.V6InternalSubnet + } +} + func DetectSuboptimalMTU(ctx context.Context, mgmtClient client.Client, guestNetworkOperator *operatorv1.Network, hcp *hyperv1.HostedControlPlane) error { const recommendedMinMTU = uint32(9000) diff --git a/control-plane-operator/hostedclusterconfigoperator/controllers/resources/network/reconcile_test.go b/control-plane-operator/hostedclusterconfigoperator/controllers/resources/network/reconcile_test.go index 8222e38dabe4..87ec41c5a1e8 100644 --- a/control-plane-operator/hostedclusterconfigoperator/controllers/resources/network/reconcile_test.go +++ b/control-plane-operator/hostedclusterconfigoperator/controllers/resources/network/reconcile_test.go @@ -601,6 +601,170 @@ func TestReconcileDefaultIngressController(t *testing.T) { }, }, }, + { + name: "When v4InternalSubnet is specified, it should propagate to network operator", + inputNetwork: NetworkOperator(), + inputNetworkType: hyperv1.OVNKubernetes, + inputPlatformType: hyperv1.AWSPlatform, + disableMultiNetwork: false, + ovnConfig: &hyperv1.OVNKubernetesConfig{ + V4InternalSubnet: "10.128.0.0/16", + }, + expectedNetwork: &operatorv1.Network{ + ObjectMeta: NetworkOperator().ObjectMeta, + Spec: operatorv1.NetworkSpec{ + OperatorSpec: operatorv1.OperatorSpec{ + ManagementState: "Managed", + }, + DefaultNetwork: operatorv1.DefaultNetworkDefinition{ + OVNKubernetesConfig: &operatorv1.OVNKubernetesConfig{ + V4InternalSubnet: "10.128.0.0/16", + }, + }, + }, + }, + }, + { + name: "When v6InternalSubnet is specified, it should propagate to network operator", + inputNetwork: NetworkOperator(), + inputNetworkType: hyperv1.OVNKubernetes, + inputPlatformType: hyperv1.AWSPlatform, + disableMultiNetwork: false, + ovnConfig: &hyperv1.OVNKubernetesConfig{ + V6InternalSubnet: "fd99::/64", + }, + expectedNetwork: &operatorv1.Network{ + ObjectMeta: NetworkOperator().ObjectMeta, + Spec: operatorv1.NetworkSpec{ + OperatorSpec: operatorv1.OperatorSpec{ + ManagementState: "Managed", + }, + DefaultNetwork: operatorv1.DefaultNetworkDefinition{ + OVNKubernetesConfig: &operatorv1.OVNKubernetesConfig{ + V6InternalSubnet: "fd99::/64", + }, + }, + }, + }, + }, + { + name: "When KubeVirt with OVNKubernetes has user-specified v4InternalSubnet, it should override platform default", + inputNetwork: NetworkOperator(), + inputNetworkType: hyperv1.OVNKubernetes, + inputPlatformType: hyperv1.KubevirtPlatform, + disableMultiNetwork: false, + ovnConfig: &hyperv1.OVNKubernetesConfig{ + V4InternalSubnet: "10.200.0.0/16", + }, + expectedNetwork: &operatorv1.Network{ + ObjectMeta: NetworkOperator().ObjectMeta, + Spec: operatorv1.NetworkSpec{ + OperatorSpec: operatorv1.OperatorSpec{ + ManagementState: "Managed", + }, + DefaultNetwork: operatorv1.DefaultNetworkDefinition{ + OVNKubernetesConfig: &operatorv1.OVNKubernetesConfig{ + GenevePort: &genevePort, + V4InternalSubnet: "10.200.0.0/16", + }, + }, + }, + }, + }, + { + name: "When KubeVirt with OVNKubernetes has user-specified v6InternalSubnet only, it should retain platform defaults and apply V6", + inputNetwork: NetworkOperator(), + inputNetworkType: hyperv1.OVNKubernetes, + inputPlatformType: hyperv1.KubevirtPlatform, + disableMultiNetwork: false, + ovnConfig: &hyperv1.OVNKubernetesConfig{ + V6InternalSubnet: "fd99::/64", + }, + expectedNetwork: &operatorv1.Network{ + ObjectMeta: NetworkOperator().ObjectMeta, + Spec: operatorv1.NetworkSpec{ + OperatorSpec: operatorv1.OperatorSpec{ + ManagementState: "Managed", + }, + DefaultNetwork: operatorv1.DefaultNetworkDefinition{ + OVNKubernetesConfig: &operatorv1.OVNKubernetesConfig{ + GenevePort: &genevePort, + V4InternalSubnet: v4InternalSubnet, + V6InternalSubnet: "fd99::/64", + }, + }, + }, + }, + }, + { + name: "When v4InternalSubnet is specified with IPv4 subnets and MTU, it should propagate all", + inputNetwork: NetworkOperator(), + inputNetworkType: hyperv1.OVNKubernetes, + inputPlatformType: hyperv1.AWSPlatform, + disableMultiNetwork: false, + ovnConfig: &hyperv1.OVNKubernetesConfig{ + MTU: 8901, + V4InternalSubnet: "10.200.0.0/16", + V6InternalSubnet: "fd99::/64", + IPv4: &hyperv1.OVNIPv4Config{ + InternalJoinSubnet: "192.168.1.0/24", + }, + }, + expectedNetwork: &operatorv1.Network{ + ObjectMeta: NetworkOperator().ObjectMeta, + Spec: operatorv1.NetworkSpec{ + OperatorSpec: operatorv1.OperatorSpec{ + ManagementState: "Managed", + }, + DefaultNetwork: operatorv1.DefaultNetworkDefinition{ + OVNKubernetesConfig: &operatorv1.OVNKubernetesConfig{ + MTU: ptr.To(uint32(8901)), + V4InternalSubnet: "10.200.0.0/16", + V6InternalSubnet: "fd99::/64", + IPv4: &operatorv1.IPv4OVNKubernetesConfig{ + InternalJoinSubnet: "192.168.1.0/24", + }, + }, + }, + }, + }, + }, + { + name: "When v4InternalSubnet is specified with non-OVN network type, it should be ignored", + inputNetwork: NetworkOperator(), + inputNetworkType: hyperv1.OpenShiftSDN, + inputPlatformType: hyperv1.AWSPlatform, + disableMultiNetwork: false, + ovnConfig: &hyperv1.OVNKubernetesConfig{ + V4InternalSubnet: "10.200.0.0/16", + }, + expectedNetwork: &operatorv1.Network{ + ObjectMeta: NetworkOperator().ObjectMeta, + Spec: operatorv1.NetworkSpec{ + OperatorSpec: operatorv1.OperatorSpec{ + ManagementState: "Managed", + }, + }, + }, + }, + { + name: "When v6InternalSubnet is specified with non-OVN network type, it should be ignored", + inputNetwork: NetworkOperator(), + inputNetworkType: hyperv1.OpenShiftSDN, + inputPlatformType: hyperv1.AWSPlatform, + disableMultiNetwork: false, + ovnConfig: &hyperv1.OVNKubernetesConfig{ + V6InternalSubnet: "fd99::/64", + }, + expectedNetwork: &operatorv1.Network{ + ObjectMeta: NetworkOperator().ObjectMeta, + Spec: operatorv1.NetworkSpec{ + OperatorSpec: operatorv1.OperatorSpec{ + ManagementState: "Managed", + }, + }, + }, + }, } for _, tc := range testsCases { From 797deea79b2a1888e7682a6d087ced31fce6932c Mon Sep 17 00:00:00 2001 From: OpenShift CI Bot Date: Thu, 18 Jun 2026 14:01:02 +0000 Subject: [PATCH 5/7] docs: regenerate API reference and aggregated docs Signed-off-by: OpenShift CI Bot Commit-Message-Assisted-by: Claude (via Claude Code) --- docs/content/reference/aggregated-docs.md | 45 +++++++++++++++++++++++ docs/content/reference/api.md | 45 +++++++++++++++++++++++ 2 files changed, 90 insertions(+) diff --git a/docs/content/reference/aggregated-docs.md b/docs/content/reference/aggregated-docs.md index c61fb9f9f0fd..a989a2ac26fa 100644 --- a/docs/content/reference/aggregated-docs.md +++ b/docs/content/reference/aggregated-docs.md @@ -50333,6 +50333,51 @@ The minimum is 576, which is the minimum IPv4 MTU per RFC 791. This field is immutable once set.

