[ovs-discuss] ovs-docker: why need to use veth pair instead of internal port?

Han Zhou zhouhan at gmail.com
Tue Apr 28 07:57:25 UTC 2015 

Hi,

On Tue, Apr 28, 2015 at 3:00 PM, Shanmugam Sundaram
<shanmugam.s at bizruntime.com> wrote:
> On Tue, Apr 28, 2015 at 11:49 AM, Han Zhou <zhouhan at gmail.com> wrote:
>>
>> Hi Shan,
>>
>> Thanks, but why can't we just add an internal port to OVS bridge and
>> put into namespace?
>
>
> Internal port is  single port that is connects to hosts IP stack.
> veth pair, come with pair of ports, like a pipe, one end in one namespace
> (your host) and another end in docker containers namespace.
>
> So, packets send at one end is received at another end .
>

Internal port is widely used in namespaces, e.g. usecase of openstack
neutron dhcp node.
For my understanding, veth pair is required only when using linux
bridge. With OVS, a pair of veth devices can be replaced by a single
internal port, with better performance.

So I am curious what's the limitation for internal ports to be working
with docker.

>>
>> And what's the native support mentioned in INSTALL.docker.md?
>
>
> Docker uses linux bridges natively i.e., when you launch a container, it
> creates its own veth pair, and sets up IP etc. It also removes the veth
> pair, etc when a docker container is deleted.
>
> Docker does not have a native support for Open vSwitch Bridges. i.e., you
> have to manually add Docker in OVS Bridge and remove the veth pair, when the
> docker is deleted.
>
> AFAIK, Native integration of Docker with Open vSwitch, is on the road-map.
>

My question is, what's the key changes required for the "Native" support.

Regards,
Han

>>
>>
>> Best regards,
>> Han
>>
>> On Tue, Apr 28, 2015 at 2:13 PM, Shanmugam Sundaram
>> <shanmugam.s at bizruntime.com> wrote:
>> > Hi Han,
>> >
>> > Dockers uses NameSpaces for isolation, to connect between network
>> > namespaces, we have to go with veth pairs.
>> >
>> > regards,
>> > Shan
>> >
>> > On Tue, Apr 28, 2015 at 11:35 AM, Han Zhou <zhouhan at gmail.com> wrote:
>> >>
>> >> Hello everyone,
>> >>
>> >> I have a question about the ovs-docker utility. Why can't internal
>> >> port work for docker case? For native support, does it mean we need a
>> >> new port type?
>> >>
>> >> Best regards,
>> >> Han
>> >> _______________________________________________
>> >> discuss mailing list
>> >> discuss at openvswitch.org
>> >> http://openvswitch.org/mailman/listinfo/discuss
>> >
>> >
>> >
>> >
>> > --
>> > regards,
>> > Shan
>
>
>
>
> --
> regards,
> Shan

More information about the discuss mailing list