Hi Robert, Cody et al. Finally, we have released a version of Danube Cloud that is able to use network overlays. And together with IPSec there is now a way to control “remote nodes” in other physical datacenters (without the need of a dedicated L2 link). We are using the file search plugin and Danube Cloud makes sure the “arp table files” are correctly distributed across nodes.
I have to say that overlay networking is a very nice piece of technology. Especially, I like the possibility of having different search plugins. Thank you for that. For overlays to work, we've made the decision to include a new service into the platform - network/virtual, which took over some responsibilities from network/physical. It can create overlay rules, overlays, etherstubs and vNICs. The idea and the usbkey/config syntax for overlays is explained in the method comments: https://github.com/erigones/esdc-erigonos-overlay/blob/master/lib/svc/method/net-virtual#L30 <https://github.com/erigones/esdc-erigonos-overlay/blob/master/lib/svc/method/net-virtual#L30> We’ve tried to implement it in a backward compatible way. Currently the service is able to create newly configured vNICs via SMF refresh (without reboot). We didn’t change nictagadm, although it would be probably the next logical step. We think that SmartOS users would benefit from a unified network configuration of overlays, etherstubs, and vNICs; What would it take to get it into vanilla SmartOS? For SmartOS users we wrote some basic documentation about overlays and IPSec: https://github.com/erigones/esdc-ce/wiki/SmartOS-Overlays <https://github.com/erigones/esdc-ce/wiki/SmartOS-Overlays> https://github.com/erigones/esdc-ce/wiki/Enabling-IPSec-on-SmartOS <https://github.com/erigones/esdc-ce/wiki/Enabling-IPSec-on-SmartOS> There is even more documentation in our user guide, e.g.: https://docs.danubecloud.org/user-guide/network/overlays.html <https://docs.danubecloud.org/user-guide/network/overlays.html> The IPSec troubleshooting guide https://docs.danubecloud.org/user-guide/network/debug-ipsec.html <https://docs.danubecloud.org/user-guide/network/debug-ipsec.html> is also something that a SmartOS user can make use of. Daniel > On 29 Nov 2017, at 01:18, Robert Mustacchi <[email protected]> wrote: > > On 10/31/17 2:16 , Daniel Kontsek wrote: >> Hi, >> >> This post can be considered as continuation of >> https://www.mail-archive.com/[email protected]/msg04922.html >> <https://www.mail-archive.com/[email protected]/msg04922.html> >> >> Overlay networking in SmartOS is great but the inability to configure them >> automatically after boot is a real PITA. We have a proposal of >> implementation of overlays persistence using the config file. But before we >> implement it, I want to ask the community - maybe there's already some other >> way planned for overlay persistence. > > Hi Daniel, > > Thanks for putting this together. Sorry it's taken a while to get back > around to this. When I put together the overlay stuff originally I > wasn't sure how we wanted to expose it and have it make sense. > >> The proposal is described here: >> https://github.com/erigones/esdc-factory/issues/85#issuecomment-340701358 >> <https://github.com/erigones/esdc-factory/issues/85#issuecomment-340701358> >> >> Basically, the `overlay_<rule_name>="<definition>”` from usbkey/config will >> be transformed into a valid json in >> /var/run/smartdc/networking/overlay_rules.json by network/physical SVC. > > One thing that we've been trying to do with the nic tags and really this > is just another form of it is to have this be managed by nictagadm. I > think the config logic is probably alright, but I'd want to make sure > that we're able to manage it that way and have using nictagadm really be > the interface for this rather than having folks continue using the tag. > > Cody, what do you think here? > > Robert >
signature.asc
Description: Message signed with OpenPGP
------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
