secondary bridge required for AnreaIPAM configured

[john5985]

Describe the bug
There is a feature "Support bridging and VLAN network for Pod secondary interfaces" as in #5278. This feature is currently in a PR #5427. This feature requires Whereabouts for IPAM.

However, in my use case, I slices SRIOV NIC into multiple VF interfaces and all these interfaces to be connected to this second bridge without any IP. IP packets received from these interfaces (or ports), except for ARP, will be fan out to pods behind this second bridge.

To Reproduce
Jian Jun said this is the current behavior.

Expected
if configured
secondaryNetwork:
ovsBridges: [{"bridgeName": "br2", "physicalInterfaces": ["eth1", "eth2"]}]

1. br2 will be created as an OVS bridge in network init namespace.
2. if eth1 is present, ovs-vsctl add-port br2 eth1
3. if eth2 is present, ovs-vsctl add-port br2 eth2
   ...

Actual behavior
Currently if AntreaIPAM not configured, br2 may not be created.

Versions:
Please provide the following information:

• Antrea version (Docker image tag): 1.14
• Kubernetes version (use kubectl version): v1.28.1.
• Container runtime: containerd containerd.io 1.6.24
• Linux kernel version on the Kubernetes Nodes (uname -r): Ubuntu 5.15.0-88-generic
• If you chose to compile the Open vSwitch kernel module manually instead of using the kernel module built into the Linux kernel, which version of the OVS kernel module are you using? Include the output of modinfo openvswitch for the Kubernetes Nodes. 2.17.7

Additional context

[jianjuns]

Thanks for raising the feature request. I agree it is a valid use case to create secondary interfaces without IPAM. We can definitely support this.

Currently if AntreaIPAM not configured, br2 may not be created.

A correction - secondary bridge can still be created even AntreaIPAM is not configured, but secondary interface creation for Pods will fail due to IPAM error.