OpenStack meet iNaaS SDN Controller

1. OpenStack meet iNaaS SDN Controller
iNaaS : SDN Controller for virtual network
OpenStack과 SDN Controller 연동을 위한 삽질 기행기
SDN Research Section, ETRI
Yongyoon SHIN

2. 함께 이야기 해 봅시다
• OpenStack Neutron
• OpenStack ml2
– Write own mechanism driver
– Using DevStack
• SDN
– iNaaS : The SDN Controller for virtual network
– Value
• Demo

3. OpenStack ml2 plugin
• Ml2 plugin : Types + Mechanisms
• Type : typically network type (gre/vlan/vxlan)
• Mechanism : network implement (vender specific)
Core plugin (ML2)
Type Manager Mechanism Manager
Type Driver Mechanism Driver
GRE VLAN VXLAN…
Linux
Bridge
OVS ODL iNaaS…
HERE!!

4. Mechanism 드라이버를 어떻게 만들죠?
• Ml2 plugin (neutron/plugins/ml2/plugin.py)
…
self.mechanism_manager.create_RESOURCE_precommit(mech_context)
try:
self.mechanism_manager.create_RESOURCE_postcommit(mech_context)
except ml2_exc.MechanismDriverError:
with excutils.save_and_reraise_exception():
LOG.error(_("The respective error message"))
self.delete_RESOURCE(context, result['id']) # only on create operations
return result
network /
subnet /
port

5. 나만의 mechanism 드라이버를 만들어보자
• Write mechanism driver basic
neutron/plugins/ml2/drivers/xxx.py
Ex) neutron/plugins/ml2/drivers/mech_inaas.py

6. iNaaS mechanism driver
• iNaaS mechanism driver
REST Call to iNaaS SDN Controller

7. Mechanism 드라이버가 동작하기 위해서…
• Editing ml2_conf.ini file
• File location
– /etc/neutron/plugins/ml2/ml2_conf.ini
• Edit
– tenant_network_type
– mechanism_drivers
– REST address

8. Edit ml2_conf.ini
Control Node
Network/Compute Node

9. 이제 서비스를 해볼까?
나 : “아싸~~ 완성~~ git에다가 올리고~~ 룰루~~”
A모 서브팀장 : “이거 안 돌아가는데???”
B모 서브팀장 : “우리는 잘 돌아가는데???”
이유는…
A 서브팀에서는 DevStack을 사용하더라…

10. DevStack
• Where is ml2 mechanism driver??
– /opt/stack/neutron/neutron/plugins/ml2/drivers/
• Where is ml2_conf.ini??
– /etc/neutron/plugins/ml2/ -> don’t
– must edit setup.cfg -> /opt/stack/neutron/
• How can I start DevStack??
– Edit local.conf : /stack/
– stack.sh

11. DevStack을 활용한 설정
• Edit setup.cfg
…
[files]
etc/neutron/plugins/ml2 =
…
etc/neutron/plugins/ml2/ml2_conf_inaas.ini
…
…
[entry_point]
…
neutron.ml2.mechanism_drivers =
…
inaas = neutron.plugins.ml2.drivers.mech_inaas:iNaaSMechanismDriver
…

12. [[local|localrc]]
…
Q_PLUGIN=ml2
Q_AGENT=openvswitch
Q_ML2_PLUGIN_MECHANISM_DRIVERS=inaas
Q_ML2_TENANT_NETWORK_TYPE=vxlan
Q_ML2_PLUGIN_TYPE_DRIVERS=vxlan
Q_ML2_PLUGIN_VXLAN_TYPE_OPTIONS=(vni_ranges=1001:2000)
Q_AGENT_EXTRA_AGENT_OPTS=(tunnel_types=vxlan vxlan_udp_port=4789)
…
[[post-config|/etc/neutron/plugins/ml2/ml2_conf.ini]]
[agent]
minimize_polling=True
[ml2_inaas]
url=http://192.168.56.15:8080/wm/ml2
username=admin
password=password
DevStack을 활용한 설정
• local.conf

13. DevStack에서 mechanism driver는?
• Location :
/opt/stack/neutron/neutron/plugins/ml2/drivers
• DevStack START!!!
– stack.sh

