[FEATURE] Add VLAN network for VM to support multiple or all VLANID

[yaocw2020]

Is your feature request related to a problem? Please describe.

When building Harvester in Harvester, the inner Harvester's VLAN network will be ineffective, because the veth on the host end (outer Harvester host) only allows package with only one VLAN tag.

Describe the solution you'd like

There are two possible solutions.

• Modify bridge CNI to support multiple VLAN ID.
• Add an additional parameter in VLAN configuration for Harvester-network-controller to allow multiple VLAN ID.

Describe alternatives you've considered

Additional context

[futuretea]

Using ovs instead of bridge seems better

[yaocw2020]

Harvester in Harvester can‘t also support bond.

[tjjh89017]

Note:
after checking linux bridge kernel code [1], while vlan_filtering is disable, it will transfer all traffic to destination port
(include vlan tagged packet)
Kubevirt also disable mac learning in bridge inside Pod [2], so we can consider the network inside Pod is L1 transparent network.

once CNI bridge accept the patch[3] to support vlan trunk, and we can start to patch network-controller to support vlan networks

[1] https://elixir.bootlin.com/linux/latest/source/net/bridge/br_vlan.c#L601
[2] https://github.com/kubevirt/kubevirt/blob/main/pkg/network/infraconfigurators/bridge.go#L151
[3] containernetworking/plugins#689

[pandalec]

Any news regarding this? It would be nice to have an option like VMware's VLANID 4095

[tjjh89017]

Any news regarding this? It would be nice to have an option like VMware's VLANID 4095

Currently, Bridge CNI Plugin didn't support VLAN trunk mode for Pods.
So it should wait for that issue first.

[pandalec]

Any news regarding this? It would be nice to have an option like VMware's VLANID 4095

Currently, Bridge CNI Plugin didn't support VLAN trunk mode for Pods. So it should wait for that issue first.

ovs would support it, like @futuretea mentioned

[tjjh89017]

Any news regarding this? It would be nice to have an option like VMware's VLANID 4095

Currently, Bridge CNI Plugin didn't support VLAN trunk mode for Pods. So it should wait for that issue first.

ovs would support it, like @futuretea mentioned

It will take some effort to change CNI plugin.
We will discuss these in the future.
Thanks for comment

[pandalec]

It will take some effort to change CNI plugin. We will discuss these in the future. Thanks for comment

Thank you!

[guangbochen]

The upstream bridge PR containernetworking/plugins#829 is merged, we may continue our investigation about this, thanks.

[ER-EPR]

Hope this could be implemented soon, now my opnsense dhcp is a mess. The dhcp on one port is able to reach clients connected through other ports, as if they were internally connected.