It's clear that in Kubernetes world, SUSE and openSUSE chose Cilium as the main network provider, which also means choosing BPF and XDP as underlying technologies for implementing datapath and packet filtering.
That's different from what we are doing in OpenStack. SUSE OpenStack Cloud provides mostly Open vSwitch DPDK as a network solution.
We are going to merge Kubernetes and OpenStack worlds with Airship and OpenStack Helm - it's also already decided. Which gives us inconsistent network architecture. K8S powered by BPF/XDP and OpenStack powered by DPDK. K8S powered by the Linux kernel and OpenStack bypassing the kernel. Apart from architecture or philosophical questions what Linux kernel is supposed to do and where network drivers belong, in practice that also means that we are going to have no network connectivity between K8S pods/services and OpenStack VMs.
There are two potential solutions for that problem:
Bringing Cilium/BPF/XDP networking to OpenStack. It's not implemented at all.
Bringing Neutron/OVS-DPDK networking to Kubernetes. There are already some projects addressing that case (Kuryr, userspace-cni-network-plugin), although they are missing some good support for network policies in K8S.
This project is about implementing the 1st solution.
So, to sum it up - this project is about writing a Neutron driver which will attach veths created by Cilium to OpenStack VMs. And about doing some necessary changes in Cilium to make that possible (which should be mostly API changes and maybe moving some stuff from CNI plugin to API). For consistency and for network connectivity between all workloads. And for trying out kernel-based networking powered by BPF/XDP in virtual machines.
Looking for hackers with the skills:
Nothing? Add some keywords!
This project is part of:
Hack Week 18
This project is one of its kind!