Macvlan backend for providing Pod-in-VM support

Registered by Antoni Segura Puimedon

Currently, in kuryr-kubernetes there is support for pod-in-VM networking via neutron trunk ports and vlans. This blueprint proposes adding support for using allowed IP addresses and MACVLAN
interfaces.

This approach leverages the capability of the Linux MACVLAN driver to provide efficient virtual interfaces, resulting in similar functionality to the previous case, but without need for trunking
and VLAN segregation.

While MACVLAN interfaces do not have a backing Neutron port in the integration bridge (traffic is directly multiplexed on their backing master interface belonging to the VM), which forces them
to share the same security group as the VM, performance improvements can be obtained with
respect to the alternative VLAN implementation. Especially intra-VM traffic is expected to largely
benefit from the simple and reduced processing stack for MACVLAN interfaces.

Blueprint information

Status:
Complete
Approver:
Antoni Segura Puimedon
Priority:
Medium
Drafter:
Marco Chiappero
Direction:
Approved
Assignee:
Marco Chiappero
Definition:
Approved
Series goal:
None
Implementation:
Implemented
Milestone target:
milestone icon pike-2
Started by
Marco Chiappero
Completed by
Antoni Segura Puimedon

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bp/macvlan-pod-in-vm,n,z

Addressed by: https://review.openstack.org/440669
    Add MACVLAN based interfaces for nested containers

Addressed by: https://review.openstack.org/469828
    Refactor the class hierarchy of controller drivers

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.