As we're creating a cluster of tens of KVM host nodes we've chosen openvswitch as our virtual network infrastructure.
So we need to make isolated virtual networks between VMs on demand. I've seen some designs which uses VXLAN or GRE tunnels based on a mesh. But that could lead to thousands of tunnels between host nodes.
Basically we need something like Amazon VPC in our infrastructure. Can VXLAN tunnels provide us with such a service? If yes how about the scalability issue?
Best Answer
You could solve this by running VXLAN on the hypervisor using software like FRR. That would imply that you run a full mesh BGP setup between your hypervisors, or use route reflectors. Then, you can create as many VNI's between your hypervisors which can be used as VPC's between virtual machines.
We've done this in a test setup and it seems to work, so we're planning on building our new hypervisors platforms this way using VXLAN.