Overview

The purpose of this document is to guide the user in deploying 6WIND HNA in a BGP EVPN use-case.

In this scenario, the HNA, running as a Kubernetes pod, will extend the Network Fabric up to Kubernetes nodes, and will provide a network connectivity to CNF containers or VM with good performance and flexibility, avoiding the use of SR-IOV.

_images/hna-evpn-overview.svg

Overview of the HNA EVPN Scenario.

This deployment guide shows how to connect at Ethernet level and isolate each CNF of a specific tenant. This is implemented by an Ethernet bridge for traffic that is local to a Kubernetes node, or through a VXLAN tunnel for inter-nodes traffic.

_images/hna-traffic.svg

Example of network traffic in the HNA EVPN Scenario.

The tenant properties are described in CRDs:

  • the list of networks for this tenant

  • the stateful filtering rules to be applied

  • the networks from another tenant that are reachable from this tenant

The network connection between the HNA and the CNF is either a veth interface (for CNF Pods using the Linux network stack) or a virtio-user if the CNF supports it (Virtual Service Router for instance).