EWAN config agent is the controller of Sdewan(a CRD) instance. When a Sdewan instance is created, the agent creates the pod running OpenWRT. The OpenWRT could be a sdwan, an ipsec tunnel or a firewall, depends on the rules applied to the openwrt instand.
CRDs
Sdewan CRD depends on some CRDs. So we list the related CRDs here.
Name | Kind | Component |
---|---|---|
networks | Network | ovn4nfv-k8s-plugin |
providernetworks | ProviderNetwork | ovn4nfv-k8s-plugin |
network-attachment-definitions | NetworkAttachmentDefinition | multus |
new CRDs in EWAN will be like the below samples.
Sdewan CRD
apiVersion: sdwan.akraino.org/v1alpha1 kind: Sdewan metadata: name: example-sdwan spec: node: node1 networks: - ovn-net1 - ovn-net2 mwan3Rule: example1-rule
Mwan3Rule
apiVersion: mwan.akraino.org/v1alpha1 kind: Mwan3Rule metadata: name: example1-rule spec: policy: balance1: - ovn-net1: weight: 2 metric: 2 - ovn-net2: weight: 3 metric: 3 rule: - name: 'https' policy: balance1 dest_ip: 0.0.0.0/0 dest_port: 443 - name: 'http' policy: balance1 dest_ip: 0.0.0.0/0 dest_port: 80
The controller behave
- Monitor Sdwan instance and SdwanRule instance
- When SdwanRule instance created/update:
- If this SdwanRule instance is used by any Sdwan instance, then apply the rule to related Sdwan instance by calling api
- When SdwanRule instance deleted:
- If this SdwanRule instance is used by any Sdwan instance, prevent the delete action
- When Sdwan instance created/updated:
- If the rule specified doesn't exist, prevent the create/update action
- Creates sdwan deployment/pod if it does not exist
- Apply the rules if the rule changes
- When Sdwan instance deleted:
- Delete the deployment/pod