Enabling Kubernetes Network Service Proxy with VPP and DPDK
Service proxy, as a distributed load balancer on source side, is one of the most important components for K8s container networking. The original user space mode implementation is flexible but suffers …
| Talk Title | Enabling Kubernetes Network Service Proxy with VPP and DPDK |
| Speakers | Hongjun Ni (Senior Software Engineer, Intel) |
| Conference | Automotive Linux Summit & Open Source Summit Japan |
| Conf Tag | |
| Location | Tokyo, Japan |
| Date | Jun 19-22, 2018 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
Service proxy, as a distributed load balancer on source side, is one of the most important components for K8s container networking. The original user space mode implementation is flexible but suffers from poor performance. The iptables mode implementation can improve performance in some extent with the sacrifice of flexibility. This presentation will introduce a pure user space Service proxy implementation using DPDK and VPP, which shows high performance and keeps flexibility. It includes below key elements: 1) Implement a user space k8s service proxy, including load balancer, DNAT and SNAT (supports NAT44 and NAT66). 2) Connection track supports client IP based session persistence. 3) Dynamically recalculating Hash and Multithread support 4) vhost-user and memif are used to communicate between host and containers, replacing veth. 5) Integration of K8s and VPP-based Service proxy.
