Service Function Chain (SFC) Controller for stitching virtual and physical networking
Switch branches/tags
Nothing to show
Clone or download
Failed to load latest commit information.
docker Merge pull request #24 from stanislav-chlebec/arm64_2 Oct 3, 2018
docs Merge pull request #8 from niki-1905/patch-1 Oct 30, 2018
etcd initial commit ... copy files to ligato from internal repo Oct 5, 2017
kafka initial commit ... copy files to ligato from internal repo Oct 5, 2017
plugins inadvertently disabled the renderer at startup Nov 7, 2018
scripts fixed some golint and govet errors Oct 24, 2017
tests dep ensure ... test folder causing some issues May 15, 2018
topologies more fixes for l3 Oct 30, 2018
vendor Sfc non flavor (#18) Aug 22, 2018
yaml more fixes for l3 Oct 30, 2018
.gitignore new sturcture based on v2 ... needs work but readying for crd plugin Apr 24, 2018
.travis.yml Add yamllint to our travis-ci runs (#19) Sep 10, 2018
.yamllint.yml Add yamllint to our travis-ci runs (#19) Sep 10, 2018 initial commit ... copy files to ligato from internal repo Oct 5, 2017 initial commit ... copy files to ligato from internal repo Oct 5, 2017 initial commit ... copy files to ligato from internal repo Oct 5, 2017
Gopkg.lock Sfc non flavor (#18) Aug 22, 2018
Gopkg.toml Sfc non flavor (#18) Aug 22, 2018
LICENSE Initial commit Oct 4, 2017
Makefile Add missing LDFLAGS for install target Nov 7, 2018 Merge branch 'master' of Oct 30, 2018 Cleanup build scripts and Dockerfile (#20) Sep 24, 2018
sfc.conf forgot to submit the generated proto code Oct 31, 2018
sfc_controller.go look for existing node l2bd in current txn then in sys cache Sep 6, 2018

SFC Controller

Build Status Coverage Status Go Report Card GoDoc GitHub license

Please note that the content of this repository is currently WORK IN PROGRESS.

The SFC Controller is a Golang implementation of an orchestration module for providing data-plane connectivity for cloud native containers. The containers may be Ligato VPP-agent enabled containers which in turn use VPP based cloud-native Virtual Network Functions (VNFs) or the containers may be application containers communicating via veth interfaces. The VPP Agent is built on top of the CN-Infra platform for developing cloud-native Virtual Network Functions (VNFs).

The SFC Controller supports a wide variety of topologies. The controller can effect connectivity for containers on-host, inter-host and host to external router.


The SFC Controller system architecture is shown in the following figure:

SFC System

The architecture has the following components:

  • SFC Controller: can be deployed in its own container and is responsible for managing the data plane connectivity for a set of hosts, external routers and, of course, the containers. A model of the hosts, external routers, and chains or sets of containers is given to the SFC controller either through a yaml config file or via REST api calls.
  • etcd: the communication of the configuration is done via ETCD. Each VPP agent enabled container in the system is responsible for reading its branch of the ETCD tree. For non-VPP containers, the VSwitch VPP will perform the programming of the veth interfaces. All of the configuration in the ETCD tree for data-plane connectivity is written to by the SFC controller.
  • VSwitch VPP container: there is one of these per host. This is a special container that the SFC Controller uses to wire the containers together, and to wire the containers to external routers and other SFC Controller controlled hosts.
  • VPP agent containers: these containers are VPP enabled and have a Ligato VPP-agent which controls the VPP in the container. VNF's are developed as extensions to VPP.
  • non-VPP containers: these are application containers which communicate with other containers or externally via veth interfaces. The VSwitch VPP creates the veth interfaces.

SFC Topologies

The SFC Controller supports the following topologies:

SFC Topolgies

The controller is responsible for supporting connectivity between hosts, between hosts and external routers, and between vnfs. The traffic can be l2, or l3. The inter vnf traffic can be intra-host, or inter-host.

See here for the current set of supported topologies. See the ContivVPP for a description of its policies.


Note: For ARM64 please go here..

For a quick start with the sfc-controller, you can use pre-built Docker images with the Agent and VPP on Dockerhub.

  1. Start ETCD on your host (e.g. in Docker as described here). Note: The SFC Controller in the pre-built Docker image will not start if it can't connect to Etcd.

  2. Run the controller in a Docker image:

docker pull ligato/sfc-controller
docker run -it --name sfc-contoller --rm ligato/sfc-controller


GoDoc can be browsed online.

Next Steps

Read the README for the Development Docker Image for more details.


K8s integration


If you are interested in contributing, please see the contribution guidelines.