Please note that the content of this repository is currently WORK IN PROGRESS!
The VPP Agent is a Go implementation of a control/management plane for VPP based cloud-native Virtual Network Functions (VNFs). The VPP Agent is built on top of CN Infra, a framework for developing cloud-native VNFs (CNFs).
The VPP Agent can be used as-is as a management/control agent for VNFs based on off-the-shelf VPP (e.g. a VPP-based vswitch), or as a framework for developing management agents for VPP-based CNFs. An example of a custom VPP-based CNF is the Contiv-VPP vswitch.
Have a look at the release notes for a complete list of changes.
|has moved to v2, introducing several breaking changes
|will be used for all the future development|
Note: The branch pantheon-dev has been deprecated (v1).
|minimal image for production|
|image prepared for developers|
The image tag
latest is built from master branch and
dev tag is built from dev branch.
Run VPP + VPP Agent in a Docker container:
docker pull ligato/vpp-agent docker run -it --rm --name vpp --privileged ligato/vpp-agent
- Manage VPP agent using agentctl:
docker exec -it vpp agentctl -h
- Check the configuration (using agentctl or directly using VPP console):
docker exec -it vpp agentctl -e 172.17.0.1:2379 show docker exec -it vpp vppctl -s localhost:5002
See README of development docker image for more details.
Detailed documentation for the VPP Agent can be found at ligato.io/vpp-agent.
The VPP Agent is basically a set of VPP-specific plugins that use the CN-Infra framework to interact with other services/microservices in the cloud (e.g. a KV data store, messaging, log warehouse, etc.). The VPP Agent exposes VPP functionality to client apps via a higher-level model-driven API. Clients that consume this API may be either external (connecting to the VPP Agent via REST, gRPC API, Etcd or message bus transport), or local Apps and/or Extension plugins running on the same CN-Infra framework in the same Linux process.
The VNF Agent architecture is shown in the following figure:
Each (northbound) VPP API - L2, L3, ACL, ... - is implemented by a specific VNF Agent plugin, which translates northbound API calls/operations into (southbound) low level VPP Binary API calls. Northbound APIs are defined using protobufs, which allow for the same functionality to be accessible over multiple transport protocols (HTTP, gRPC, Etcd, ...). Plugins use the GoVPP library to interact with the VPP.
The following figure shows the VPP Agent in context of a cloud-native VNF, where the VNF's data plane is implemented using VPP/DPDK and its management/control planes are implemented using the VNF agent:
The set of plugins in the VPP Agent is as follows:
- VPP plugins - core plugins providing northbound APIs to default VPP functionality:
- ACL: - VPP Access Lists (VPP ACL plugin)
- Interfaces - VPP network interfaces (e.g. DPDK, MEMIF, AF_Packet, VXLAN, Loopback..)
- L2 - Bridge Domains, L2 cross-connects..
- L3 - IP Routes, ARPs, ProxyARPs, VRFs..
- IPSec - Security policy databases and policy associations
- Punt - punt to host (directly or via socket), IP redirect
- NAT - network address translation configuration, DNAT44
- SR - segment routing
- Linux plugins (VETH) - allows optional configuration of Linux virtual ethernet interfaces
- GoVPPmux - plugin wrapper around GoVPP. Multiplexes plugins' access to VPP on a single connection.
- RESTAPI - provides API to retrieve actual state
- KVScheduler - synchronizes the desired state described by northbound components with the actual state of the southbound.
The VPP agent repository also contains tools for building and troubleshooting of VNFs based on the VPP Agent:
- agentctl - a CLI tool that shows the state of a set of VPP agents can configure the agents
- vpp-agent-ctl (DEPRECATED) - a utility for testing VNF Agent configuration. It contains a set of pre-defined configurations that can be sent to the VPP Agent either interactively or in a script.
- docker - container-based development environment for the VPP agent and for app/extension plugins.
If you are interested in contributing, please see the contribution guidelines.