+ + +v4InternalSubnet
+ +string + + + +(Optional) +

v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the +default one is being already used by something else. It must not overlap with +any other subnet being used by OpenShift or by the node network. The size of the +subnet must be larger than the number of nodes. Once set, the value is immutable +and cannot be modified in subsequent updates. +The default is 100.64.0.0/16. +The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of +four decimal octets (0-255) separated by dots, followed by a slash and a prefix +length. The prefix length must be between 0 and 30 inclusive, and the first +octet must not be 0. +The value must be between 9 and 18 characters in length. +This field is immutable once set.

+ + + + +v6InternalSubnet
+ +string + + + +(Optional) +

v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the +default one is being already used by something else. It must not overlap with +any other subnet being used by OpenShift or by the node network. The size of the +subnet must be larger than the number of nodes. Once set, the value is immutable +and cannot be modified in subsequent updates. +The default is fd98::/64. +The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an +IPv6 address followed by a slash and a prefix length. The prefix length must +be between 0 and 125 inclusive. +The value must be between 4 and 48 characters in length. +This field is immutable once set.

+ + ###ObjectEncodingFormat { #hypershift.openshift.io/v1beta1.ObjectEncodingFormat } diff --git a/docs/content/reference/api.md b/docs/content/reference/api.md index fb4fb96c1b20..5c0b3a27704f 100644 --- a/docs/content/reference/api.md +++ b/docs/content/reference/api.md @@ -13933,6 +13933,51 @@ The minimum is 576, which is the minimum IPv4 MTU per RFC 791. This field is immutable once set.

+ + +v4InternalSubnet
+ +string + + + +(Optional) +

v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the +default one is being already used by something else. It must not overlap with +any other subnet being used by OpenShift or by the node network. The size of the +subnet must be larger than the number of nodes. Once set, the value is immutable +and cannot be modified in subsequent updates. +The default is 100.64.0.0/16. +The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of +four decimal octets (0-255) separated by dots, followed by a slash and a prefix +length. The prefix length must be between 0 and 30 inclusive, and the first +octet must not be 0. +The value must be between 9 and 18 characters in length. +This field is immutable once set.

+ + + + +v6InternalSubnet
+ +string + + + +(Optional) +

v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the +default one is being already used by something else. It must not overlap with +any other subnet being used by OpenShift or by the node network. The size of the +subnet must be larger than the number of nodes. Once set, the value is immutable +and cannot be modified in subsequent updates. +The default is fd98::/64. +The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an +IPv6 address followed by a slash and a prefix length. The prefix length must +be between 0 and 125 inclusive. +The value must be between 4 and 48 characters in length. +This field is immutable once set.

