docs: add docs for vpc

Co-authored-by: fanriming <fanriming@chinatelecom.cn>

README.md

@@ -37,6 +37,7 @@ The Kube-OVN community is waiting for you participation!
 - **Vlan Support**: Kube-OVN also support underlay Vlan mode network for better performance and throughput.
 - **DPDK Support**: DPDK application now can run in Pod with OVS-DPDK.
 - **ARM Support**: Kube-OVN can run on x86_64 and arm64 platforms.
+- **VPC Support**: Multi-tenant network with overlapped address spaces.
 - **TroubleShooting Tools**: Handy tools to diagnose, trace, monitor and dump container network traffic to help troubleshooting complicate network issues.
 - **Prometheus & Grafana Integration**: Exposing network quality metrics like pod/node/service/dns connectivity/latency in Prometheus format.
 
@@ -80,6 +81,7 @@ If you want to install Kubernetes from scratch, you can try [kubespray](https://
 - [Webhook](docs/webhook.md)
 - [IPv6](docs/ipv6.md)
 - [DualStack](docs/dual-stack.md)
+- [VPC](docs/vpc.md)
 - [Tracing/Diagnose/Dump Traffic with Kubectl Plugin](docs/kubectl-plugin.md)
 - [Prometheus Integration](docs/prometheus.md)
 - [Metrics](docs/ovn-ovs-monitor.md)

docs/dpdk.md

@@ -210,7 +210,6 @@ Create the Pod Spec, name it pod.yaml
 apiVersion: v1
 kind: Pod
 metadata:
-  generateName: testpmd-dpdk-
   annotations:
     k8s.v1.cni.cncf.io/networks: ovs-dpdk-br0, ovs-dpdk-br0
 spec:
@@ -255,7 +254,6 @@ The pod spec needs to be updated as shown below. The name of the volumeMount nee
 <pre><code>apiVersion: v1
 kind: Pod
 metadata:
-  generateName: testpmd-dpdk-
   annotations:
     k8s.v1.cni.cncf.io/networks: ovs-dpdk-br0, ovs-dpdk-br0
 spec:

docs/vpc.md

@@ -0,0 +1,108 @@
+# VPC
+
+From v1.6.0, users can create custom VPC. Each VPC has independent address space, users can set overlapped CIDR, Subnet and Routes.
+
+By default, all subnets without VPC options belong to the default VPC. All functions and usages remain unchanged for users who are not intended to use custom VPC.
+
+*To connect custom VPC network with the external network, custom gateway is needed. This part of work is still work in progress.*
+
+## Steps
+1. Create a custom VPC
+```
+kind: Vpc
+metadata:
+  name: test-vpc-1
+spec:
+  namespaces:
+  - ns1
+---
+kind: Vpc
+metadata:
+  name: test-vpc-2
+spec: {}
+```
+
+The `namespace` list can limit which namespace can bind to the VPC, no limit if the list is empty
+
+2. Create subnet
+```
+kind: Subnet
+apiVersion: kubeovn.io/v1
+metadata:
+  name: net1
+spec:
+  vpc: test-vpc-1
+  namespaces:
+    - ns1
+  cidrBlock: 10.0.1.0/24
+  default: true
+  gatewayType: distributed
+  natOutgoing: false
+  private: false
+  protocol: IPv4
+  provider: ovn
+  underlayGateway: false
+ 
+---
+kind: Subnet
+apiVersion: kubeovn.io/v1
+metadata:
+  name: net2
+spec:
+  vpc: test-vpc-2
+  cidrBlock: 10.0.1.0/24
+  default: false
+  gatewayType: distributed
+  natOutgoing: false
+  private: false
+  protocol: IPv4
+  provider: ovn
+  underlayGateway: false
+```
+
+In the examples above, two subnet in different VPCs can use same IP space
+
+3. Create Pod 
+
+Pod can inherent VPC from the namespace or explicitly bind to subnet by annotation
+```
+apiVersion: v1
+kind: Pod
+metadata:
+  annotations:
+    ovn.kubernetes.io/logical_switch: ne1
+  namespace: default
+  name: vpc1-pod
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  annotations:
+    ovn.kubernetes.io/logical_switch: ne2
+  namespace: default
+  name: vpc2-pod
+```
+
+4. Custom routes
+
+VPC level policy routes to orchestrate traffic.
+
+```
+kind: Vpc
+metadata:
+  name: test-vpc-1
+spec:
+  staticRoutes:
+    - cidr: 0.0.0.0/0
+      nextHopIP: 10.0.1.254
+      policy: policyDst
+    - cidr: 172.31.0.0/24
+      nextHopIP: 10.0.1.253
+      policy: policySrc
+```
+
+## Custom VPC limitation
+
+- Custom VPC can not access host network
+- Not support DNS/Service/Loadbalancer
+- Not support EIP/SNAT