Macvlan backend for providing Pod-in-VM support
Currently, in kuryr-kubernetes there is support for pod-in-VM networking via neutron trunk ports and vlans. This blueprint proposes adding support for using allowed IP addresses and MACVLAN
interfaces.
This approach leverages the capability of the Linux MACVLAN driver to provide efficient virtual interfaces, resulting in similar functionality to the previous case, but without need for trunking
and VLAN segregation.
While MACVLAN interfaces do not have a backing Neutron port in the integration bridge (traffic is directly multiplexed on their backing master interface belonging to the VM), which forces them
to share the same security group as the VM, performance improvements can be obtained with
respect to the alternative VLAN implementation. Especially intra-VM traffic is expected to largely
benefit from the simple and reduced processing stack for MACVLAN interfaces.
Blueprint information
- Status:
- Complete
- Approver:
- Antoni Segura Puimedon
- Priority:
- Medium
- Drafter:
- Marco Chiappero
- Direction:
- Approved
- Assignee:
- Marco Chiappero
- Definition:
- Approved
- Series goal:
- None
- Implementation:
- Implemented
- Milestone target:
- pike-2
- Started by
- Marco Chiappero
- Completed by
- Antoni Segura Puimedon
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
Add MACVLAN based interfaces for nested containers
Addressed by: https:/
Refactor the class hierarchy of controller drivers