KV Scheduler plugin
More in: KVScheduler plugin
The KV Scheduler is the first step in any VPP or Linux related data processing. It validates the existence of the configuration item dependencies, handles local caching and performs retries if possible or allowed by the underlying plugin. The KV Scheduler does not operate with data directly (i.e. does not call any VPP binary API); it only determines what operations are needed to achieve the desired result.
vpp-gent core VPP plugins (e.g. plugins which are always required when working with VPP). Plugin list:
- GoVPP Multiplexer
- Interface plugin
- L2 plugin
- L3 plugin
- Access Control List (ACL)
- ACL-based forwarding (ABF)
- IPSec plugin
- NAT plugin
- Punt plugin
- STN plugin
- Telemetry plugin
More in: GoVPPMux plugin
The GoVPP mux plugin is the vpp-agent’s wrapper around the GoVPP and provides access to the VPP. Every plugin can interact with the VPP using the GoVPP mux. It provides an independent communication channel to the VPP instance. The communication is done via shared memory segment prefix, and the plugin also supports custom prefixes to connect to the correct VPP instance in multi-VPP environment.
More in: Interface plugin
Create various types of interfaces (e.g. DPDK, MEMIF, TAP …) in VPP. It can also configure base fields (IP address, MAC address, etc.) as well as more advanced features such as unnumbered interfaces or RX-mode.
More in: l2-plugin
Setup link-layer configuration items such as bridge domains, forwarding tables (FIBs) and VPP cross connects. Dependent on interface plugin.
More in: l3-plugin
Configure ARP entries (including proxy ARP), VPP routes and the IP scan neighbor feature. The L3 plugin is dependent on the interface plugin.
More in: ACL plugin
Handles VPP access control lists. If rules defined in the access list are met by the incoming traffic, the configured action is applied to the packets.
ACL-based forwarding (ABF) plugin
Implementation of the ACL-based forwarding feature. Performs policy-based routing (PBR) where forwarding is done based on ACL matches rather than destination address prefix.
More in: IPSec plugin
Allows one to configure security policy databases (SPD) and security associations (SA) in VPP. It also handles relationships between the SPD and SA or between SPD and an assigned interface.
IPSec tunnel interfaces are not part of the IPSec plugin. Their configuration is handled by the VPP interface plugin).
More in: NAT-plugin[nat-plugins]
Network address translation, or NAT is a method for translating one IP address into another by modifying (rewriting) packet headers. The vpp-agent NAT plugin is a
control plane plugin for the VPP NAT dataplane implementation of NAT44. Can also DNAT44 (with load balancing useful in K8s network clusters. The NAT plugin is dependent on the interface plugin.
More in: punt-plugin
Provides access to the VPP punt feature, where incoming VPP traffic matching a set pre-defined rules is ‘punted’ or redirected to the host stack or socket.
More in: telemetry plugin
Collects telemetry statistics from VPP for export to external monitoring and management tools.
Implementation of the
control plane for the VPP STN (Steal the NIC) feature
This section describes the vpp-agent’s Linux plugins used to configure the host OS. These plugins can be used as they are, or together with VPP plugins.
- Linux interface plugin
- Linux L3 plugin
- IP-tables plugin
- Namespace plugin
Linux Interface plugin
More in: Linux Interface plugin
Processes Linux interfaces related to the adjacent VPP configuration (VEth, TAPv2). Virtual Ethernet interfaces can be created by the vpp-agent.
Linux L3 plugin
More in: Linux L3 plugin
Configure Linux routes and ARPs.
More in: Linux iptables plugin
Implementation of the Linux IPtables feature.
More in: Namespace plugin
Helper plugin tied in with the Linux interface/l3 plugins. It manages namespaces in terms of Linux (named namespace) or as a microservice in container-based environment.
vpp-agent connection plugins enable external data read or write without the use of a data store.
- REST plugin
- GRPC plugin
More in: REST plugin
REST API support including security.
More in: GRPC plugin
Provides base GRPC support for the vpp-agent for handling GRPC requests.
This section describes the vpp-agent database plugins.
- Datasync abstraction plugin
- Data Broker plugin
More in: Datasync plugin
defines the interfaces for the abstraction of data synchronization between app plugins and different backend data sources.
Data Broker plugin
More in: Data Broker plugin
data broker abstraction.
More in: etcd plugin
Provides access to an etcd key-value data store.
More in: Redis plugin
Provides access to an Redis key-value data store.
More in: Consul plugin
Provides access to a consul key-value data store.
More in: Bolt plugin
Provides access to a Bolt key-value data store.
More in: Cassandra
Provides access to a Cassandra MYSQL data store.
More in: FileDB plugin
Uses the OS file system as a key-value data store.
Discusses the Ligato infra plugins.
- Status Check
- Index Map plugin
- Log Manager
- Process Manager
- Service Label plugin
In a scenario where a single vpp-agent instance receives configuration data from multiple sources (KV data store, GRPC, etc), the orchestrator plugin synchronizes retrieved data and resolve conflicts from individual sources. Data-processing plugins then see the data as coming from a single source.
More in: Status Check plugin
Monitors the status of a Ligato infra app by collecting and aggregating partial status of vpp-agent plugins.
Index Map plugin
More in: Index Map plugin
Provides an enhanced mapping structure.
More in: Log Manager plugin
View and modify log levels of loggers using a REST API.
More in: Messaging/Kafka plugin
Provides single purpose clients for publishing synchronous/asynchronous messages and for consuming selected topics.
More in: Process Manager plugin
Set of methods to create a process instance to manage and monitor plugins.
Service Label plugin
More in: Service Label plugin
Other plugins can use this to obtain the microservice label, more specifically the string used to identify a particular VPP instance.