NMState Operator integration for workload clusters based on openSUSE Leap Micro 6.x OS

Summary

The NMState operator provides a declarative node network configuration API for Kubernetes, making it a valuable addition to manage node networking in RKE clusters after they were deployed, without needing

K8s NMState operator is leveraging the northbound API of nmstate, having as an unique provider NetworkManager, so using the operator is limited to nodes OS like openSUSE Leap Micro 6.x that support NM.

Related references

https://nmstate.io/kubernetes-nmstate/examples.html

https://github.com/nmstate/kubernetes-nmstate

Details

Use-cases that will benefit from the declarative approach facilitated by K8s NMState operator:

Multus macvlan/ipvlan network attachment definitions - create node vlan interfaces that act as master for multus NADs macvlan/ipvlan;
Egress using node interfaces - creating extra vlan interfaces, with IP addresses and static routes on nodes, in situations when egress pod traffic will need to be sent and SNATed on node interfaces pointing to other vrfs, not on the primary node interface;
Kubevirt VMs and pods attached through Multus bridge CNI - attaching node interfaces to a bridge used part of a NAD - as described in issue;

Summary of node network configuration needs:

vlan interfaces with or without IP addresses configured
static routes
bridge interfaces
binding a node interface to a bridge

This operator should be integrated as an optional Sylva unit that can be enabled only on clusters that use openSUSE Leap Micro OS.

Edited Nov 17, 2025 by Vlad Onutu