tap as a service 分析

TaasPlugin(继承taas_db.Tass_db_Mixin)
->调用TaasAgentApi

create_tap_service(self, context, tap_service)
从tap_service中获取租户ID和PortID
t_s = tap_service['tap_service']
port_id = t_s['port_id']

根据portID获取port详细信息，这里的port应该是指镜像端口？
port = self._get_port_details(context, port_id)
#获取端口绑定的VMIP
host = port['binding:host_id']

判断port所属租户是否为当前租户，如果不是返回、
调用基类的create_tap_service方法，
1.在DB中保存新建的TapService对象
2.创建TapIdAssociation对象，将tap和service绑定
返回json格式数据；
ts = {'id': tap_service['id'],
  'tenant_id': tap_service['tenant_id'],
  'name': tap_service['name'],
  'description': tap_service['description'],
  'port_id': tap_service['port_id'],
  'network_id': tap_service['network_id']
}
构造rpc消息
rpc_msg={
'tap_service': ts, 
'taas_id': taas_vlan_id, 
'port': port
}

通过rpc client，将发送“create_tap_service”消息发送到镜像端口所在host上的agent

TaasAgentApi::create_tap_service(context, rpc_msg, host)

1. tap-br
 table 0


 flow1: priority 1 in_port = patch-tap-int, actions: resummit TAAS_RECV_LOC(1)
 flow2: priority 1 in_port = patch-tap-tun, actions: resummit TAAS_RECV_REM(2) 
 flow3: priority 0 drop
 
table  TAAS_RECV_LOC(1)
flow1  priority 0   actions: out_put=patch-tap-tun
 
 
 
table  TAAS_RECV_REM(2)
flow1  priority 0   actions: drop






2. tun-br
 table 0  
 flow1: priority 1 in_port=patch_tun_tap, actions: resummit TAAS_SEND_UCAST(30)
 
 table TAAS_SEND_UCAST(30)
 flow1: priority=0  actions: resummit TAAS_SEND_FLOOD(31)
 
 table TAAS_SEND_FLOOD(31)
 flow1: priority=0 actions: move:NXM_OF_VLAN_TCI[0..11]->NXM_NX_TUN_ID[0..11],mod_vlan_vid:1,output: br-tun网桥中其他port(patch-in,patch-tun-tap)
 
 table TAAS_CLASSIFY(35)
 flow1: priority=2 reg0=0 actions: resubmit TAAS_DST_CHECK(36)
 flow2: priority=1 reg0=1 actions: resubmit TAAS_DST_CHECK(36)
 flow3: priority=2 reg0=2 actions: resubmit TAAS_SRC_CHECK(37)
 
 table TAAS_DST_CHECK(36)
 flow1: priority=0 actions: drop
 
 table TAAS_SRC_CHECK(37)
 flow1: priority=0 actions: drop
 
 table TAAS_DST_RESPOND(38)
 flow1：priority=2 reg0=0 actions: output:patch_tun_tap
 flow2: priority=1 reg0=1 actions: output:patch_tun_tap, move:NXM_OF_VLAN_TCI[0..11]->NXM_NX_TUN_ID[0..11],mod_vlan_vid:2,output:in_port


 table TAAS_SRC_RESPOND(39)
 flow1：priority=1 actions：learn(table=30,hard_timeout=60,priority=1,NXM_OF_VLAN_TCI[0..11],load:NXM_OF_VLAN_TCI[0..11]->NXM_NX_TUN_ID[0..11],load:0->NXM_OF_VLAN_TCI[0..11],output:NXM_OF_IN_PORT[])
 
 
 
 create service
 
1. br-int


  table0
  #从patch_int_tap口过来的vlanid=taas_id 的镜像报文，一律打上镜像端口的VLANID后送给镜像端口
  flow:  priority=25  in_port=patch_int_tap, dl_vlan=taas_id, actions: mod_vlan_vid:port_vlan_id ,output:ovs_port_id 
 
