WIP conversation starter for OPTE + Sled Agent#377
Conversation
I have not tested this nor even tried to compile it. I just wrote some code on the fly to serve as a straw man for how I think Sled Agent + OPTE interaction might look for the next demo milestone. In this commit I only cover the registration/unregistration of the OPTE Port, which is what overlays the illumos VNIC. Once again, this is messy and stream of conciousness. Just wanna get the juices flowing in terms of integration.
Looks like a good start. FYI, "cargo build" should basically work out of the box on Helios for omicron, so if that isn't working, lmk and I'm happy to help debug.
The sled agent uses a structure called InstanceManager, which acts basically like a map of "instance UUID -> instance object". Currently, adding an instance through the HTTP interface basically adds something to this map, spinning up the instance along the way. I figured that:
Would a direct dependency on the library not work? That's how we're depending on e.g. Propolis.
|
| let name = guest_vnic_name(allocator.next()); | ||
| Dladm::create_vnic(physical_dl, &name, mac, vlan)?; | ||
|
|
||
| // TODO (rpz): If vlan is Some(N), then OPTE is going to have |
There was a problem hiding this comment.
This VLAN tagging was added because of this comment: #186 (comment)
@jclulow can confirm, but I believe VLANs are in use in the lab environment.
There was a problem hiding this comment.
Actually I totally forgot that mac will strip off the VLAN before I see the packet. So OPTE doesn't have to worry about this at all.
| _ => return Err("OPTE only supports IPv4 guest IPs at the moment"), | ||
| }; | ||
|
|
||
| let public_mac = match mac { |
There was a problem hiding this comment.
What's going on here? Why modify half the MAC address?
There was a problem hiding this comment.
It was just a convenient way to get a new mac address that was easily related back to the private mac (those three bytes represent the Oxide OUI). This is going away for the demo as I'm making SNAT optional (and this really was just a hack to work around my home router).
Conflicts: common/Cargo.toml nexus/src/sagas.rs sled-agent/Cargo.toml sled-agent/src/instance.rs
|
I'm going to close this, since the work was actually implemented and merged in #955. |
3 participants
This is a conversation starter for work towards #247.
I have not tested this nor even tried to compile it. I just wrote some
code on the fly to serve as a straw man for how I think Sled Agent +
OPTE interaction might look for the next demo milestone. In this
commit I only cover the registration/unregistration of the OPTE Port,
which is what overlays the illumos VNIC. Once again, this is messy and
stream of conciousness. Just wanna get the juices flowing in terms of
integration.
@smklein Hopefully this sheds some light on what I had in mind. Also, hopefully you have an idea on where we might want to put calls to add/remove firewall rules.
TODOs
Are VLANs on the scene in the lab demo env? If so need to add that support to OPTE (mostly make sure it does parse it as a normal ethernet header)