On Tue, Jul 28, 2015 at 1:33 PM, FUJITA Tomonori <[email protected]> wrote: > Thanks a lot! Can you explain the use cases a bit more?
Sure! In order to create a true ovs manager where the manager listens on the socket for OVSDB connections from clients. This allows you to use `ovs-vsctl set-manager ssl:ip:port` so vswitch on the hypervisor does not have to listen on a socket for connections from a remote vsctl command. It also allows you to react to OVSDB events on the fly (like port creation) and read data from OVSDB (for example the neutron port uuid or something that the hypervisor sets) and proactively calculate a flow set and push it down instead of waiting for traffic from the VIF/PIF. At Rackspace we're using it in our Floating IP deployment (still in development) where a bank of workers share the NAT'ing. For deployment all the user has to do it register the SSL certs from vswitch with the controller, and run set-manager on it. From there the manager/controller will configure the rest of vswitch through OVSDB including setting the openflow controllers and creating tunnel ports, bridges and patch-ports. The only delta between our internal version and this version is that our internal version also supports SSL cert fingerprint auth, so a complete ca deployment is not needed. In order to opensource this portion I removed that since its a bit hacky at the moment and isn't self contained. If there is interest I can work on cleaning it up so its usable and applicable to both the Controller and OVSDB portions and send a patch. Happy Hacking! 7-11 ------------------------------------------------------------------------------ _______________________________________________ Ryu-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/ryu-devel
