Closed EmilienM closed 3 years ago
I'll rebase on top of #97
@mdbooth @mandre what do you think about this one?
Rather than bridging these private networks to an external network, could we instead add tunnels to them, and leave the routing of the tunnel traffic to the host? I'm just throwing this out there because it seems weird to bridge these networks: I have no idea if this is possible or practical. I agree we need a solution to this, though.
Perhaps @adduarte would have insight here.
Rather than bridging these private networks to an external network, could we instead add tunnels to them, and leave the routing of the tunnel traffic to the host? I'm just throwing this out there because it seems weird to bridge these networks: I have no idea if this is possible or practical. I agree we need a solution to this, though.
Another solution would be to connect OVS Bridges with patch ports, so no tunnels are involved. I'll test it, but honestly I don't think we should spend too much time on that business.
Or another solution again, is to configure the IP addresses on the dummy interfaces, and put the dummy interfaces under the br-ex bridge. So we don't have a bridge for control plane & provider network.
I just had a quick look at the OVS docs, and tunnels look pretty simple tbh. Almost certainly simpler than anything we'd hack up. Even an ipsec tunnel looks simple.
Whatever solution we pick I think it must be integrated with os-net-config, so it's persistent after a reboot and integrated with network scripts on the host.
this is now tested.
[root@standalone ~]# ovs-vsctl show
1183f4be-90c6-4425-a794-dacb2910971d
Bridge br-ctlplane
fail_mode: standalone
Port tun-ctlplane-9eb947e6-a1f1-5058-be79-d18ea53077b8
Interface tun-ctlplane-9eb947e6-a1f1-5058-be79-d18ea53077b8
type: vxlan
options: {key="100", remote_ip="192.168.68.132"}
Port dummy0
Interface dummy0
Port br-ctlplane
Interface br-ctlplane
type: internal
Bridge br-hostonly
fail_mode: standalone
Port dummy1
Interface dummy1
Port tun-hostonly-9eb947e6-a1f1-5058-be79-d18ea53077b8
Interface tun-hostonly-9eb947e6-a1f1-5058-be79-d18ea53077b8
type: vxlan
options: {key="101", remote_ip="192.168.68.132"}
Port br-hostonly
Interface br-hostonly
type: internal
Bridge br-ex
fail_mode: standalone
Port br-ex
Interface br-ex
type: internal
Port eth0
Interface eth0
ovs_version: "2.13.4"
ping works with the other host.
For both hostonly (used as a provider network) and control plane bridges, we now allow them to be plugged to remote hosts bridges via VXLAN tunnels.
The new parameter is
tunnel_remote_ips
(default: []), where for each IP in the list, we'll create a unique tun interface, connect it to the bridge on a specific VNI (100 for control plane and 101 for hostonly).Use-cases: