Created by David Bainbridge on May 12, 2017

Some experimentation is on going to understand some practical aspects of implementation around a container based vNF chain. Below are some notes from those experiments

Using Docker Events to Connect Chains

Design Constraints

    • Containers which wish to participate in this system shall have a label of the form: 
    • com.opencord.network.graph={\"links\":{\"ifaceName\":\"UUID\", ...}}
    • When two containers (on any host) have the same UUID, interfaces (with the ifaceNames given) shall be created and injected into the containers.
    • Containers without these labels MUST be ignored.
    • If the containers are on the same host, they shall be connected with a veth pair.
    • If the containers are on different hosts, traffic shall be vlan- or vxlan-tagged and then sent to interface which pipes directly to/from the corresponding host.
    • On single or multiple-host restart, all network topology shall be re-read from the docker daemon.
    • On single or multi-host restart, existing network config shall be modified only as needed (it shall not be torn down and rebuilt).

Implementation

    • golang
    • One network container per host (responsible for all networking and all containers on that host)
    • Network management containers directly accesses the host's docker daemon.
    • Networking things:
      • Container does use its own separate network namespace (does not use host namespace)
      • Container self-injects the host's leaf-connected 40GE interfaces
      • Container injects interfaces into the network namespace of other containers.