Merge pull request #2669 from spidernet-io/robot/cherrypick/pr2661/re…

…lease-v0.8

docs: Fix NetworkManager manager ifacer's interface

docs/concepts/coordinator-zh_CN.md

@@ -10,6 +10,16 @@ Spiderpool 内置一个叫 `coordinator` 的 CNI meta-plugin, 它在 Main CNI 
 - 支持检测 Pod 的网关是否可达
 - 支持固定 Pod 的 Mac 地址前缀
 
+注意: 如果您的操作系统是使用 NetworkManager 的 OS，比如 Fedora、Centos等，强烈建议配置 NetworkManager 的配置文件(/etc/NetworkManager/conf.d/spidernet.conf)，避免 NetworkManager 干扰 `coordinator` 创建的 Veth 虚拟接口，影响通信:
+
+```shell
+~# cat << EOF | > /etc/NetworkManager/conf.d/spidernet.conf
+> [keyfile]
+> unmanaged-devices=interface-name:^veth*
+> EOF
+~# systemctl restart NetworkManager
+```
+
 下面我们将详细的介绍 `coordinator` 如何解决或实现这些功能。
 
 ## CNI 配置字段说明

docs/concepts/coordinator.md

@@ -10,6 +10,17 @@ Spiderpool incorporates a CNI meta-plugin called `coordinator` that works after
 - Check the reachability of Pod gateways
 - Support fixed Mac address prefixes for Pods
 
+Note: If your OS(such as Fedora, CentOS, etc.) uses NetworkManager, highly recommend configuring following configuration file at `/etc/NetworkManager/conf.d/spidernet.conf` to 
+prevent interference from NetworkManager with veth interfaces created through `coordinator`:
+
+```shell
+~# cat << EOF | > /etc/NetworkManager/conf.d/spidernet.conf
+> [keyfile]
+> unmanaged-devices=interface-name:^veth*
+> EOF
+~# systemctl restart NetworkManager
+```
+
 Let's delve into how coordinator implements these features.
 
 ## CNI fields description

docs/reference/plugin-ifacer.md

@@ -10,9 +10,21 @@ This plugin dynamically creates VLAN sub-interfaces or Bond interfaces on the no
 - Support dynamic creation of VLAN sub-interfaces
 - Support dynamic creation of Bond interfaces
 
-> The VLAN/Bond interfaces created by this plugin will be lost when the node restarts, but they will be automatically recreated upon the Pod restarts
-> Deleting existed VLAN/Bond interfaces is not supported
-> Configuring the address of VLAN/Bond interfaces during creation is not supported
+## Notes
+
+1. The VLAN/Bond interfaces created by this plugin will be lost when the node restarts, but they will be automatically recreated upon the Pod restarts.
+2. Deleting existed VLAN/Bond interfaces is not supported.
+3. Configuring the address of VLAN/Bond interfaces during creation is not supported.
+4. If your OS(such as Fedora, CentOS, etc.) uses NetworkManager, Highly recommend configuring following configuration file at `/etc/NetworkManager/conf.d/spidernet.conf` to prevent interference from NetworkManager with Vlan and Bond interfaces created by `Ifacer`:
+
+```shell
+~# INTERFACE=<your_interface_name>
+~# cat << EOF | > /etc/NetworkManager/conf.d/spidernet.conf
+> [keyfile]
+> unmanaged-devices=interface-name:^veth*;interface-name:${INTERFACE}
+> EOF
+~# systemctl restart NetworkManager
+```
 
