CloudStack + SDN

24,011 views
24,015 views

Published on

CloudStack comes with a built-in SDN controller. One way of implementing SDN is to build overlay networks in the Data Center. This slideshow explains how CloudStack builds and maintains GRE tunnel overlays to provide scalable multi-tenant networking for cloud deployments

Published in: Technology, Education
0 Comments
50 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
24,011
On SlideShare
0
From Embeds
0
Number of Embeds
13,452
Actions
Shares
0
Downloads
0
Comments
0
Likes
50
Embeds 0
No embeds

No notes for slide

CloudStack + SDN

  1. 1. SDN & CloudStackChiradeep Salvatore@Chiradeep @ taturielloApril, 2012
  2. 2. Outline• CloudStack Cloud Architecture• VLAN Limitations• SDN & Overlay Networks ○ Deploy Virtual Machines ○ Create Overlay Layer-2 Network ○ Flow programming• Benefits
  3. 3. CloudStack Cloud Architecture Internet  Hypervisor is the basic unit of scale. CloudStack Management Server  Cluster consists of one ore more hosts ofZone 1 same hypervisor L3 core  All hosts in cluster have access to shared (primary) storagePod 1 Access Layer Pod N  Pod is one or more clusters, usually with Secondary L2 switches. …. Storage Cluster N  Availability Zone has one or more pods, has access to secondary storage. ….  One or more zones represent cloud Cluster 1 Host 1 Primary Storage Host 2
  4. 4. VLAN Limitations• Multi-tenancy ○ Tenants are isolated by assigning separate VLANs ○ Tenant can own multiple VLANs. E.g., multi-tier application• Limitations ○ 4K VLANs maximum ○ VLANs span across the zone (datacenter) ○ All switches are configured with all VLANs ○ See multicast, broadcast traffic even if no associated VM ○ Traffic tromboning across the zone for east-west traffic Limit few hundred tenants per zone
  5. 5. Deploy Virtual Machines  User requests for isolated layer- CS Management Server 2 network  CS follows lazy create model and stores the request in DB until VM deployment Create Network A Create DB Entry P I MySQL DB
  6. 6. Deploy Virtual Machines  User requests for isolated layer- 2 network Deployment Planner  CS follows lazy create model Pass VM resource and stores the request in DB requirements until VM deployment Deploy VMs Determines hosts A (vm1, vm2, vm3) P to deploy VMs vm1  Host1  User deploys VMs with specific I vm2  Host2 resource requirements vm3  Host4  CS Deployment Planner determines the ideal hosts to place the VMs based on the MySQL DB resource requirements
  7. 7. Deploy Virtual Machines  User requests for isolated layer- 2 network  CS follows lazy create modelHost 1 Host 3 and stores the request in DB until VM deployment VM 1  User deploys VMs with specific resource requirements  CS Deployment Planner determines the ideal hosts toHost 2 Host 4 place the VMs based on the VM VM resource requirements 2 3 VR  Place VMs on appropriate hosts
  8. 8. Create Overlay L2 Networks  Create Full Mesh of GRE tunnels CloudStack SDN (if they dont already exist) Controller between hosts on which VMs are deployed Host 1 (Pod 2) Host 3 (Pod 3) VM OVS  CloudStack SDN controller 1 programs the Open vSwitch (OVS) on XenServer to configureGRE Tunnel GRE tunnels Host 2 (Pod 4) Host 4 (Pod 2) OVS OVS VM VM 2 3 VRGRE Tunnel GRE Tunnel
  9. 9. Create Overlay L2 Networks  Create Full Mesh of GRE tunnels (if they dont already exist)Tenant1 between hosts on which VMsTenant2 are deployed Host 1 Host 3 VM VM VM  CloudStack SDN controller 1 1 3 VR programs the Open vSwitch (OVS) on XenServer to configure GRE Tunnel GRE tunnels  Assign Tenant key to the customer that allows traffic Host 2 Host 4 isolation from other tenants VM VM VM VR 2 2 3  New customers can share the established GRE tunnels withGRE Tunnel GRE Tunnel separate tenant keys
  10. 10. Overlay Networks Cross Layer-3 BoundaryDatacenter1 / Zone1 Datacenter2 / Zone2 Host 3 Host 3 Host 1 Host 1 VM VM 4 1 Host 2 Host 4 Host 2 Host 4 VM VM VM 2 3 VR 5 GRE Tunnels (overlay L2 networks) can cross L3 (core) routers. This allows customers to seamlessly access resources across different datacenters
  11. 11. Flow Programming to Prevent Broadcast Storms  CloudStack controller programs CS MS SDN OVS to prevent packet loops Controller and broadcast stormsHost 1 Host 3 OVS OVS VM VM 1 4Host 2 OVS OVS Host 4 VM VM 2 3 VR
  12. 12. Flow Programming to Prevent Broadcast Storms  CloudStack controller programs OVS to prevent packet loops and broadcast stormsHost 1 Host 3  VM sends a broadcast packet. VM VM Its sent out via all the GRE 1 4 tunnel interfaces  Hypervisors receive the broadcast packets and transmit them to appropriate VMs. But, these packets are notHost 2 Host 4 transmitted back onto GRE tunnel interfaces VM VM 2 3 VR
  13. 13. CloudStack SDN Controller is Proactive  Controller is complete topology aware and pre-programs all CloudStack flow rules SDN Controller  No delay for new flows Program flow rules  Highly scalable Host 1 New flow1 VM 1 OVS  OVS is fully functional even in the event of failure
  14. 14. Overlay L2 Networks & Network Services NW Services • DNS & DHCP • NAT • LB • VPNTenant2 Public Network Host 1 Host 3 VM VM VR 1 3 CloudStack Virtual Router supports variety of GRE Tunnel Network Services Host 2 Host 4 VM 2GRE Tunnel GRE Tunnel
  15. 15. Benefits• Unlimited Scalability ○ Only one GRE tunnel between any pair of hosts. Order N scaling of GRE tunnels w.r.t hosts in the cloud ○ Tenant key is 32 bits. Can scale up to (2^32 - 1) tenants• Tunnels can extend to multiple datacenters across core (L3) routers ○ Seamless communication between resources across datacenters in the cloud• Avoid traffic trombooning
  16. 16. Future• Support for security groups• Optimize ARP & DHCP responses• Use Openflow to program OVS• Integrate with 3rd party SDN controllers• AWS VPC semantics 16

×