2. br-tap
  table  TAAS_RECV_LOC(1)
  #从 patch-tap-int口进来的，vlanID为taas_id的镜像报文，从接收端口在返回去
  flow:  priority=1 dl_vlan=taas_id, actions： out_put:in_port
  
  table  TAAS_RECV_REM(2)
  #从patch-tap-tun口过来的vlanID为taas_id镜像报文，发往patch_tap_int
  flow:  priority=1 dl_vlan=taas_id, actions： out_put:patch_tap_int


3. br-tun
   table GRE_TUN_TO_LV(3)
   flow : priority=1  tun_id=taas_id, actions: move:NXM_OF_VLAN_TCI[0..11]->NXM_NX_REG0[0..11],move:NXM_NX_TUN_ID[0..11]->NXM_OF_VLAN_TCI[0..11],resubmit(,TAAS_CLASSIFY(35))
   
   table VXLAN_TUN_TO_LV(4)
   flow : priority=1  tun_id=taas_id, actions: move:NXM_OF_VLAN_TCI[0..11]->NXM_NX_REG0[0..11],move:NXM_NX_TUN_ID[0..11]->NXM_OF_VLAN_TCI[0..11],resubmit(,TAAS_CLASSIFY(35))   
   
   table GENEVE_TUN_TO_LV(6)     
   flow : priority=1  tun_id=taas_id, actions: move:NXM_OF_VLAN_TCI[0..11]->NXM_NX_REG0[0..11],move:NXM_NX_TUN_ID[0..11]->NXM_OF_VLAN_TCI[0..11],resubmit(,TAAS_CLASSIFY(35))      
   
   table TAAS_DST_CHECK(36)
   flow : priority=1 tun_id=taas_id, actions: resubmit(,TAAS_DST_RESPOND(38))


4. 禁用linux的qbr网桥的mac地址学习功能




create flow
1. br-int
  table 0
  #所有被镜像端口发出的报文，1).正常转发 2).打上VLAN taas_id，送到patch-int-tap
  flow1: priority=20 in_port=ovs_port_id, actions: normal,mod_vlan_vid:taas_id,output:patch_int_tap


  #所有发往被镜像端口的报文，1).正常转发 2).打上VLAN taas_id，送到patch-int-tap  
  flow2: priority=20 dl_vlan=port_vlan_id dl_dst=port_mac, actions:  normal,mod_vlan_vid:taas_id,output:patch_int_tap
  
  #所有被镜像端口所属net的网络广播报文，1).正常转发 2).打上VLAN taas_id，送到patch-int-tap 
  flow3: priority=20 dl_vlan=port_vlan_id dl_dst="01:00:00:00:00:00/01:00:00:00:00:00", actions: normal, ,mod_vlan_vid:taas_id,output:patch_int_tap_id
  
2. br-tun
   table GRE_TUN_TO_LV(3)
   flow : priority=1  tun_id=taas_id, actions: move:NXM_OF_VLAN_TCI[0..11]->NXM_NX_REG0[0..11],move:NXM_NX_TUN_ID[0..11]->NXM_OF_VLAN_TCI[0..11],resubmit(,TAAS_CLASSIFY(35))
   
   table VXLAN_TUN_TO_LV(4)
   flow : priority=1  tun_id=taas_id, actions: move:NXM_OF_VLAN_TCI[0..11]->NXM_NX_REG0[0..11],move:NXM_NX_TUN_ID[0..11]->NXM_OF_VLAN_TCI[0..11],resubmit(,TAAS_CLASSIFY(35))   
   
   table GENEVE_TUN_TO_LV(6)     
   flow : priority=1  tun_id=taas_id, actions: move:NXM_OF_VLAN_TCI[0..11]->NXM_NX_REG0[0..11],move:NXM_NX_TUN_ID[0..11]->NXM_OF_VLAN_TCI[0..11],resubmit(,TAAS_CLASSIFY(35))      
   
   table TAAS_SRC_CHECK(37)
   flow : priority=1 tun_id=taas_id, actions: resubmit(,TAAS_SRC_RESPOND(39))