 ## Prerequisite
 

docs/usage/install/underlay/get-started-kind-zh_CN.md

@@ -22,6 +22,21 @@ Kind 是一个使用 Docker 容器节点运行本地 Kubernetes 集群的工具
 
 * 执行 `make dev-doctor`，检查本地主机上的开发工具是否满足部署 Kind 集群与 Spiderpool 的条件，如果缺少组件会为您自动安装。
 
+* 如果您使用如 Fedora、Centos 等 OS， 并且使用 NetworkManager 管理和配置网络，在以下场景时建议您需要配置 NetworkManager:
+
+  1. 如果你使用 Underlay 模式，`coordinator` 会在主机上创建 veth 接口，为了防止 NetworkManager 干扰 veth 接口, 导致 Pod 访问异常。我们需要配置 NetworkManager，使其不纳管这些 Veth 接口。
+
+  2. 如果你通过 `Iface`r 创建 Vlan 和 Bond 接口，NetworkManager 可能会干扰这些接口，导致 Pod 访问异常。我们需要配置 NetworkManager，使其不纳管这些 Veth 接口。
+
+      ```shell
+      ~# IFACER_INTERFACE="<NAME>"
+      ~# cat << EOF | > /etc/NetworkManager/conf.d/spidernet.conf
+      > [keyfile]
+      > unmanaged-devices=interface-name:^veth*;interface-name:${IFACER_INTERFACE}
+      > EOF
+      ~# systemctl restart NetworkManager
+      ```
+
 ## Spiderpool 脚本支持的多种安装模式
 
 如果您在中国大陆，安装时可以额外指定参数 `-e E2E_CHINA_IMAGE_REGISTRY=true` ，以帮助您更快的拉取镜像。

docs/usage/install/underlay/get-started-kind.md

@@ -22,6 +22,21 @@ Kind is a tool for running local Kubernetes clusters using Docker container "nod
 
 * Execute `make dev-doctor` to check that the development tools on the local host meet the conditions for deploying a Kind cluster with Spiderpool, and that the components are automatically installed for you if they are missing.
 
+* If your OS is such as Fedora and CentOS and uses NetworkManager to manage network configurations, you need to configure NetworkManager in the following scenarios:
+
+    1. If you are using Underlay mode, the `coordinator` will create veth interfaces on the host. To prevent interference from NetworkManager with the veth interface. It is strongly recommended that you configure NetworkManager.
+
+    2. If you create VLAN and Bond interfaces through Ifacer, NetworkManager may interfere with these interfaces, leading to abnormal pod access. It is strongly recommended that you configure NetworkManager.
+
+        ```shell
+        ~# IFACER_INTERFACE="<NAME>"
+        ~# cat << EOF | > /etc/NetworkManager/conf.d/spidernet.conf
+        > [keyfile]
+        > unmanaged-devices=interface-name:^veth*;interface-name:${IFACER_INTERFACE}
+        > EOF
+        ~# systemctl restart NetworkManager
+        ```
+
 ## Various installation modes supported by Spiderpool script
 
 If you are mainland user who is not available to access ghcr.io, Additional parameter `-e E2E_CHINA_IMAGE_REGISTRY=true` can be specified during installation to help you pull images faster.

docs/usage/install/underlay/get-started-macvlan-zh_CN.md

@@ -16,6 +16,22 @@ Spiderpool 可用作 Underlay 网络场景下提供固定 IP 的一种解决方
 
 2. 已安装 [Helm](https://helm.sh/docs/intro/install/)
 
+3. 如果您使用如 Fedora、Centos 等 OS， 并且使用 NetworkManager 管理和配置网络，在以下场景时建议您需要配置 NetworkManager:
+
+    * 如果你使用 Underlay 模式，`coordinator` 会在主机上创建 veth 接口，为了防止 NetworkManager 干扰 veth 接口, 导致 Pod 访问异常。我们需要配置 NetworkManager，使其不纳管这些 Veth 接口。
+
+    * 如果你通过 `Iface`r 创建 Vlan 和 Bond 接口，NetworkManager 可能会干扰这些接口，导致 Pod 访问异常。我们需要配置 NetworkManager，使其不纳管这些 Veth 接口。
+
+      ```shell
+      ~# IFACER_INTERFACE="<NAME>"
+      ~# cat << EOF | > /etc/NetworkManager/conf.d/spidernet.conf
+      > [keyfile]
+      > unmanaged-devices=interface-name:^veth*;interface-name:${IFACER_INTERFACE}
+      > EOF
+      ~# systemctl restart NetworkManager
+      ```
+
+
 ## 安装 Spiderpool
 