+ + ###ObjectEncodingFormat { #hypershift.openshift.io/v1beta1.ObjectEncodingFormat } From 7bd6c967381447b49c3d964a44cdb9e0535a53e7 Mon Sep 17 00:00:00 2001 From: OpenShift CI Bot Date: Thu, 18 Jun 2026 15:00:38 +0000 Subject: [PATCH 6/7] fix(pre-commit): prevent filename passthrough to make pre-push hooks The pre-commit framework passes changed filenames as extra arguments to hook commands by default. For make-based hooks, this causes make to interpret those filenames as additional targets, triggering parallel invocations of the generate dependency. This creates a race condition in git clean -fx -- '*_mock.go' where one invocation deletes the mock files while others simultaneously try to lstat them, causing fatal errors. Add pass_filenames: false to both make-verify and make-test pre-push hooks since these make targets operate on the entire codebase and should not receive individual filenames. Co-Authored-By: Claude Opus 4.6 --- .pre-commit-config.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 9511f9ecb040..02ca4059b7c8 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -51,6 +51,7 @@ repos: description: Runs `make verify`. entry: make verify language: system + pass_filenames: false stages: [pre-push] require_serial: true - id: make-test @@ -58,6 +59,7 @@ repos: description: Runs `make test`. entry: make test language: system + pass_filenames: false stages: [ pre-push ] exclude: '^vendor/|^hack/tools/vendor/|^api/vendor/' fail_fast: true \ No newline at end of file From 92a4976574bd16ecad4b7a9381fe2bba288f3c5d Mon Sep 17 00:00:00 2001 From: OpenShift CI Bot Date: Thu, 18 Jun 2026 16:23:26 +0000 Subject: [PATCH 7/7] docs(api): clarify v4/v6InternalSubnet vs internalJoinSubnet in GoDoc Update GoDoc for v4InternalSubnet and v6InternalSubnet to clearly explain their purpose (gateway router LRP addresses and masquerade/SNAT traffic) and explicitly distinguish them from ipv4/ipv6.internalJoinSubnet (join switch interconnecting gateway routers with the cluster router). Both share the same default but control different OVN-Kubernetes internal networks. Regenerated CRDs and API docs. Co-Authored-By: Claude Opus 4.6 --- api/hypershift/v1beta1/operator.go | 32 +++++++++++++------ .../AAA_ungated.yaml | 32 +++++++++++++------ .../ClusterUpdateAcceptRisks.yaml | 32 +++++++++++++------ .../ClusterVersionOperatorConfiguration.yaml | 32 +++++++++++++------ .../ExternalOIDC.yaml | 32 +++++++++++++------ ...ernalOIDCWithUIDAndExtraClaimMappings.yaml | 32 +++++++++++++------ .../ExternalOIDCWithUpstreamParity.yaml | 32 +++++++++++++------ .../GCPPlatform.yaml | 32 +++++++++++++------ .../HCPEtcdBackup.yaml | 32 +++++++++++++------ ...perShiftOnlyDynamicResourceAllocation.yaml | 32 +++++++++++++------ .../ImageStreamImportMode.yaml | 32 +++++++++++++------ .../KMSEncryptionProvider.yaml | 32 +++++++++++++------ .../OpenStack.yaml | 32 +++++++++++++------ .../TLSAdherence.yaml | 32 +++++++++++++------ .../AAA_ungated.yaml | 32 +++++++++++++------ .../ClusterUpdateAcceptRisks.yaml | 32 +++++++++++++------ .../ClusterVersionOperatorConfiguration.yaml | 32 +++++++++++++------ .../ExternalOIDC.yaml | 32 +++++++++++++------ ...ernalOIDCWithUIDAndExtraClaimMappings.yaml | 32 +++++++++++++------ .../ExternalOIDCWithUpstreamParity.yaml | 32 +++++++++++++------ .../GCPPlatform.yaml | 32 +++++++++++++------ .../HCPEtcdBackup.yaml | 32 +++++++++++++------ ...perShiftOnlyDynamicResourceAllocation.yaml | 32 +++++++++++++------ .../ImageStreamImportMode.yaml | 32 +++++++++++++------ .../KMSEncryptionProvider.yaml | 32 +++++++++++++------ .../OpenStack.yaml | 32 +++++++++++++------ .../TLSAdherence.yaml | 32 +++++++++++++------ ...usters-Hypershift-CustomNoUpgrade.crd.yaml | 32 +++++++++++++------ ...hostedclusters-Hypershift-Default.crd.yaml | 32 +++++++++++++------ ...s-Hypershift-TechPreviewNoUpgrade.crd.yaml | 32 +++++++++++++------ ...planes-Hypershift-CustomNoUpgrade.crd.yaml | 32 +++++++++++++------ ...dcontrolplanes-Hypershift-Default.crd.yaml | 32 +++++++++++++------ ...s-Hypershift-TechPreviewNoUpgrade.crd.yaml | 32 +++++++++++++------ docs/content/reference/aggregated-docs.md | 32 +++++++++++++------ docs/content/reference/api.md | 32 +++++++++++++------ .../api/hypershift/v1beta1/operator.go | 32 +++++++++++++------ 36 files changed, 792 insertions(+), 360 deletions(-) diff --git a/api/hypershift/v1beta1/operator.go b/api/hypershift/v1beta1/operator.go index 0b58a6a51092..5c4160fb257a 100644 --- a/api/hypershift/v1beta1/operator.go +++ b/api/hypershift/v1beta1/operator.go @@ -118,11 +118,17 @@ type OVNKubernetesConfig struct { // +optional MTU int32 `json:"mtu,omitempty"` - // v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - // default one is being already used by something else. It must not overlap with - // any other subnet being used by OpenShift or by the node network. The size of the - // subnet must be larger than the number of nodes. Once set, the value is immutable - // and cannot be modified in subsequent updates. + // v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + // router logical router port (LRP) addresses and masquerade/SNAT traffic within + // the OVN logical topology. It must not overlap with any other subnet being used + // by OpenShift or by the node network. The size of the subnet must be larger than + // the number of nodes. + // This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + // for the join switch that interconnects per-node gateway routers with the cluster + // router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + // internal networks and can be configured independently to avoid overlaps with + // existing