kube-ovn: update egress gateway document

[zhangzujian]

Summary by CodeRabbit

Documentation

• Restructured Egress Gateway configuration guide with improved organization and clearer explanations
• Added comparative analysis between Egress Gateway and centralized gateway approaches with selection guidance
• Enhanced setup workflow with detailed step-by-step configuration instructions
• Updated configuration examples and validation procedures with refined naming conventions
• Simplified operational guidance and troubleshooting resources

[coderabbitai]

Warning

Rate limit exceeded

@zhangzujian has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 46 minutes and 5 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 46 minutes and 5 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: fcc5a76f-6041-4ac3-b1c1-1c61967ded9c

📥 Commits

Reviewing files that changed from the base of the PR and between 13de139 and ecf263a.

📒 Files selected for processing (1)

• docs/en/configure/networking/how_to/kube_ovn/configure_egress_gateway.mdx

Walkthrough

This PR restructures and updates the Kube-OVN Egress Gateway configuration documentation, transitioning examples from macvlan-based to underlay-subnet/NAD naming conventions, reorganizing the content from Prerequisites/Usage into a numbered Before You Begin/Configuration Workflow format, adding a comparison table with centralized gateways, and consolidating operational guidance while removing parameter tables.

Changes

Cohort / File(s)	Summary
Section Restructuring and Navigation docs/en/configure/networking/how_to/kube_ovn/configure_egress_gateway.mdx	Restructured "About Egress Gateway" to "Overview" with explicit "Main capabilities" and "Current limitations" subsections. Added new "Egress Gateway vs. Centralized Gateway" comparison section with dimension table and selection guidance. Replaced "Prerequisites"/"Usage" flow with "Before You Begin" and "Configuration Workflow" including ordered steps (Steps 1–4).
Configuration Examples and Naming Updates docs/en/configure/networking/how_to/kube_ovn/configure_egress_gateway.mdx	Updated all configuration examples and explanations to use underlay-subnet/NAD naming (underlay-ext, VLAN external-vlan) instead of macvlan/eth1 approach. Updated VpcEgressGateway manifest examples with revised fields (internalSubnet, externalIPs) and changed workload scheduling selectors. Added namespace-qualified kubectl queries (-n default) to validation commands.
Operational Guidance Consolidation docs/en/configure/networking/how_to/kube_ovn/configure_egress_gateway.mdx	Replaced "Configuration Parameters" section and large parameter tables with shorter "Operations That May Interrupt Traffic" section. Modified BFD enablement section with explicit "VPC BFD LRP" dependency, reordered steps (enable BFD port → enable BFD on gateway → verify sessions), and updated command examples with namespace qualification. Updated documentation link references to v1.15.x.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• kube-ovn: update documents about vpc egress gateway #593 — Overlapping changes to the same egress gateway documentation file, both adding underlay-subnet guidance and BFD-related operational notes.
• add document for configuring MTU #485 — Modifies the same configuration documentation file with updates to egress gateway prerequisites and formatting.
• add docs for centralized gateway #422 — Updates the egress gateway documentation and adds the comparison section with centralized gateway, which this PR now incorporates directly.

Suggested reviewers

• oilbeater
• fanzy618

Poem

🐰 Hop along now, the gateway's renewed,
From macvlan mush to underlay groomed,
Steps numbered clean, examples so bright,
NAD and subnets shine in the light,
The docs dance along with BFD's delight! 🌐✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'kube-ovn: update egress gateway document' is directly related to the changeset, which updates the egress gateway documentation with new structure, examples, and operational guidance.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

docs/en/configure/networking/how_to/kube_ovn/configure_egress_gateway.mdx (1)

489-541: ⚠️ Potential issue | 🟡 Minor

Inconsistent VPC name between gateway2 spec and sample output.

The manifest on Line 496 sets vpc: ovn-cluster, but the example kubectl get veg output on Line 541 shows the VPC column as vpc1. Readers following the example will not see vpc1. Please align the two (either change the output to ovn-cluster, or change spec.vpc to vpc1 — noting that the surrounding lr-policy-list ovn-cluster commands and LRP outputs on Lines 548–566 assume the ovn-cluster VPC, so updating the kubectl get veg output is likely the correct fix).

Also worth double-checking: the OVN address-set hash $VEG.8ca38ae7da18 on Lines 556–557 is identical to the one shown for gateway1 on Lines 368–369. Since that identifier is derived from the gateway identity, it should differ between gateway1 and gateway2 — please regenerate this sample output from an actual gateway2 deployment.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@docs/en/configure/networking/how_to/kube_ovn/configure_egress_gateway.mdx`
around lines 489 - 541, The VPC name in the VpcEgressGateway manifest (metadata
name: gateway2, spec.vpc: ovn-cluster) does not match the sample `kubectl get
veg` output (VPC column shows vpc1) and the OVN address-set hash
($VEG.8ca38ae7da18) is duplicated from gateway1; update the sample output to use
VPC "ovn-cluster" and regenerate the gateway2-specific OVN identifiers
(address-set hash) so they differ from gateway1, ensuring consistency between
the manifest (spec.vpc), the `kubectl get veg` output, and the downstream
`lr-policy-list`/LRP outputs.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Outside diff comments:
In `@docs/en/configure/networking/how_to/kube_ovn/configure_egress_gateway.mdx`:
- Around line 489-541: The VPC name in the VpcEgressGateway manifest (metadata
name: gateway2, spec.vpc: ovn-cluster) does not match the sample `kubectl get
veg` output (VPC column shows vpc1) and the OVN address-set hash
($VEG.8ca38ae7da18) is duplicated from gateway1; update the sample output to use
VPC "ovn-cluster" and regenerate the gateway2-specific OVN identifiers
(address-set hash) so they differ from gateway1, ensuring consistency between
the manifest (spec.vpc), the `kubectl get veg` output, and the downstream
`lr-policy-list`/LRP outputs.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 041b8d41-b092-4595-bec1-6dc805c2d30e

📥 Commits

Reviewing files that changed from the base of the PR and between bfecdfa and 13de139.

📒 Files selected for processing (1)

• docs/en/configure/networking/how_to/kube_ovn/configure_egress_gateway.mdx