 1. 安装 Spiderpool。

docs/usage/install/underlay/get-started-macvlan.md

@@ -16,6 +16,21 @@ Spiderpool provides a solution for assigning static IP addresses in underlay net
 
 2. [Helm](https://helm.sh/docs/intro/install/) has been already installed.
 
+3. If your OS is such as Fedora and CentOS and uses NetworkManager to manage network configurations, you need to configure NetworkManager in the following scenarios:
+
+    * If you are using Underlay mode, the `coordinator` will create veth interfaces on the host. To prevent interference from NetworkManager with the veth interface. It is strongly recommended that you configure NetworkManager.
+
+    * If you create VLAN and Bond interfaces through Ifacer, NetworkManager may interfere with these interfaces, leading to abnormal pod access. It is strongly recommended that you configure NetworkManager.
+
+      ```shell
+      ~# IFACER_INTERFACE="<NAME>"
+      ~# cat << EOF | > /etc/NetworkManager/conf.d/spidernet.conf
+      > [keyfile]
+      > unmanaged-devices=interface-name:^veth*;interface-name:${IFACER_INTERFACE}
+      > EOF
+      ~# systemctl restart NetworkManager
+      ```
+
 ## Install Spiderpool
 
 1. Install Spiderpool.

docs/usage/install/underlay/get-started-ovs-zh_CN.md

@@ -21,6 +21,22 @@ Spiderpool 可用作 Underlay 网络场景下提供固定 IP 的一种解决方
     ~# sudo systemctl start openvswitch-switch
     ```
 
+4. 如果您使用如 Fedora、Centos 等 OS， 并且使用 NetworkManager 管理和配置网络，在以下场景时建议您需要配置 NetworkManager:
+
+    * 如果你使用 Underlay 模式，`coordinator` 会在主机上创建 veth 接口，为了防止 NetworkManager 干扰 veth 接口, 导致 Pod 访问异常。我们需要配置 NetworkManager，使其不纳管这些 Veth 接口。
+
+    * 如果你通过 `Iface`r 创建 Vlan 和 Bond 接口，NetworkManager 可能会干扰这些接口，导致 Pod 访问异常。我们需要配置 NetworkManager，使其不纳管这些 Veth 接口。
+
+      ```shell
+      ~# IFACER_INTERFACE="<NAME>"
+      ~# cat << EOF | > /etc/NetworkManager/conf.d/spidernet.conf
+      > [keyfile]
+      > unmanaged-devices=interface-name:^veth*;interface-name:${IFACER_INTERFACE}
+      > EOF
+      ~# systemctl restart NetworkManager
+      ```
+
+
 ## 安装 Spiderpool
 
 1. 安装 Spiderpool。

docs/usage/install/underlay/get-started-ovs.md

@@ -21,6 +21,21 @@ Spiderpool can be used as a solution to provide fixed IPs in an Underlay network
     ~# sudo systemctl start openvswitch-switch
     ```
 
+4. If your OS is such as Fedora and CentOS and uses NetworkManager to manage network configurations, you need to configure NetworkManager in the following scenarios:
+
+    * If you are using Underlay mode, the `coordinator` will create veth interfaces on the host. To prevent interference from NetworkManager with the veth interface. It is strongly recommended that you configure NetworkManager.
+
+    * If you create VLAN and Bond interfaces through Ifacer, NetworkManager may interfere with these interfaces, leading to abnormal pod access. It is strongly recommended that you configure NetworkManager.
+
+      ```shell
+      ~# IFACER_INTERFACE="<NAME>"
+      ~# cat << EOF | > /etc/NetworkManager/conf.d/spidernet.conf
+      > [keyfile]
+      > unmanaged-devices=interface-name:^veth*;interface-name:${IFACER_INTERFACE}
+      > EOF
+      ~# systemctl restart NetworkManager
+      ```
+
 ## Install Spiderpool
 