network infrastructure. + // Once set, the value is immutable and cannot be modified in subsequent updates. // The default is 100.64.0.0/16. // The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of // four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -139,11 +145,17 @@ type OVNKubernetesConfig struct { // +optional V4InternalSubnet string `json:"v4InternalSubnet,omitempty"` - // v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - // default one is being already used by something else. It must not overlap with - // any other subnet being used by OpenShift or by the node network. The size of the - // subnet must be larger than the number of nodes. Once set, the value is immutable - // and cannot be modified in subsequent updates. + // v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + // router logical router port (LRP) addresses and masquerade/SNAT traffic within + // the OVN logical topology. It must not overlap with any other subnet being used + // by OpenShift or by the node network. The size of the subnet must be larger than + // the number of nodes. + // This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + // for the join switch that interconnects per-node gateway routers with the cluster + // router. Both default to fd98::/64 but control different OVN-Kubernetes internal + // networks and can be configured independently to avoid overlaps with existing + // network infrastructure. + // Once set, the value is immutable and cannot be modified in subsequent updates. // The default is fd98::/64. // The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an // IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/AAA_ungated.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/AAA_ungated.yaml index fcf358bb4449..ec878578bd82 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/AAA_ungated.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/AAA_ungated.yaml @@ -3284,11 +3284,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3311,11 +3317,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ClusterUpdateAcceptRisks.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ClusterUpdateAcceptRisks.yaml index 7177140bcf29..276613512fd7 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ClusterUpdateAcceptRisks.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ClusterUpdateAcceptRisks.yaml @@ -3275,11 +3275,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3302,11 +3308,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ClusterVersionOperatorConfiguration.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ClusterVersionOperatorConfiguration.yaml index 586020960033..c111a539ebde 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ClusterVersionOperatorConfiguration.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ClusterVersionOperatorConfiguration.yaml @@ -3275,11 +3275,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3302,11 +3308,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDC.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDC.yaml index 84bfc22ce3a9..63ce8ae49cf0 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDC.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDC.yaml @@ -3607,11 +3607,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3634,11 +3640,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDCWithUIDAndExtraClaimMappings.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDCWithUIDAndExtraClaimMappings.yaml index 4906d3b04e1a..3a8bf4aaf010 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDCWithUIDAndExtraClaimMappings.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDCWithUIDAndExtraClaimMappings.yaml @@ -3747,11 +3747,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3774,11 +3780,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDCWithUpstreamParity.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDCWithUpstreamParity.yaml index 4c22eda66569..3fe253d52502 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDCWithUpstreamParity.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDCWithUpstreamParity.yaml @@ -3738,11 +3738,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3765,11 +3771,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/GCPPlatform.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/GCPPlatform.yaml index 02a545dcae6f..738e08e623e2 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/GCPPlatform.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/GCPPlatform.yaml @@ -3275,11 +3275,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3302,11 +3308,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/HCPEtcdBackup.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/HCPEtcdBackup.yaml index fc8dd6c64bfe..7c30226df0d8 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/HCPEtcdBackup.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/HCPEtcdBackup.yaml @@ -3340,11 +3340,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3367,11 +3373,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/HyperShiftOnlyDynamicResourceAllocation.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/HyperShiftOnlyDynamicResourceAllocation.yaml index 3e89aee92e7e..52b64931802e 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/HyperShiftOnlyDynamicResourceAllocation.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/HyperShiftOnlyDynamicResourceAllocation.yaml @@ -3297,11 +3297,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3324,11 +3330,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ImageStreamImportMode.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ImageStreamImportMode.yaml index 55eb3916611c..a4cc247c18ae 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ImageStreamImportMode.