14. What is SDN
• 쉽게 말하자면… 소프트웨어를 통해 구성된 네트워크

15. iNaaS
• Based OpenIRIS SDN Controller
(https://github.com/bjlee72/IRIS)
• iNaaS : OpenIRIS Network as a Service
(https://github.com/uni2u/iNaaS)
• Network virtualization solutions for cloud environments
• Providing policy-based NaaS
• Work with OpenStack to create a virtual segment
networks(VSN) for each tenant
• Separate policy application support for each VSN

16. SDN 환경에서는 OVS도 제어할 수 있다던데
• OpenStack using OpenvSwitch
– Wow!!! OpenvSwitch support OF 1.0/1.3
– Wow!!! OpenvSwitch connect SDN Controller
– Wow!!! OpenvSwitch create tunnel network
• BUT!!!!
– OpenvSwitch using hybrid flow
• Make OpenFlow rule using OF 1.0 + 1.3
• Solutions
– Using OVSDB
– agent

17. ovsdb / agent 무엇을 사용하나?
• Ubuntu에서는 Remote로 ovs 관련 command를 100% 사용할 수 없다
– ovs-vsctl : 완벽 사용 가능
– ovs-ofctl : 사용 불가
• ovsdb를 사용하면?
– ovs는 OF 기반의 가상 스위치인데…
– 그러면 당연 SDN Controller가 제어할 수 있어야 하는데…
– 이거 되게 복잡하네???
• ovs-ofctl add flow를 사용하게 해 달라
– Agent 개발 하라는 무언의 압박

18. ovs-ofctl command

19. iNaaS Agent
• Using Java
• Install Network/Compute node
• Create tunnel network (full mash)
– Network to each compute node
• Create Flow rules to OF switch from iNaaS

20. iNaaS Function
iNaaS Server
iNaaS Manager iNaaS DB Tunnel Manager
Policy-based Virtual Forwarding
Manager
ARP Manager
Flow-to-VNID Mapper
vNet State
Manager
Policy Manager
OpenStack iNaaS Plugins
iNaaS AgentiNaaS Mechanism Driver
iCanvas
Custom Costs
Manager
Custom Path
Finder
Path Calculation
Multipath
Selection

21. iNaaS Architecture
Compute Node
Nova
Compute
Agent
…
IRIS Agent
ovs
VM VM
Network Node
DHCP Agent
l3 Agent
IRIS Agent
DHCP & l3 servicesDHCP & l3 servicesDHCP & l3 services
ovs
iCanvas/Horizon
IRIS Controller
iNaaS Server
IRIS Core
iNaaS
Manager
Policy
Manager
iNaaS
DB
Policy based Virtual
Forwarding Manager
Flow to VNID
Mapper
Tunnel
Manager
DHCP
Manager
l3
Manager
vNet State
Manager
Control Node
Nova
ovs
Neutron
REST API
RPCs
REST API

22. Our Topology
Public Network
Data Network
[OpenStack Tunnel Network]
OpenStack Management Network
iNaaS
OpenStack
Control Node
OpenStack
Network Node
OpenStack
Compute01
OpenStack
Compute02
OpenStack
Compute03
eth0 eth2
eth1
eth0
eth1
eth0 eth2
eth1
eth2
eth1
eth2
eth1
eth2
eth1
OF AP OF AP OF AP OF AP
OF SWOF SW
OpenFlow
Management
Switch
10.0.0.10 10.0.0.11 10.0.0.21 10.0.0.31 10.0.0.32 10.0.0.33
10.0.10.32 10.0.10.3310.0.10.21 10.0.10.31Public IP 10.0.20.10
10.0.20.21 10.0.20.23
10.0.20.11 10.0.20.12 10.0.20.13 10.0.20.14
OpenStack Management
Switch
Public IP Public IP

23. Network 노드와 Compute 노드의 OVS

24. OpenStack과 SDN.. 뭘 할 수 있는거지?
• Physical & Virtual Network 제어
– Virtual Network에 해당하는 Physical Network 제어
– Flow level management
• Tenant 별 네트워크 제어
– Band width, Traffic 등
– Flow path management
– Policy based network management

25. Demo

26. 앞으로 할 일들이 산더미…
• 다중 도메인 지원
– A OpenStack to B OpenStack
– Tenant to Tenant
• iNaaS HA
– Clustering
• 다음에도 불러주시면…
– 적어도 위에 2가지는 해결한 모델을…

27. Yongyoon. SHIN (SDN Research Section, ETRI)
Email: uni2u@etri.re.kr
http://uni2u.meximas.com