Oracle Cloud Infrastructure Documentation / Release Notes

OCI Kubernetes Engine (OKE) support for multiple secondary VNIC attachments

You can now attach multiple secondary VNICs to a node pool and configure each secondary VNIC profile independently with its own subnet, network security groups (NSGs), and IP allocation settings. Attaching multiple secondary VNICs enables three key capabilities:

  • Workload isolation through VNIC profiles.
  • Increased pod density, up to 256 pods per node, when used with Virtual Cloud Network (VCN) IP Enhancements. The VCN IP Enhancements enable a subnet to have up to 16 IPv4 CIDR blocks and 16 IPv6 prefixes.
  • Multi-interface pod networking through integration with Multus.

Note the following:

  • Attaching multiple secondary VNICs requires the OCI VCN-Native Pod Networking CNI plugin for pod networking. Multiple secondary VNIC for pod networking are not supported with the flannel CNI plugin.
  • Each node shape has a maximum VNIC limit. Verify that your chosen shape supports the number of VNIC profiles that you intend to configure. See Compute Shapes.
  • Make sure that subnets assigned to VNIC profiles are sized appropriately to accommodate the configured pod IP count (ipCount) per node.
  • To enable multi-interface pods, use Multus, NetworkAttachmentDefinitions (NADs), and the native OCI IPAM plugin with multiple secondary VNIC attachments.
  • Application Resources are only required when you want pods to select a specific secondary VNIC profile using scheduler-enforced resource requests.

To configure the attachment of multiple secondary VNICs to a node pool:

  1. Enable VCN-native pod networking when you create a cluster. See Creating a Cluster and Using the OCI VCN-Native Pod Networking CNI plugin for pod networking.
  2. Define one or more VNIC profiles, specifying the subnet, NSGs, and IP allocation settings for each. See Attaching Multiple Secondary VNICs for Pod Networking.
  3. Associate VNIC profiles with a node pool. See Deploying pods that use multiple secondary VNICs.

For more information, see Attaching Multiple Secondary VNICs for Pod Networking.