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ImageStreamImportMode.yaml @@ -3293,11 +3293,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3320,11 +3326,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/KMSEncryptionProvider.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/KMSEncryptionProvider.yaml index 4d1ae0061841..03ee4e9f7bb1 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/KMSEncryptionProvider.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/KMSEncryptionProvider.yaml @@ -3351,11 +3351,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3378,11 +3384,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/OpenStack.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/OpenStack.yaml index 417386cdc828..7c68a92ce8e9 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/OpenStack.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/OpenStack.yaml @@ -3275,11 +3275,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3302,11 +3308,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/TLSAdherence.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/TLSAdherence.yaml index ec9d79df1b26..b8ff95cd84bf 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/TLSAdherence.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/TLSAdherence.yaml @@ -3315,11 +3315,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3342,11 +3348,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/AAA_ungated.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/AAA_ungated.yaml index a63aae3a138d..e3c89b9609dd 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/AAA_ungated.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/AAA_ungated.yaml @@ -3172,11 +3172,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3199,11 +3205,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ClusterUpdateAcceptRisks.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ClusterUpdateAcceptRisks.yaml index 3ac818564a52..29709065fff0 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ClusterUpdateAcceptRisks.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ClusterUpdateAcceptRisks.yaml @@ -3163,11 +3163,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3190,11 +3196,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ClusterVersionOperatorConfiguration.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ClusterVersionOperatorConfiguration.yaml index 6392cbb63591..3b41adadd270 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ClusterVersionOperatorConfiguration.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ClusterVersionOperatorConfiguration.yaml @@ -3163,11 +3163,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3190,11 +3196,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDC.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDC.yaml index e1d09b289692..928be05cc8b6 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDC.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDC.yaml @@ -3495,11 +3495,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3522,11 +3528,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDCWithUIDAndExtraClaimMappings.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDCWithUIDAndExtraClaimMappings.yaml index bfff7b0e315a..1839c9c409b9 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDCWithUIDAndExtraClaimMappings.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDCWithUIDAndExtraClaimMappings.yaml @@ -3635,11 +3635,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3662,11 +3668,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDCWithUpstreamParity.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDCWithUpstreamParity.yaml index 559aeaf08d0e..5ddb9bba3bbf 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDCWithUpstreamParity.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDCWithUpstreamParity.yaml @@ -3626,11 +3626,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3653,11 +3659,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/GCPPlatform.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/GCPPlatform.yaml index 6b8fd15d1a54..25cdee2193ba 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/GCPPlatform.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/GCPPlatform.yaml @@ -3163,11 +3163,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3190,11 +3196,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/HCPEtcdBackup.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/HCPEtcdBackup.yaml index 73644a15a1e3..4507fc4ec999 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/HCPEtcdBackup.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/HCPEtcdBackup.yaml @@ -3228,11 +3228,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3255,11 +3261,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/HyperShiftOnlyDynamicResourceAllocation.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/HyperShiftOnlyDynamicResourceAllocation.yaml index 0e899b6f787f..e430dd8d5432 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/HyperShiftOnlyDynamicResourceAllocation.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/HyperShiftOnlyDynamicResourceAllocation.yaml @@ -3185,11 +3185,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3212,11 +3218,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ImageStreamImportMode.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ImageStreamImportMode.yaml index 86cf71e5a91c..c6af98a8c635 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ImageStreamImportMode.