On Mon, Apr 27, 2015 at 11:19 PM, Han Zhou <[email protected]> wrote: > Hi Shan, > > Thanks, but why can't we just add an internal port to OVS bridge and > put into namespace? > And what's the native support mentioned in INSTALL.docker.md? You can do it, and its performance is a lot better. But 1. once a OVS internal port has been moved inside a namespace, the ovs-vswitchd daemon running in the root namespace can no longer see it and starts complaining. 2. If you are depending on network counters to figure out how much packets have gone through etc, it gets confusing. 3. When you upgrade your kernel module, the internal interfaces will disappear from inside the container, likely causing unexpected behavior for the applications running inside and you will also need a mechanism to move them all back in after the interface are re-created.
So to take the easier path, ovs-docker utility does not use OVS internal interfaces but rather uses veth pairs. > > Best regards, > Han > > On Tue, Apr 28, 2015 at 2:13 PM, Shanmugam Sundaram > <[email protected]> wrote: >> Hi Han, >> >> Dockers uses NameSpaces for isolation, to connect between network >> namespaces, we have to go with veth pairs. >> >> regards, >> Shan >> >> On Tue, Apr 28, 2015 at 11:35 AM, Han Zhou <[email protected]> wrote: >>> >>> Hello everyone, >>> >>> I have a question about the ovs-docker utility. Why can't internal >>> port work for docker case? For native support, does it mean we need a >>> new port type? >>> >>> Best regards, >>> Han >>> _______________________________________________ >>> discuss mailing list >>> [email protected] >>> http://openvswitch.org/mailman/listinfo/discuss >> >> >> >> >> -- >> regards, >> Shan > _______________________________________________ > discuss mailing list > [email protected] > http://openvswitch.org/mailman/listinfo/discuss _______________________________________________ discuss mailing list [email protected] http://openvswitch.org/mailman/listinfo/discuss
