-
Vhostuser plugin is a Container Network Interface (CNI) plugin to run with OVS-DPDK and VPP along with Multus CNI plugin in Kubernetes for Bare metal container deployment model. It enhances high performance container Networking solution and Dataplane Acceleration for NFV Environment.
-
DPDK Vhostuser is new virtualization technology. Please refer to here for more information.
This plugin is recommended to build with Go 1.7.5 and VPP 17.01 which is fully tested. Other versions of Go and VPP are theoretically supported, but MIGHT cause unknown issue, please try to fix it by yourself / Welcome PR for latest VPP version.
#./build
Build the source codes to binary, copy the bin/vhostuser to the CNI folder for the tests.
#./clean
Remove the binary and temporary files generated whild building the source codes.
name
(string, required): the name of the networktype
(string, required): "vhostuser"vhost
(dictionary, required): Vhostuser configurations.ipam
(dictionary, optional): IPAM configuration to be used for this network.
Given the following network configuration:
# cat > /etc/cni/net.d/99-vhostuser.conf <<EOF
{
"type": "vhostuser",
"name": "vhostuser-network",
"if0name": "net0",
"vhost": {
"vhost_tool": "/path/to/vhost-user-net-plugin/tests/vpp-config.py"
},
"ipam": {
"type": "host-local",
"subnet": "10.56.217.0/24",
"rangeStart": "10.56.217.131",
"rangeEnd": "10.56.217.190",
"routes": [
{
"dst": "0.0.0.0/0"
}
],
"gateway": "10.56.217.1"
}
}
EOF
Integrated with Multus plugin for high performance container Networking solution for NFV Environment
Refer Multus (NFV based Multi - Network plugin), DPDK-SRIOV CNI plugins
Encourage the users/developers to use Multus based Kubernetes CDR/TPR based network objects. Please follow the configuration details in the link: Usage with Kubernetes CRD/TPR based Network Objects
Please refer the Kubernetes Network SIG - Multiple Network PoC proposal for more details refer the link - K8s Multiple Network proposal
# cat > /etc/cni/net.d/10-multus.conf <<EOF
{
"name": "multus-demo-network",
"type": "multus",
"delegates": [
{
"type": "sriov",
"if0": "ens786f1",
"if0name": "net0",
"dpdk": {
"kernel_driver": "ixgbevf",
"dpdk_driver": "igb_uio",
"dpdk_tool": "/path/to/dpdk/tools/dpdk-devbind.py"
}
},
{
"type": "vhostuser",
"name": "vhostuser-network",
"if0name": "net1",
"vhost": {
"vhost_tool": "/path/to/vhost-user-net-plugin/tests/vpp-config.py"
},
"ipam": {
"type": "host-local",
"subnet": "10.56.217.0/24",
"rangeStart": "10.56.217.131",
"rangeEnd": "10.56.217.190",
"routes": [
{
"dst": "0.0.0.0/0"
}
],
"gateway": "10.56.217.1"
}
},
{
"type": "flannel",
"name": "control-network",
"masterplugin": true,
"delegate": {
"isDefaultGateway": true
}
}
]
}
EOF
Note: The Vhostuser CNI supports different IPAM plugins for the IP addresses management. The generated IP address information will be stored in one configuration file.
Both VPP (Vector Packet Processing) and DPDK-OVS support VHOST_USER virtual ports. And it uses DPDK VIRTIO_USER as its client for the container network. Install VPP or DPDK-OVS for the Kubernetes node(s).
There are two ways to install the VPP packages. First of all, the VPP has pre-build packages for the main Linux distributions, please refer to the VPP’s wiki page for the details. Using Ubuntu 16.04 (Xenial) as an example to demonstrate how to install VPP from pre-build packages:
# export UBUNTU="xenial"
# export RELEASE=".stable.1701"
# sudo rm /etc/apt/sources.list.d/99fd.io.list
# echo "deb [trusted=yes] https://nexus.fd.io/content/repositories/fd.io$RELEASE.ubuntu.$UBUNTU.main/ ./" | sudo tee -a /etc/apt/sources.list.d/99fd.io.list
# sudo apt-get update
# sudo apt-get install vpp vpp-dpdk-dkms
The other way is to build the packages from source codes, for the detailed guides, please refer to the wiki page at here.
