[ovs-dev] [PATCH ovn 1/3] ovn: Enforce unique tags for container interfaces.
Thomas Graf
tgraf at noironetworks.com
Mon Apr 6 19:57:57 UTC 2015
On 04/06/15 at 03:12pm, Russell Bryant wrote:
> A logical port that represents a container that sits behind another
> logical port has both a parent_name and a tag set. The parent_name
> identifies the parent port and the tag is the VLAN ID used to identify
> which traffic comes from that container. The combination of
> parent_name and tag must always be unique. This applies to both the
> ovn and ovn-nb schemas.
As far as I can see this is a pure nit on commit message level but we
should be careful with setting the VLAN ID as tag in stone. I don't
see that happen in the code itself so no objections to the patches at
all.
I think lxc deployment inside the VM definitely makes sense from a
hardware isolation perspective but it may not be feasible for
everyone. A simple example is resource allocation across multiple
tenants on process level which becomes a lot more difficult if the
host can no longer see the tasks themselves.
The lxc-in-vm architecture is probably a very sane approach as a
first implementation and the sooner something becomes available the
better but it might make sense to find a way to open up this
discussion to broader audience and allow others interested to
contribute their models and concepts.
More information about the dev
mailing list