Repository files navigation

For fun and to learn!

• Compute hosts facilitate the creation and management of VM's or containers
• Route hosts provide virtual routers
• Management hosts (not in diagram) provide management facilities such as BGP route reflection and configuration management.

There is no technical reason why a compute host can also be a route host and vice-versa. This simply provides better security, bandwidth and segregation of duties on hosts.

Each VM, namespace or container is connected to a Linux bridge (with VLAN filtering enabled) on a compute host. Compute hosts are connected via Linux VxLAN devices (VTEPs).

VxLAN learning is disabled by default. Learning is derived from an ML-BGP-L2VPN-EVPN client (viafrr) on each compute host and route reflectors on management hosts.

Each 'tenant' is separated by VxLAN VNI's and each Subnet is protected via inner VLAN tagging on a Linux bridge per tenant.

The L2 agent provides a GRPC API to create bridges, VxLAN VTEPs and manage VLAN tagging on the bridges.

Can set up to use a linux VxLAN device, or use a TAP device with VxLAN encapsulation. The TAP device allows easier handling of ARP/ICMPv6 soliciations in the future.

The L3 agent provides the functionality to create the virtual router namespaces and provide simple DHCP/NAT & routing capabilities.

Simple block storage - raft based replicated block storage medium exposing NBD endpoints

Openstacks Neutron in Linux bridge mode.