Custom Resources

The module lifecycle stage: Preview

The Deckhouse Kubernetes Platform installs CRDs but does not remove them when a module is disabled. If you no longer need the created CRDs, delete them.

ClusterNetwork

Scope: Cluster
Version: v1alpha1

Defines the ClusterNetwork resource for configuring cluster-wide networks.

spec

object
Specification of the ClusterNetwork resource, defining network parameters.
- spec.parentNodeNetworkInterfaces
  
  object
  Required value
  
  Selector for choosing NodeNetworkInterfaces representing NICs to which the network is bound.
  - spec.parentNodeNetworkInterfaces.labelSelector
    
    object
    Required value
    - spec.parentNodeNetworkInterfaces.labelSelector.matchLabels
      
      object
      Required value
- spec.type
  
  string
  Required value
  The type of network. Supported values:
  - VLAN — a tagged VLAN will be configured on node’s corresponding NICs (i.e. eth0.100) to provide connectivity.
  - Access — corresponding NICs on nodes will be used directly to provide connectivity.
  Allowed values: Vlan, VLAN, Access
- spec.vlan
  
  object
  VLAN parameters for the network. Required for “Vlan” type.
  - spec.vlan.id
    
    integer
    Required value
    
    VLAN ID. Must be between 1 and 4094.
    
    Allowed values: 1 <= X <= 4094

Network

Scope: Namespaced
Version: v1alpha1

Defines the Network resource for configuring the user network in the cluster. It is used to manage VLAN and network parameters such as network class and VLAN ID.

spec

object
Network resource specification that defines the network parameters.
- spec.networkClass
  
  string
  Required value
  
  The network class to be used for this network.
  
  Minimal length: 1
  
  Pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
- spec.type
  
  string
  Required value
  
  The type of network.
  
  Default: VLAN
  
  Allowed values: VLAN
- spec.vlan
  
  object
  VLAN-specific parameters for the network.
  - spec.vlan.id
    
    integer
    VLAN ID from the available pool defined in corresponding NetworkClass.
    
    Allowed values: 1 <= X <= 4094

NetworkClass

Scope: Cluster
Version: v1alpha1

Defines the NetworkClass resource for pre-configuring user networks. The resource is referred in Network resource.

spec

object
- spec.vlan
  
  object
  Required value
  
  Specific options for VLAN-based networks.
  - spec.vlan.idPool
    
    array of strings
    Required value
    
    The array of allowed VLAN ID ranges.
    - spec.vlan.idPool.Element of the array
      
      string
      
      Pattern: ^\d+(-\d+)?$
  - spec.vlan.parentNodeNetworkInterfaces
    
    object
    Required value
    
    Selector for choosing NodeNetworkInterfaces representing NICs to which the network is bound.
    - spec.vlan.parentNodeNetworkInterfaces.labelSelector
      
      object
      Required value
      - spec.vlan.parentNodeNetworkInterfaces.labelSelector.matchLabels
        
        object

NodeNetworkInterface

Scope: Cluster
Version: v1alpha1

This resource describes and defines a network interface presented on Node. Used for discovering NICs and creating new interfaces like VLAN or Bond.

spec

object
- spec.bond
  
  object
  The bond interface parameters.
  - spec.bond.bondName
    
    string
    Required value
    
    The bond interface name.
  - spec.bond.memberNetworkInterfaces
    
    array of objects
    Required value
    
    The list of label selectors to match interfaces to bond.
    - spec.bond.memberNetworkInterfaces.labelSelector
      
      object
      - spec.bond.memberNetworkInterfaces.labelSelector.matchLabels
        
        object
        Required value
- spec.bridge
  
  object
  The bridge interface parameters.
  - spec.bridge.bridgeName
    
    string
    Required value
    
    The bridge interface name.
  - spec.bridge.memberNetworkInterfaces
    
    array of objects
    Required value
    
    The list of label selectors to match interfaces to bridge.
    - spec.bridge.memberNetworkInterfaces.labelSelector
      
      object
      - spec.bridge.memberNetworkInterfaces.labelSelector.matchLabels
        
        object
        Required value
- spec.heritage
  Deprecated
  string
  The way the node network interface was created. Service option for controllers.
  
  Allowed values: SDNDiscovered, NetworkController, Manual
- spec.nic
  
  object
  Parameters applicable to physical interfaces when spec.type is NIC.
  - spec.nic.bindingMode
    
    string
    Desired binding mode for the NIC.
    
    Allowed values: NetDev, VFIO-PCI, DPDK
  - spec.nic.pf
    
    object
    PF-specific settings for the NIC.
    - spec.nic.pf.sriov
      
      object
      SR-IOV configuration for the physical function.
      - spec.nic.pf.sriov.enabled
        
        boolean
        Enables SR-IOV on the physical function.
        
        Default: false
      - spec.nic.pf.sriov.numVFs
        
        integer
        Required value
        
        The number of Virtual Functions to expose when SR-IOV is enabled.
        
        Allowed values: 1 <= X
  - spec.nic.pfNodeNetworkInterfaceName
    
    string
    The name of the NodeNetworkInterface for the parent PF.
  - spec.nic.vf
    
    object
    Virtual Function specific configuration.
    - spec.nic.vf.linkState
      
      string
      Sets the link state for the VF.
      
      Auto: The link state is determined by the PF’s link state.
      
      Enable: The link is always up.
      
      Disable: The link is always down.
      
      Allowed values: Auto, Enable, Disable
    - spec.nic.vf.mac
      
      string
      MAC address assigned to the VF.
      
