netplan-developers team mailing list archive

Thread
Date

Re: gretap support for Open vSwitch

To: netplan-developers@xxxxxxxxxxxxxxxxxxx
From: Lukas Märdian <lukas.maerdian@xxxxxxxxxxxxx>
Date: Tue, 8 Feb 2022 15:53:54 +0100
Cc: steve Langasek <steve.langasek@xxxxxxxxxxxxx>, Brian Turek <brian.turek@xxxxxxxxx>
In-reply-to: <CAAPA2HNjStC0jsXCMvQSinwJfTemT5STYaH=4ZUo6spWuBszgQ@mail.gmail.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.5.0

+CC Steve, for schema review


Hi Brian,

Am 08.02.22 um 00:24 schrieb Brian Turek:

Greetings,
I've been experimenting using netplan to control Open vSwitch (OVS)bridges/interfaces and am wondering if there is any appetite to addsupport for gretap tunnels via native OVS commands? It's a littletricky to implement as the interface *must* be attached to an OVSbridge and it does not appear that there is a fool-proof method oflinking a tunnel to a bridge. For example, VLAN interfaces have the"link" attribute whereas the only existing method of linking a tunnelwould be via the bridge's "interfaces" attribute.

As you already found, we're currently supporting (basic) configurationof OVS as well as setting up GRE tunnels. So the combination of both(GRE on top of OVS, e.g. for offloading) would definitely make sense andimprove our overall Open vSwitch offering. If you want to work on that,that would be appreciated!

I looked through the netplan code to see if there was any way to abusethe "other-config" attribute to get this to work but the "add-port"method of ovs-vsctl is gated solely behind patch ports.
I'm willing to spend some time trying to implement this (I submitted 2minor patches recently!) but am looking for some direction on how tofirmly establish the br<->tunnel linkage before beginning.

Thanks for that! I really liked the two PRs that you've submittedrecently – nicely structured and good test coverage!

As you mentioned above using the bridge's "interfaces" stanza to link aGRE tunnel would be one way of doing it that does not needchanges/additions to the YAML schema. That could work as we can deducewhen a tunnel is an interface to an OVS bridge (i.e. has some"openvswitch": {} settings) and handle that implicitly. But I agree thatthis isn't fool-proof and could be confused easily.

Another idea that comes to mind would be to add a new "openvswitch": {"link": "ovs-br0" } stanza to a tunnel definition. This YAML schemawould show explicitly that this is an "OVS-tunnel" that is liked to agiven (OVS-)bridge. What do you think about that?

We usually want to consult Steve for such schema definitions, so I'veput him on CC.


Cheers,

     Lukas


- Brian

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

Follow ups

Re: gretap support for Open vSwitch
From: Brian Turek, 2022-02-09

References

gretap support for Open vSwitch
From: Brian Turek, 2022-02-07