 1. Install Spiderpool.

docs/usage/install/underlay/get-started-sriov-zh_CN.md

@@ -30,6 +30,22 @@ Spiderpool 可用作 underlay 网络场景下提供固定 IP 的一种解决方
         Capabilities: [180] Single Root I/O Virtualization (SR-IOV)      
         ```
 
+4. 如果您使用如 Fedora、Centos 等 OS， 并且使用 NetworkManager 管理和配置网络，在以下场景时建议您需要配置 NetworkManager:
+
+    * 如果你使用 Underlay 模式，`coordinator` 会在主机上创建 veth 接口，为了防止 NetworkManager 干扰 veth 接口, 导致 Pod 访问异常。我们需要配置 NetworkManager，使其不纳管这些 Veth 接口。
+
+    * 如果你通过 `Ifacer` 创建 Vlan 和 Bond 接口，NetworkManager 可能会干扰这些接口，导致 Pod 访问异常。我们需要配置 NetworkManager，使其不纳管这些 Veth 接口。
+
+      ```shell
+      ~# IFACER_INTERFACE="<NAME>"
+      ~# cat << EOF | > /etc/NetworkManager/conf.d/spidernet.conf
+      > [keyfile]
+      > unmanaged-devices=interface-name:^veth*;interface-name:${IFACER_INTERFACE}
+      > EOF
+      ~# systemctl restart NetworkManager
+      ```
+
+
 ## 安装 Spiderpool
 
 1. 安装 Spiderpool。
@@ -185,6 +201,16 @@ Spiderpool 可用作 underlay 网络场景下提供固定 IP 的一种解决方
 
 5. 创建 SpiderMultusConfig 实例。
 
+    注意: 如果您的操作系统是使用 NetworkManager 的 OS，比如 Fedora Centos等，强烈建议配置 NetworkManager 的配置文件(/etc/NetworkManager/conf.d/spidernet.conf)，避免 NetworkManager 干扰 `coordinator` 创建的 Veth 虚拟接口，影响通信:
+    
+    ```shell
+    ~# cat << EOF | > /etc/NetworkManager/conf.d/spidernet.conf
+    > [keyfile]
+    > unmanaged-devices=interface-name:^veth*
+    > EOF
+    ~# systemctl restart NetworkManager
+    ```
+
     ```shell
     $ cat <<EOF | kubectl apply -f -
     apiVersion: spiderpool.spidernet.io/v2beta1

docs/usage/install/underlay/get-started-sriov.md

@@ -30,6 +30,21 @@ Spiderpool provides a solution for assigning static IP addresses in underlay net
         Capabilities: [180] Single Root I/O Virtualization (SR-IOV)      
         ```
 
+4. If your OS is such as Fedora and CentOS and uses NetworkManager to manage network configurations, you need to configure NetworkManager in the following scenarios:
+
+    * If you are using Underlay mode, the `coordinator` will create veth interfaces on the host. To prevent interference from NetworkManager with the veth interface. It is strongly recommended that you configure NetworkManager.
+
+    * If you create VLAN and Bond interfaces through Ifacer, NetworkManager may interfere with these interfaces, leading to abnormal pod access. It is strongly recommended that you configure NetworkManager.
+
+      ```shell
+      ~# IFACER_INTERFACE="<NAME>"
+      ~# cat << EOF | > /etc/NetworkManager/conf.d/spidernet.conf
+      > [keyfile]
+      > unmanaged-devices=interface-name:^veth*;interface-name:${IFACER_INTERFACE}
+      > EOF
+      ~# systemctl restart NetworkManager
+      ```
+
 ## Install Spiderpool
 
 1. Install Spiderpool.