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ImageStreamImportMode.yaml @@ -3181,11 +3181,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3208,11 +3214,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/KMSEncryptionProvider.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/KMSEncryptionProvider.yaml index 0d07ee6f1c89..de5ad436611a 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/KMSEncryptionProvider.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/KMSEncryptionProvider.yaml @@ -3239,11 +3239,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3266,11 +3272,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/OpenStack.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/OpenStack.yaml index 19e01915aad0..553b07e49abd 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/OpenStack.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/OpenStack.yaml @@ -3163,11 +3163,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3190,11 +3196,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/TLSAdherence.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/TLSAdherence.yaml index 3533c0c1f756..5a69cea1c336 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/TLSAdherence.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/TLSAdherence.yaml @@ -3203,11 +3203,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3230,11 +3236,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-CustomNoUpgrade.crd.yaml b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-CustomNoUpgrade.crd.yaml index 8a82beadb8c3..49314345ef91 100644 --- a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-CustomNoUpgrade.crd.yaml +++ b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-CustomNoUpgrade.crd.yaml @@ -4106,11 +4106,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -4133,11 +4139,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-Default.crd.yaml b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-Default.crd.yaml index 0c3035c524e5..1b5c8f9d2f5f 100644 --- a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-Default.crd.yaml +++ b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-Default.crd.yaml @@ -3776,11 +3776,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3803,11 +3809,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-TechPreviewNoUpgrade.crd.yaml b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-TechPreviewNoUpgrade.crd.yaml index 43a32af6af58..94fea6d2dab1 100644 --- a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-TechPreviewNoUpgrade.crd.yaml +++ b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Hypershift-TechPreviewNoUpgrade.crd.yaml @@ -3977,11 +3977,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -4004,11 +4010,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-CustomNoUpgrade.crd.yaml b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-CustomNoUpgrade.crd.yaml index 768305e0d4f2..700aefa382ec 100644 --- a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-CustomNoUpgrade.crd.yaml +++ b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-CustomNoUpgrade.crd.yaml @@ -3994,11 +3994,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -4021,11 +4027,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-Default.crd.yaml b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-Default.crd.yaml index 390ae82a2000..ae537948064d 100644 --- a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-Default.crd.yaml +++ b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-Default.crd.yaml @@ -3664,11 +3664,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3691,11 +3697,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-TechPreviewNoUpgrade.crd.yaml b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-TechPreviewNoUpgrade.crd.yaml index 7d7517af56a9..949dbbfa52e0 100644 --- a/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-TechPreviewNoUpgrade.crd.yaml +++ b/cmd/install/assets/crds/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Hypershift-TechPreviewNoUpgrade.crd.yaml @@ -3865,11 +3865,17 @@ spec: rule: self == oldSelf v4InternalSubnet: description: |- - v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + internal networks and can be configured independently to avoid overlaps with + existing network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -3892,11 +3898,17 @@ spec: && int(self.split('.')[0]) > 0 v6InternalSubnet: description: |- - v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - default one is being already used by something else. It must not overlap with - any other subnet being used by OpenShift or by the node network. The size of the - subnet must be larger than the number of nodes. Once set, the value is immutable - and cannot be modified in subsequent updates. + v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + router logical router port (LRP) addresses and masquerade/SNAT traffic within + the OVN logical topology. It must not overlap with any other subnet being used + by OpenShift or by the node network. The size of the subnet must be larger than + the number of nodes. + This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + for the join switch that interconnects per-node gateway routers with the cluster + router. Both default to fd98::/64 but control different OVN-Kubernetes internal + networks and can be configured independently to avoid overlaps with existing + network infrastructure. + Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/docs/content/reference/aggregated-docs.md b/docs/content/reference/aggregated-docs.md index a989a2ac26fa..7cb221db78cf 100644 --- a/docs/content/reference/aggregated-docs.md +++ b/docs/content/reference/aggregated-docs.md @@ -50342,11 +50342,17 @@ string (Optional) -

