SDN Controller

SDN Controller is available in XOA 5.36.0 and higher

The SDN Controller enables a user to create pool-wide and cross-pool (since XOA 5.38.0) private networks.

How does it work?

In the network creation view:

Select a pool
Select Private network
Select an interface on which to create the network's tunnels
Select the encapsulation: a choice is offered between GRE and VxLAN, if VxLAN is chosen, then port 4789 must be open for UDP traffic on all the network's hosts (see the requirements)
Choose if the network should be encrypted or not (see the requirements to use encryption)
Select other pools to add them to the network if desired
- For each added pool: select an interface on which to create the tunnels
Create the network
Have fun! ☺

NB:

All hosts in a private network must be able to reach the other hosts' management interface.

The term ‘management interface’ is used to indicate the IP-enabled NIC that carries the management traffic.
Only 1 encrypted GRE network and 1 encrypted VxLAN network per pool can exist at a time due to Open vSwitch limitation.

Like all other xo-server plugins, it can be configured directly via the web interface, see the plugin documentation.

The plugin's configuration contains:

cert-dir: The path where the plugin will look for the certificates to create SSL connections with the hosts. If none is provided, the plugin will create its own self-signed certificates.
override-certs: Enable to uninstall the existing SDN controller CA certificate in order to replace it with the plugin's one.

On XCP-ng prior to 7.6:
- To be able to use VxLAN, the following line needs to be added, if not already present, in /etc/sysconfig/iptables of all the hosts where VxLAN is wanted: -A xapi-INPUT -p udp -m conntrack --ctstate NEW -m udp --dport 4789 -j ACCEPT

Encryption is not available prior to 8.0.