The Antrea-by-Broadcom Operator is now Red Hat certified for OpenShift 4.19. This Operator simplifies and accelerates Kubernetes networking, providing a powerful and flexible Container Network Interface (CNI) built for scale and multiplatform interoperability. This certification is a significant milestone for developers and administrators looking to streamline their networking stack on Red Hat OpenShift.
In this post, you'll learn how the Antrea-by-Broadcom Operator simplifies Kubernetes networking across diverse environments and how to deploy it.
OpenShift 4.19 enhancements for network operators
OpenShift 4.19 brings a number of enhancements, including:
- Improved platform stability across edge and multi-architecture environments
- Granular control over network plug-ins with enhanced support for non-default CNIs like Antrea
- Enhanced network observability and CRD-driven control of the
network.config.openshift.ioAPI - Stronger security posture through stricter admission policies and runtime security updates
With these enhancements, OpenShift 4.19 provides the perfect foundation for Operators like Antrea to fully leverage dynamic CR-based configuration and observability.
How the Antrea-by-Broadcom Operator simplifies networking
The Antrea-by-Broadcom Operator is a high-performance, Kubernetes-native networking solution that works across a variety of environments:
- VMware vSphere-based private cloud environments
- Bare metal clusters
- Public clouds (Amazon Web Services, Microsoft Azure, Google Cloud Platform)
It supports flexible encapsulation, high throughput, advanced policies, and seamless integration with the VMware NSX-T Data Center (NSX-T), which provides advanced software-defined networking (SDN), security, and visibility to container environments.
The certified Antrea-by-Broadcom Operator now makes deploying and managing this CNI even easier on OpenShift, as we'll describe in the following sections.
Operator-based deployment
The Antrea-by-Broadcom Operator simplifies installation and lifecycle management:
- A single CustomResourceDefinition (CRD) (
AntreaInstall) controls bothantrea-controllerandantrea-agent. - Dynamic config propagation to all components.
- Continuous monitoring of component health.
- Automatic reconciliation of cluster-wide network configuration (
network.config.openshift.io/v1).
This means you can declaratively define your network configuration once, and let the Operator do the heavy lifting—including detecting changes in a CIDR (Classless Inter-Domain Routing) and restarting affected pods as needed.
How to deploy the Antrea-by-Broadcom Operator on OpenShift 4.19
You can either install the Operator from OperatorHub using the web console or using the command line. The Antrea-by-Broadcom Operator monitors cluster network configuration CRD (Network.config.openshift.io/v1) to update the container network CIDRs and service network CIDRs used by Antrea.
First, you will need to generate install-config.yaml by using the openshift-install command.
$ openshift-install --dir=MY_CLUSTER create install-configEdit MY_CLUSTER/install-config.yaml to update the networking section. Change networkType to antrea (case insensitive). Set container network CIDR's clusterNetwork and serviceNetwork in MY_CLUSTER/install-config.yaml.
Create the manifest files:
$ openshift-install --dir=MY_CLUSTER create manifestsPut the operator YAML files from deploy/ to MY_CLUSTER/manifests. Edit operator.antrea.vmware.com_v1_antreainstall_cr.yaml to set Antrea configurations and image version.
Generate the ignition configuration files:
$ openshift-install --dir=MY_CLUSTER create ignition-configsThis bootstrap ignition file will be added to the Terraform .tfvars file.
The next step is to use Terraform to install the OpenShift 4 cluster on vSphere.
NSX-T integration
Running in a mixed environment? The Antrea-by-Broadcom CNI co-exists and interops with the VMware NSX-T. This makes it a strong choice for organizations migrating workloads or integrating on-premises SDN solutions with Kubernetes networking.
