You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cloudstack.apache.org by Rémi Paeta <si...@gmail.com> on 2022/10/21 10:36:15 UTC
VXLAN OpenVswitch
Hi there,
Is there any plugin development planned to add VXLAN support with
OpenVswitch?
I saw that OpenStack and OpenNebula already have it.
Thank you in advance for your answers.
Re: VXLAN OpenVswitch
Posted by Wido den Hollander <wi...@widodh.nl>.
On 10/25/22 09:04, Vladimir Dombrovski wrote:
> Hello Rémi/Wido/others,
>
> We've tested this integration, I can confirm it doesn't work, I
> believe it's missing:
> - Some way to implement VXLAN in the OVS Plugin
Understood, that would be be some work.
> - A new VXLAN script that provisions VXLANs on OVS instead of the host
> (/usr/share/cloudstack-common/scripts/vm/network/vnet/modifyvxlan.sh)
>
Also when you want to use a EVP+BGP+VXLAN underlay you need to modify
this script.
We use VXLAN and EVPN in production extensively, but we have our own
/usr/share/modifyvxlan.sh script on the hypervisors tailored to our
situation. I don't see a generic script being able to handle all network
topologies.
> As for why this is interesting: Openvswitch is an L2+L3 router that
> implements a lot of useful SDN functionality: QoS, Traffic monitoring,
> DDoS protection, Meshing* (requires additionally an SDN controller).
> Although none of these features are controllable by Cloudstack, they
> could be very useful in production setups that require more
> fine-grained network controls that iptables+linux bridges could offer
> (current vRouter setup), without having to invest in other more
> expensive integrations such as Netscaler/Juniper/F5/Bigswitch..., the
> long-term support of which is expensive, thus difficult (e.g.
> https://github.com/apache/cloudstack/issues/6381).
>
> Vladimir
>
>> On Mon, 24 Oct 2022 at 22:13, Wido den Hollander <wi...@widodh.nl> wrote:
>>
>>
>>
>> On 10/21/22 12:36, Rémi Paeta wrote:
>>> Hi there,
>>>
>>> Is there any plugin development planned to add VXLAN support with
>>> OpenVswitch?
>>
>> No, it's not. If somebody wants it, somebody has to step up to develop this.
>>
>> Can I ask what the benefit would be of Openvswitch with VXLAN vs the
>> Linux bridging? (I'm not very familiar with Openvswitch, but am with VXLAN).
>>
>> Wido
>>
>>> I saw that OpenStack and OpenNebula already have it.
>>>
>>> Thank you in advance for your answers.
>>>
>
Re: VXLAN OpenVswitch
Posted by Vladimir Dombrovski <vl...@bso.co>.
Hello Rémi/Wido/others,
We've tested this integration, I can confirm it doesn't work, I
believe it's missing:
- Some way to implement VXLAN in the OVS Plugin
- A new VXLAN script that provisions VXLANs on OVS instead of the host
(/usr/share/cloudstack-common/scripts/vm/network/vnet/modifyvxlan.sh)
As for why this is interesting: Openvswitch is an L2+L3 router that
implements a lot of useful SDN functionality: QoS, Traffic monitoring,
DDoS protection, Meshing* (requires additionally an SDN controller).
Although none of these features are controllable by Cloudstack, they
could be very useful in production setups that require more
fine-grained network controls that iptables+linux bridges could offer
(current vRouter setup), without having to invest in other more
expensive integrations such as Netscaler/Juniper/F5/Bigswitch..., the
long-term support of which is expensive, thus difficult (e.g.
https://github.com/apache/cloudstack/issues/6381).
Vladimir
> On Mon, 24 Oct 2022 at 22:13, Wido den Hollander <wi...@widodh.nl> wrote:
>
>
>
> On 10/21/22 12:36, Rémi Paeta wrote:
> > Hi there,
> >
> > Is there any plugin development planned to add VXLAN support with
> > OpenVswitch?
>
> No, it's not. If somebody wants it, somebody has to step up to develop this.
>
> Can I ask what the benefit would be of Openvswitch with VXLAN vs the
> Linux bridging? (I'm not very familiar with Openvswitch, but am with VXLAN).
>
> Wido
>
> > I saw that OpenStack and OpenNebula already have it.
> >
> > Thank you in advance for your answers.
> >
--
*CONFIDENTIALITY AND DISCLAIMER NOTICE: *
This email is intended only for
the person to whom it is addressed and/or otherwise authorized personnel.
The information contained herein and attached is confidential. If you are
not the intended recipient, please be advised that viewing this message and
any attachments, as well as copying, forwarding, printing, and
disseminating any information related to this email is prohibited, and that
you should not take any action based on the content of this email and/or
its attachments. If you received this message in error, please contact the
sender and destroy all copies of this email and any attachment. Please note
that the views and opinions expressed herein are solely those of the author
and do not necessarily reflect those of the company. While antivirus
protection tools have been employed, you should check this email and
attachments for the presence of viruses. No warranties or assurances are
made in relation to the safety and content of this email and attachments.
The Company accepts no liability for any damage caused by any virus
transmitted by or contained in this email and attachments. No liability is
accepted for any consequences arising from this email.
*AVIS DE
CONFIDENTIALITÉ ET DE NON RESPONSABILITE* :
Ce courriel, ainsi que toute
pièce jointe, est confidentiel et peut être protégé par le secret
professionnel. Si vous n’en êtes pas le destinataire visé, veuillez en
aviser l’expéditeur immédiatement et le supprimer. Vous ne devez pas le
copier, ni l’utiliser à quelque fin que ce soit, ni divulguer son contenu à
qui que ce soit. BSO se réserve le droit de contrôler toute transmission
qui passe par son réseau. Veuillez noter que les opinions exprimées dans
cet e-mail sont uniquement celles de l'auteur et ne reflètent pas
nécessairement celles de la société. Bien que des outils de protection
antivirus aient été utilisés, vous devez vérifier cet e-mail et les pièces
jointes pour toute présence de virus. Aucune garantie ou assurance n'est
donnée concernant la sécurité et le contenu de cet e-mail et de ses pièces
jointes. La Société décline toute responsabilité pour tout dommage causé
par tout virus transmis par ou contenu dans cet e-mail et ses pièces
jointes. Aucune responsabilité n'est acceptée pour les conséquences
découlant de cet e-mail.
Re: VXLAN OpenVswitch
Posted by Wido den Hollander <wi...@widodh.nl>.
On 10/21/22 12:36, Rémi Paeta wrote:
> Hi there,
>
> Is there any plugin development planned to add VXLAN support with
> OpenVswitch?
No, it's not. If somebody wants it, somebody has to step up to develop this.
Can I ask what the benefit would be of Openvswitch with VXLAN vs the
Linux bridging? (I'm not very familiar with Openvswitch, but am with VXLAN).
Wido
> I saw that OpenStack and OpenNebula already have it.
>
> Thank you in advance for your answers.
>