OVN docker插件

  1. # start docker
  2. docker daemon --cluster-store=consul://127.0.0.1:8500 \
  3.     --cluster-advertise=$HOST_IP:0
  5. # start north
  6. /usr/share/openvswitch/scripts/ovn-ctl start_northd
  7. ovn-nbctl set-connection ptcp:6641
  8. ovn-sbctl set-connection ptcp:6642
  10. # start south
  11. ovs-vsctl set Open_vSwitch . \
  12.     external_ids:ovn-remote="tcp:$CENTRAL_IP:6642" \
  13.     external_ids:ovn-nb="tcp:$CENTRAL_IP:6641" \
  14.     external_ids:ovn-encap-ip=$LOCAL_IP \
  15.     external_ids:ovn-encap-type="$ENCAP_TYPE"
  16. /usr/share/openvswitch/scripts/ovn-ctl start_controller
  18. # start openvswitch plugin
  19. pip install Flask
  20. PYTHONPATH=$OVS_PYTHON_LIBS_PATH ovn-docker-overlay-driver --detach
  22. # create docker network
  23. docker network create -d openvswitch --subnet=192.168.1.0/24 foo

Workflow

Initialize ovn bridge

  1. ovs-vsctl --timeout=5 -vconsole:off -- --may-exist add-br br-int \
  2.           -- set bridge br-int external_ids:bridge-id=br-int \
  3.              other-config:disable-in-band=true fail-mode=secure
  5. ovs-vsctl --timeout=5 -vconsole:off -- get Open_vSwitch . external_ids:ovn-nb
  6. ovs-vsctl --timeout=5 -vconsole:off -- set open_vswitch . external_ids:ovn-bridge=br-int

Create network

  1. nid="red-net"
  2. ovn-nbctl ls-add $nid -- set Logical_Switch $nid external_ids:subnet=10.160.0.0/24 external_ids:gateway_ip=10.160.0.1
  3. ovn-nbctl show

Create container

  1. nid="red-net"
  2. eid="blue-container"
  3. ip="10.160.0.2"
  4. mac="02:38:e1:a2:28:38"
  5. ovn-nbctl lsp-add $nid $eid
  6. ovn-nbctl lsp-set-addresses $eid "$mac $ip"
  8. ip netns add $eid
  9. ip link add veth_inside type veth peer name veth_outside
  10. ip link set dev veth_inside address $mac
  11. ip link set veth_inside netns $eid
  12. ip link set veth_outside up
  13. ip netns exec $eid ip addr add 10.160.0.2/24 dev veth_inside
  14. ip netns exec $eid ip route add default via 10.160.0.1
  16. ovs-vsctl --timeout=5 -vconsole:off \
  17.           -- add-port br-int veth_outside \
  18.           -- set interface veth_outside \
  19.              external_ids:attached-mac=$mac \
  20.              external_ids:iface-id=$eid \
  21.              external_ids:vm-id=$eid \
  22.              external_ids:iface-status=active

Get endpoint status

  1. ovn-nbctl --if-exists get Logical_Switch_Port $eid addresses

Delete container

  1. ip netns del $eid
  2. ip link delete veth_outside
  3. ovs-vsctl --if-exists del-port veth_outside
  4. ovn-nbctl lsp-del $eid

Delete network

  1. ovn-nbctl ls-del red-net

参考文档