Quantum services' chaining open stack havana design summit, portland 2013

1,389 views

Published on

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,389
On SlideShare
0
From Embeds
0
Number of Embeds
23
Actions
Shares
0
Downloads
39
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Quantum services' chaining open stack havana design summit, portland 2013

  1. 1. Quantum -Services Chaining & InsertionHavana Design Summit, Portland, April 2013Big Switch Networks (Sumit Naiksatam,Kanzhe Jiang, KC Wang, MandeepDhami, Mike Cohen)Mirantis (Ilya Shakhat,Eugene Nikanorov)Red Hat (Gary Kotton)Many conversationsDesign doc: https://docs.google.com/document/d/1iLzieNKxM7xip_lRidmalAhF_6-Yf1b_cePF4yeAnkQ/editSession Etherpad: https://etherpad.openstack.org/Quantum_Services_Chaining_and_Insertion
  2. 2. Motivation:● A user needs to leverage more than one networkservice in its virtual topology.● The order of services is important (a Loadbalanceris front ended by a Firewall; traffic may need to besteered to FW before hitting the LB).● How does the user request this composite service?● How does the provider support this?Network Service 1(Bump-in-the-wire)Network Service 3(Bump-in-the-wire)Network Service 2(Tap)Network Service 1(Bump-in-the-wire)Network Service 2(L3)
  3. 3. Proposal● A tenant-facing "Services Chain" abstraction thatlets the user request a composition of services.● Enhancements to existing services model tosupport chaining at the backend.NetworkService 1NetworkService 2NetworkService 3SourceNetworkDestinationNetworkServices Chain
  4. 4. Services ChainExternalNetworkFirewall (Bump-in-the-wire)Loadbalancer (L3)Web TierApp TierFirewallDB TierFirewallService Chain:[FW (BITW), LB (L3)]source: external_nwdestination: any● ordered list of serviceinstances● source_network,destination_network○ Quantum networks (ordefault "any")○ Caveats exist, e.g. aservice chain with L3service at the end ofthe chain implicitlyroutes to thedestination network
  5. 5. Services Chain TemplatesIssue:Not all services combinations will be validNot all service combinations may be supportedProposal:Provider publishes service chain templates forsupported combination of servicesA service chain template is an ordered list ofservice-types
  6. 6. Workflow0. Provider populates service chain templates (may alsoneed to bootstrap service backend, e.g. physical devices)1. User looks up supported service chain templates2. User instantiates service chain:2a. For each service in the service chain user providesconfiguration parameters2b. User commits service chain configuration3. Provider (Quantum plugin) realizes chain by stitching thetraffic flow in the order of the services in the chain
  7. 7. Resource Model
  8. 8. Services Model EnhancementsService TypesCategory: Firewall, Loadbalancer, etc.Insertion type: L3, L2, Bump-in-the-wire,TapVendor, version, other meta-infoService Implementation ContractEach service returns attachment points (e.g.list of ingress, egress Quantum ports)
  9. 9. Prototype ExperienceQuantum core plugin is the easiest place toimplement chainingPrototype branch:https://github.com/bigswitch/quantum/tree/sumit/chaining

×