      Pattern: ^([0-9a-f]{2}:){5}[0-9a-f]{2}$
    - spec.nic.vf.mtu
      
      integer
      MTU configured on the VF.
      
      Allowed values: 68 <= X <= 9978
    - spec.nic.vf.queryRSS
      
      boolean
      Enables or disables querying RSS configuration for the VF.
    - spec.nic.vf.spoofCheck
      
      boolean
      Enables or disables MAC address spoofing check for the VF.
    - spec.nic.vf.trust
      
      boolean
      Enables or disables trust mode for the VF.
    - spec.nic.vf.vlan
      
      integer
      VLAN tag assigned to the VF.
      
      Allowed values: 0 <= X <= 4094
- spec.nodeName
  
  string
  Required value
  
  The name of the Node the interface belongs to.
- spec.type
  
  string
  Required value
  The type of the interface. Options:
  - NIC — the physical interface.
  - VLAN — a VLAN configured on some other interface.
  - Bond — an aggregated interface.
  - Bridge — a bridge interface.
  Allowed values: NIC, VLAN, Bond, Bridge
- spec.vlan
  
  object
  The vlan interface parameters.
  - spec.vlan.id
    
    integer
    Required value
    
    The vlan id.
  - spec.vlan.parentNetworkInterface
    
    object
    Required value
    
    The selector to match the parent interface.
    - spec.vlan.parentNetworkInterface.labelSelector
      
      object
      Required value
      - spec.vlan.parentNetworkInterface.labelSelector.matchLabels
        
        object
        Required value

UnderlayNetwork

Scope: Cluster
Version: v1alpha1

UnderlayNetwork defines physical network interfaces (PF and VF) available for direct attachment to pods via Dynamic Resource Allocation (DRA). This resource enables hardware device passthrough for high-performance workloads such as DPDK applications. Selected interfaces are published as DRA devices that can be claimed by pods using ResourceClaim templates.

spec

object
- spec.autoBonding
  
  boolean
  Enable automatic grouping of interfaces when multiple PFs on a single node match the selector. Immutable. In Shared mode: When enabled, the controller groups one VF from each matched PF into a single DRA device. Each such device contains multiple VFs (one per matched PF) that are exposed to the pod as separate network interfaces. The number of grouped devices equals the smallest VF count among all matched PFs. If grouping cannot be assembled (e.g., some PF has no VFs), a warning is logged and device publication is skipped until grouping becomes possible. When disabled, each VF is published as a separate DRA device. In Dedicated mode: When enabled, all matched PFs on a node are grouped into a single DRA device, exposing all PFs to the pod as separate interfaces. When disabled, each PF is published as a separate DRA device. Note: This does not create kernel-level bonding interfaces inside the pod. The interfaces are simply passed through as individual interfaces, allowing applications (e.g., DPDK) to handle bonding/aggregation at the application level.
  
  Default: true
- spec.memberNodeNetworkInterfaces
  
  array of objects
  Required value
  
  Label selectors for NodeNetworkInterface resources representing NIC’s Physical Functions (PF) that will be used for device allocation. Only PF interfaces (not VF) should be selected. The controller will automatically configure and use VFs when operating in Shared mode.
  - spec.memberNodeNetworkInterfaces.labelSelector
    
    object
    - spec.memberNodeNetworkInterfaces.labelSelector.matchLabels
      
      object
      Required value
- spec.mode
  
  string
  Device allocation mode that determines how physical interfaces are exposed to pods. Shared (default): Creates Virtual Functions (VF) from selected Physical Functions (PF) using SR-IOV, allowing multiple pods to share the same hardware. Each pod receives one or more VFs. When autoBonding is enabled, one VF from each matched PF is grouped into a single DRA device, exposing multiple interfaces to the pod (one per PF). Dedicated: Exposes each matching PF as an exclusive device without SR-IOV. When autoBonding is enabled, all matched PFs on a node are grouped into a single DRA device, exposing all PFs to the pod as separate interfaces. When autoBonding is disabled, each PF is published as a separate DRA device. Suitable for workloads requiring maximum performance or when SR-IOV is not available.
  
  Default: Shared
  
  Allowed values: Dedicated, Shared
- spec.shared
  
  object
  Configuration parameters for Shared mode. Required when mode is set to “Shared”. In Shared mode, SR-IOV is used to create Virtual Functions from Physical Functions, enabling multiple pods to share the same network hardware.
  - spec.shared.sriov
    
    object
    SR-IOV configuration for creating Virtual Functions from selected Physical Functions. When enabled, the controller configures SR-IOV on matching PF interfaces and creates the specified number of VFs per PF. These VFs are then published as DRA devices that can be allocated to pods.
    - spec.shared.sriov.enabled
      
      boolean
      Required value
      
      Enable SR-IOV on selected Physical Functions. When true, VFs will be created according to numVFs setting.
    - spec.shared.sriov.numVFs
      
      integer
      Number of Virtual Functions to create per Physical Function. Must be greater than 0 when enabled is true. The actual number of VFs created may be limited by the hardware’s maximum supported VF count.
      
      Allowed values: 0 <= X

ClusterNetwork

Network

NetworkClass

NodeNetworkInterface

UnderlayNetwork

An error has occurred

Tell us what you didn’t like.

Custom Resources

ClusterNetwork

Network

NetworkClass

NodeNetworkInterface

UnderlayNetwork

An error has occurred

Tell us what you didn’t like.

Request trial access

Thank you

Error

Request callback

Thank you

Something went wrong

Book your sessions

Thank you

Error

Request demo

Thank you

Error

Get the PCI SSC Compliance Report

Thank you

Error