Hi Chul-Woong,
Both projects are actually based on ligato/vpp-agent (https://github.com/ligato/vpp-agent), which is a control plane for VPP. The sfc controller from ligato however is most likely outdated and probably will be deprecated. The NSM project, albeit bit younger and very much in-progress, is much more active at the moment so perhaps check that one first. Additionally, there is a CNI plugin for Kubernetes, also based on ligato/vpp-agent, called Contiv/VPP (https://github.com/contiv/vpp). Up until now the project was focused on implementing all the features a K8s network plugin must/should have (connectivity between pods, nodes, K8s policies, K8s services, and also IPv6 support). But now the focus is to add the sfc-like features into the Contiv. For example, as a first step, support for multiple interfaces was added: https://github.com/contiv/vpp/blob/master/docs/operation/CUSTOM_POD_INTERFACES.md So additionally to tap (eth0 in pod), you can have memifs connected to pod, etc. The service chaining is to be done. But what is cool about Contiv, is that the network configuration can be further extended and customized (https://github.com/contiv/vpp/blob/master/docs/dev-guide/EXTERNAL_CONFIG.md). So you could implement the chaining also yourself by requesting further config objects (such as bridge domains, L2 x-connects between pods, etc.) and the Contiv will ensure this configuration is applied and kept-in-sync between restarts, etc. Also this configuration is given to Contiv in a declarative higher-level format (like YANG, but using protobuf and simpler - here are the models: https://github.com/ligato/vpp-agent/tree/master/api/models), so it is much easier to work with than to program these things directly into VPP through a complicated set of binary APIs. Regards, Milan ________________________________ Od: Chul-Woong Yang <cwy...@gmail.com> Odoslané: streda, 22. mája 2019 3:52 Komu: vpp-dev@lists.fd.io Predmet: [vpp-dev] Q) Service function chaining Hi, all. I'm looking for ways to service function chaining in container-native environments. My use case is security vnfs. I've developed on-premise boxes for several years and want to make vnfs using vpp now. As far as I surveyed, ligato/sfc project and nsm(network service mesh) are only two viable solutions. What sfc way do you suggest, in terms of active development, maturity, and user community? Now I'm trying ligato/sfc quick start (https://github.com/ligato/sfc-controller) but docker image is missing and have trouble in finding ligato community. Can you share your experience on doing sfc? Best regards, Chul-Woong
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#13134): https://lists.fd.io/g/vpp-dev/message/13134 Mute This Topic: https://lists.fd.io/mt/31715546/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