# git clone https://gerrit.fd.io/r/vpp
# cd vpp/build-root
# make distclean
# ./bootstrap.sh
# make V=0 PLATFORM=vpp TAG=vpp install-deb
# sudo dpkg install *.deb
To install the DPDK-OVS, the source codes contains a document for how to install the DPDK-OVS.
Both VPP and DPDK-OVS are DPDK based application, so there are some requirements, detailed system requirements can be found at DPDK requirements. Hugepages are the main requirement for the VHOST_USER virtual ports.
# echo 'vm.nr_hugepages=2048' > /etc/sysctl.d/hugepages.conf
Or add the following configuration to the grub configuration:
# default_hugepagesz=2m hugepagesz=2m hugepages=2048
- Before the vhostuser CNI installation, create the VPP 17.01 based Docker image, and use sample application since it provides ping tool to check basic network connectivity.
- Run 2 VPP 17.01 based pods in the same node. Highly recommend user to take care of it, please contact @kural or @abdul in Intel-corp for more assistant on this.
- This CNI plugin moves vhostuser socket file to the /var/lib/cni/vhostuser directory from ovs-vswitchd's path for vhostuser(for release version it is usually /var/run/openvswitch). DPDK application inside container expects that it should be /vhost-user-net-plugin. Therefore pod's yaml should contain mountVolume declaration to bind directories.
- With the deployment of 2 pod A and B, following vhostuser cni content with pause/infra/sandbox container ID is stored in /var/lib/cni/vhostuser
# tree /var/lib/cni/vhostuser
/var/lib/cni/vhostuser
├── 4d578250ad8d760c0722be78badb4b4b6d57fed8f95dea23aaa0065aa8657b29
│ ├── 4d578250ad8d-net1
│ ├── 4d578250ad8d-net1-ip4.conf
│ └── 4d578250ad8d-net1.json
├── 65bc360690b648458b7cbad34f8f274b6028973e82a284353d9c3ca63e1ad35e
│ ├── 65bc360690b6-net1
│ ├── 65bc360690b6-net1-ip4.conf
│ └── 65bc360690b6-net1.json
- Shows that there are two vhostuser ports, each for one container. ** xxxxxxxxxxxx-net1: The socket file for the Vhostuser server/client communication. ** xxxxxxxxxxxx-net1-ip4.conf: IPAM information for the Vhostuser port. ** xxxxxxxxxxxx-net1.json: Vhostuser Port information for the management.
# cat 4d578250ad8d-net1-ip4.conf
{
"ipAddr": "10.56.217.132/32",
"macAddr": "e2:52:b5:7b:58:ad",
"gateway": "10.56.217.1",
"gwMac": "02:fe:fc:89:49:d8"
}
- The IPAM management configuration for the port.
# cat 4d578250ad8d-net1.json
{
"vhostname": "VirtualEthernet0/0/0",
"vhostmac": "02:fe:fc:89:49:d8",
"ifname": "net1",
"ifmac": "e2:52:b5:7b:58:ad",
"vhost_tool": "/path/to/vhost-user-net-plugin/tests/vpp-config.py"
}
- Login the container A and run your own script to get the pause/infra/sandbox container ID (here we used get-prefix.sh to get the container ID from our VPP docker image, highly recommend user to have their own docker image)
$ /vhost-user-net-plugin/get-prefix.sh
4d578250ad8d760c0722be78badb4b4b6d57fed8f95dea23aaa0065aa8657b29
-
Container A should use socket file/configuration file under the folder /vhost-user-net-plugin/4d578250ad8d760c0722be78badb4b4b6d57fed8f95dea23aaa0065aa8657b29 .
-
Run the VPP(version 17.01) in a container A as follows
# vpp unix {log /tmp/vpp.log cli-listen 0.0.0.0:5002} api-trace { on } \
dpdk {coremask 0x2 no-multi-seg no-pci singlefile 512 extra --vdev=virtio_user0,path=/vhost-user-net-plugin/4d578250ad8d760c0722be78badb4b4b6d57fed8f95dea23aaa0065aa8657b29/4d578250ad8d-net1,mac=e2:52:b5:7b:58:ad } cpu {skip-cores 1}
# vppctl set int state virtio_user0 up
# vppctl set int ip table virtio_user0 0
- Run the VPP(version 17.01) in another container B and ping the Container A
# vppctl ping 10.56.217.132
- If the system works well, the ping would be successful
For any questions about Vhostuser CNI, please reach out on github issue or feel free to contact the developer @Kural and @abdul in our Intel-Corp Slack