Observing node network state
Node network state is the network configuration for all nodes in the cluster.
About nmstate
OpenShift Container Platform uses nmstate to report on and configure the state of the node network. This makes it possible to modify network policy configuration, such as by creating a Linux bridge on all nodes, by applying a single configuration manifest to the cluster.
Node networking is monitored and updated by the following objects:
NodeNetworkState
Reports the state of the network on that node.
NodeNetworkConfigurationPolicy
Describes the requested network configuration on nodes. You update the node network configuration, including adding and removing interfaces, by applying a NodeNetworkConfigurationPolicy
manifest to the cluster.
NodeNetworkConfigurationEnactment
Reports the network policies enacted upon each node.
OpenShift Container Platform supports the use of the following nmstate interface types:
Linux Bridge
VLAN
Bond
Ethernet
If your OKD cluster uses OVN-Kubernetes as the network plugin, you cannot attach a Linux bridge or bonding to the default interface of a host because of a change in the host network topology of OVN-Kubernetes. As a workaround, use a secondary network interface connected to your host or switch to the OpenShift SDN network plugin. |
Viewing the network state of a node by using the CLI
A NodeNetworkState
object exists on every node in the cluster. This object is periodically updated and captures the state of the network for that node.
Procedure
List all the
NodeNetworkState
objects in the cluster:$ oc get nns
Inspect a
NodeNetworkState
object to view the network on that node. The output in this example has been redacted for clarity:$ oc get nns node01 -o yaml
Example output
apiVersion: nmstate.io/v1
kind: NodeNetworkState
metadata:
name: node01 (1)
status:
currentState: (2)
dns-resolver:
# ...
interfaces:
# ...
route-rules:
# ...
routes:
# ...
lastSuccessfulUpdateTime: "2020-01-31T12:14:00Z" (3)
1 The name of the NodeNetworkState
object is taken from the node.2 The currentState
contains the complete network configuration for the node, including DNS, interfaces, and routes.3 Timestamp of the last successful update. This is updated periodically as long as the node is reachable and can be used to evalute the freshness of the report.
Viewing the network state of a node from the web console
As an administrator, you can use the OKD web console to observe NodeNetworkState
resources and network interfaces, and access network details.
Procedure
Navigate to Networking → NodeNetworkState.
In the NodeNetworkState page, you can view the list of
NodeNetworkState
resources and the corresponding interfaces that are created on the nodes. You can use Filter based on Interface state, Interface type, and IP, or the search bar based on criteria Name or Label, to narrow down the displayedNodeNetworkState
resources.To access the detailed information about
NodeNetworkState
resource, click theNodeNetworkState
resource name listed in the Name column .to expand and view the Network Details section for the
NodeNetworkState
resource, click the > icon . Alternatively, you can click on each interface type under the Network interface column to view the network details.