Run Open Virtual Network (OVN) in Ubuntu

Open Virtual Network (OVN) is an open-source system which supports rich virtual network abstractions. The main targets of OVN are the cloud management systems (CMS) like Openstack. Suppose you are a cloud administrator. With OVN, you can spawn multiple VMs in a datacenter and create a logical network to connect these VMs. In this logical network, each VM has its MAC and IP addresses. You can freely decide your network topology by adding logical switches and routers. Note that these configurations are all done in software through OVN. You can change your network deployment without rewiring physical boxes.

Normally, OVN is deployed in multiple hypervisors to connect VMs. In this post, I will give a tutorial on how to run and test OVN in a single physical machine. In OVN’s terminology, hypervisor is called chassis. I will use Ubuntu VM to simulate chassis so a cluster of machines is not needed to try OVN. In this deployment, I will use two chassis. Each chassis is represented as an VM. Before you start, please create two Ubuntu 16.04 VMs and make sure the two VMs can ping each other.

Install and start OVN

In VM1, type:

sudo apt-get install openvswitch-common openvswitch-switch \
ovn-common ovn-host ovn-central

In VM2, type:

sudo apt-get install openvswitch-common openvswitch-switch \
ovn-common ovn-host

VM1 hosts OVN’s global configuration databases–northbound database and southbound database. An ovn-controller and an Open vSwitch (OVS) instance run in both VM1 and VM2.

Set up logical network

In VM1, tell OVN southbound database to accept TCP connections from ovn-controllers:

ovn-sbctl set-connection ptcp:6642

Create logical switch and ports:

ovn-nbctl ls-add sw
ovn-nbctl lsp-add sw sp1
ovn-nbctl lsp-set-addresses sp1 “00:00:00:00:00:01 10.0.0.1”
ovn-nbctl lsp-add sw sp2
ovn-nbctl lsp-set-addresses sp2 “00:00:00:00:00:02 10.0.0.2”

A logical switch “sw” and two logical ports–”sp1″ and “sp2″–are created. Logical MAC and IP addresses are assigned to each logical port.

Set up Chassis1 (VM1)

In VM1, first configure ovn-controller:

ovs-vsctl set open_vswitch . external_ids:ovn-remote=”tcp:<VM1_IP>:6642″ \
external_ids:ovn-encap-ip= <VM1_IP> \
external_ids:ovn-encap-type=”geneve” \
external_ids:system-id=”vm1″

“ovn-remote” is set as the physical IP address of the machine with southbound database (VM1’s IP). “ovn-encap-ip” is set as the physical IP address of the local chassis (VM1’s IP).

Bind logical port with OVS port:

ip link add sp1_l type veth peer name sp1_r
ovs-vsctl add-port br-int sp1_l
ovs-vsctl set interface sp1_l external_ids:iface-id=sp1
ip link set sp1_l up
ip netns add sp1
ip link set sp1_r netns sp1
ip netns exec sp1 ip link set sp1_r up
ip netns exec sp1 ip addr add 10.0.0.1/24 dev sp1_r
ip netns exec sp1 ip link set dev sp1_r address 00:00:00:00:00:01

A pair of Linux virtual ethernet interfaces–”sp1_l” and “sp1_r”–was created. “sp1_l” was added to the OVS integration bridge–”br-int”–and was binded with the OVN logical switch port “sp1” by setting “iface-id”. The other virtual ethernet interface sp1_r was added to a Linux network namespace, and assigned the logical MAC and IP addresses.

Set up Chassis2 (VM2)

The configuration in VM2 is very similar to VM1.

First configure ovn-controller:

ovs-vsctl set open_vswitch . external_ids:ovn-remote=”tcp:<VM1_IP>:6642″ \
external_ids:ovn-encap-ip= <VM2_IP> \
external_ids:ovn-encap-type=”geneve” \
external_ids:system-id=”vm2″

Bind logical port with OVS port:

ip link add sp2_l type veth peer name sp2_r
ovs-vsctl add-port br-int sp2_l
ovs-vsctl set interface sp2_l external_ids:iface-id=sp2
ip link set sp2_l up
ip netns add sp2
ip link set sp2_r netns sp2
ip netns exec sp2 ip link set sp2_r up
ip netns exec sp2 ip addr add 10.0.0.2/24 dev sp2_r
ip netns exec sp2 ip link set dev sp2_r address 00:00:00:00:00:02

Test OVN

Now try to ping logical port sp2 from logical port sp1. In VM1, type:

ip netns exec sp1 ping 10.0.0.2

If your setup is correct, you will see that sp1’s ICMP packets can be received by sp2.

Further reading:
OVN’s architecture

Leave a Reply

Your email address will not be published. Required fields are marked *