v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the -default one is being already used by something else. It must not overlap with -any other subnet being used by OpenShift or by the node network. The size of the -subnet must be larger than the number of nodes. Once set, the value is immutable -and cannot be modified in subsequent updates. +

v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway +router logical router port (LRP) addresses and masquerade/SNAT traffic within +the OVN logical topology. It must not overlap with any other subnet being used +by OpenShift or by the node network. The size of the subnet must be larger than +the number of nodes. +This field is distinct from ipv4.internalJoinSubnet, which configures the subnet +for the join switch that interconnects per-node gateway routers with the cluster +router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes +internal networks and can be configured independently to avoid overlaps with +existing network infrastructure. +Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -50365,11 +50371,17 @@ string (Optional) -

v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the -default one is being already used by something else. It must not overlap with -any other subnet being used by OpenShift or by the node network. The size of the -subnet must be larger than the number of nodes. Once set, the value is immutable -and cannot be modified in subsequent updates. +

v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway +router logical router port (LRP) addresses and masquerade/SNAT traffic within +the OVN logical topology. It must not overlap with any other subnet being used +by OpenShift or by the node network. The size of the subnet must be larger than +the number of nodes. +This field is distinct from ipv6.internalJoinSubnet, which configures the subnet +for the join switch that interconnects per-node gateway routers with the cluster +router. Both default to fd98::/64 but control different OVN-Kubernetes internal +networks and can be configured independently to avoid overlaps with existing +network infrastructure. +Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/docs/content/reference/api.md b/docs/content/reference/api.md index 5c0b3a27704f..e1bd8d287954 100644 --- a/docs/content/reference/api.md +++ b/docs/content/reference/api.md @@ -13942,11 +13942,17 @@ string (Optional) -

