Scalable virtual traffic hub interconnecting isolated networks

What is claimed is: 1. A system, comprising: one or more computing devices of a packet processing service of a provider network; wherein the one or more computing devices include instructions that upon execution on a processor cause the one or more computing devices to: in response to a programmatic request to configure a first virtual traffic hub as an intermediary for network traffic between a plurality of isolated networks, store metadata indicating (a) at least a first action implementation node assigned to the first virtual traffic hub, and (b) at least a first routing decision master node assigned to the first virtual traffic hub; propagate, to the first routing decision master node, respective sets of state information entries for a first isolated network; obtain, at the first action implementation node, a first executable action from the first routing decision master node, wherein the first executable action is to be implemented for one or more packets of a first network flow, wherein the first executable action is generated at the first routing decision master node based at least in part on the respective sets of state information entries, and wherein an indication of semantics of the first executable action is not provided to the first action implementation node; store, in a flow-indexed cache of the first action implementation node, the first executable action; cause, based at least in part on implementing the first executable action at the first routing action implementation node, contents of one or more data packets of the first network flow to be transmitted to a second isolated network. 2. The system as recited in claim 1 , wherein the instructions upon execution on a processor cause the one or more computing devices to: generate, at the first decision master node, one or more executable instructions of the first executable action using an instruction set of an in-kernel register-based virtual machine optimized for network processing. 3. The system as recited in claim 1 , wherein the first action implementation node comprises a plurality of execution engines including a first execution engine, wherein the instructions upon execution on the processor cause the one or more computing devices to: instantiate, at the first action implementation node, respective flow-indexed caches corresponding to individual ones of the execution engines; utilize, at the first action implementation engine, a deterministic mapping function to determine that a first execution engine is to assigned to process packets of the first network flow, wherein input to the deterministic mapping function comprises one or more flow identification packet headers, wherein the first executable action is stored by the first execution engine in a corresponding flow-indexed cache without acquiring a lock, and wherein, upon obtaining a data packet of the first network flow, the first execution engine performs a lookup operation in the first flow-indexed cache without acquiring a lock. 4. The system as recited in claim 1 , wherein a path to the second isolated network comprises at least a second action implementation node. 5. The system as recited in claim 1 , wherein the instructions upon execution on a processor cause the one or more computing devices to: obtain, via a programmatic interface, one or more routing information base (RIB) entries associated with an isolated network; generate, using the one or more routing information entries, one or more forwarding information base (FIB) entries; and transmit, to the first routing decision master node, the one or more forwarding information base entries, wherein the one or more forwarding base entries are included in the network state information entries. 6. A method, comprising: performing, at one or more computing devices: storing metadata indicating (a) at least a first action implementation node is assigned to a virtual traffic hub which is programmatically associated with one or more isolated networks, and (b) at least a first routing decision master node is assigned to the first virtual traffic hub; obtaining, at the first action implementation node, a representation of a first action from the first routing decision master node, wherein the first action is to be implemented for a first network flow, and wherein the first action is determined at the first routing decision master node using state information of the one or more isolated networks; causing, based at least in part on performing the first action at the first action implementation node, contents of one or more data packets received from a first isolated network to be transmitted to a second isolated network, wherein the one or more packets are part of the first network flow. 7. The method as recited in claim 6 , further comprising performing, by the one or more computing devices: in response to an attachment request received via a programmatic interface, storing metadata indicating that a first virtual network interface associated with the first isolated network has been programmatically attached to the first virtual traffic hub, wherein at least one packet of the first network flow is directed to the first action implementation node via the first virtual network interface after the programmatic attachment is completed. 8. The method as recited in claim 7 , further comprising performing, by the one or more computing devices: utilizing a poll mode driver to obtain the at least one packet via the first virtual network interface. 9. The method as recited in claim 6 , further comprising performing, by the one or more computing devices: in response to a hub linkage request received via a programmatic interface, storing metadata indicating that a path between the first virtual traffic hub and a second virtual traffic hub has been configured, wherein the second virtual traffic hub is associated with a third isolated network; and causing, based at least in part on performing a second executable action at the first action implementation node, contents of one or more data packets received from the first isolated network to be transmitted to a second action implementation node assigned to the second virtual traffic hub. 10. The method as recited in claim 6 , further comprising performing, by the one or more computing devices: obtaining, via a programmatic interface, one or more entries of one or more of: (a) a route table of the first isolated network or (b) a forwarding information base of the first isolated network; and propagating, to one or more decision master nodes of the first virtual traffic hub, including the first decision master node, the state information of the one or more isolated networks, wherein the state information comprises the one or more entries. 11. The method as recited in claim 6 , further comprising performing, by the one or more computing devices: obtaining, via one or more programmatic interactions, an indication of a first routing domain and a second routing domain associated with the first virtual traffic hub, wherein the first routing domain includes the first and second isolated networks, and wherein the second routing domain includes a third isolated network and a fourth isolated network; and transmitting contents of network packets between isolated networks of individual ones of the routing domains, without crossing routing domain boundaries. 12. The method as recited in claim 6 , wherein the first action implementation node is configured within a provider network, and wherein the first isolated network is external to the provider network. 13. The method as recited in claim 6 , wherein the representation of the first act