v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the -default one is being already used by something else. It must not overlap with -any other subnet being used by OpenShift or by the node network. The size of the -subnet must be larger than the number of nodes. Once set, the value is immutable -and cannot be modified in subsequent updates. +

v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway +router logical router port (LRP) addresses and masquerade/SNAT traffic within +the OVN logical topology. It must not overlap with any other subnet being used +by OpenShift or by the node network. The size of the subnet must be larger than +the number of nodes. +This field is distinct from ipv4.internalJoinSubnet, which configures the subnet +for the join switch that interconnects per-node gateway routers with the cluster +router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes +internal networks and can be configured independently to avoid overlaps with +existing network infrastructure. +Once set, the value is immutable and cannot be modified in subsequent updates. The default is 100.64.0.0/16. The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -13965,11 +13971,17 @@ string (Optional) -

v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the -default one is being already used by something else. It must not overlap with -any other subnet being used by OpenShift or by the node network. The size of the -subnet must be larger than the number of nodes. Once set, the value is immutable -and cannot be modified in subsequent updates. +

v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway +router logical router port (LRP) addresses and masquerade/SNAT traffic within +the OVN logical topology. It must not overlap with any other subnet being used +by OpenShift or by the node network. The size of the subnet must be larger than +the number of nodes. +This field is distinct from ipv6.internalJoinSubnet, which configures the subnet +for the join switch that interconnects per-node gateway routers with the cluster +router. Both default to fd98::/64 but control different OVN-Kubernetes internal +networks and can be configured independently to avoid overlaps with existing +network infrastructure. +Once set, the value is immutable and cannot be modified in subsequent updates. The default is fd98::/64. The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an IPv6 address followed by a slash and a prefix length. The prefix length must diff --git a/vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/operator.go b/vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/operator.go index 0b58a6a51092..5c4160fb257a 100644 --- a/vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/operator.go +++ b/vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/operator.go @@ -118,11 +118,17 @@ type OVNKubernetesConfig struct { // +optional MTU int32 `json:"mtu,omitempty"` - // v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the - // default one is being already used by something else. It must not overlap with - // any other subnet being used by OpenShift or by the node network. The size of the - // subnet must be larger than the number of nodes. Once set, the value is immutable - // and cannot be modified in subsequent updates. + // v4InternalSubnet configures the IPv4 subnet used by OVN-Kubernetes for gateway + // router logical router port (LRP) addresses and masquerade/SNAT traffic within + // the OVN logical topology. It must not overlap with any other subnet being used + // by OpenShift or by the node network. The size of the subnet must be larger than + // the number of nodes. + // This field is distinct from ipv4.internalJoinSubnet, which configures the subnet + // for the join switch that interconnects per-node gateway routers with the cluster + // router. Both default to 100.64.0.0/16 but control different OVN-Kubernetes + // internal networks and can be configured independently to avoid overlaps with + // existing network infrastructure. + // Once set, the value is immutable and cannot be modified in subsequent updates. // The default is 100.64.0.0/16. // The value must be in IPv4 CIDR notation (e.g., 192.168.0.0/16), consisting of // four decimal octets (0-255) separated by dots, followed by a slash and a prefix @@ -139,11 +145,17 @@ type OVNKubernetesConfig struct { // +optional V4InternalSubnet string `json:"v4InternalSubnet,omitempty"` - // v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the - // default one is being already used by something else. It must not overlap with - // any other subnet being used by OpenShift or by the node network. The size of the - // subnet must be larger than the number of nodes. Once set, the value is immutable - // and cannot be modified in subsequent updates. + // v6InternalSubnet configures the IPv6 subnet used by OVN-Kubernetes for gateway + // router logical router port (LRP) addresses and masquerade/SNAT traffic within + // the OVN logical topology. It must not overlap with any other subnet being used + // by OpenShift or by the node network. The size of the subnet must be larger than + // the number of nodes. + // This field is distinct from ipv6.internalJoinSubnet, which configures the subnet + // for the join switch that interconnects per-node gateway routers with the cluster + // router. Both default to fd98::/64 but control different OVN-Kubernetes internal + // networks and can be configured independently to avoid overlaps with existing + // network infrastructure. + // Once set, the value is immutable and cannot be modified in subsequent updates. // The default is fd98::/64. // The value must be in IPv6 CIDR notation (e.g., fd98::/64), consisting of an // IPv6 address followed by a slash and a prefix length. The prefix length must