Who is that guy anyway?
» Hugo Trippaers
– Mission Critical Engineer @ Schuberg Philis
– PMC @ Apache CloudStack
– Contributor @ OpenDaylight OVSDB
– Gamer @ Home
– @Spark404 @ Twitter
– Spark404 @ Freenode
– hugo @ apache.org
What i want to talk about
» What if you never heard of Apache CloudStack and/or OpenDaylight?
» Why would someone want to do an integration between ODL and ACS?
» What happens when you decide to go ahead and do it?
» A highly available, highly scalable Infrastructure as a Service (IaaS) cloud computing platform.
– Hypervisors: XenServer, KVM, VMware, Hyperv
– Networking: VLAN, VXLAN, GRE, Nicira NVP, Midokura, Stratosphere, Contrail, BigSwitch
– Storage: NFS, S3, Swift, Nexenta, NetApp
– And a lot more…
» OpenDaylight's mission is to facilitate a community-led, industry-supported open source
platform, including code and architecture, to accelerate adoption of Software-Defined
Networking and Network Functions Virtualization.
» Controller platform
– Virtual Tennant Network
– and way more..
Apache CloudStack networking
» Basic Networking
– Tenant isolation by security groups
– External Router
» Advanced Networking
– Tenant isolation by isolating the L2 broadcast domain
– Virtual Router construct for Routing, Firewalling and other services
– Virtual Private Cloud
• Multi tier construct with multiple isolated networks and a core router construct.
» As an orchestration platform, you need an eco system that you can orchestrate.
» Supporting open software defined networking solutions means wider adoption of SDN
» I hate reinventing wheels.
» It’s fun to do.
Down to business
» What is this beast called OpenDaylight
– multiple sub projects, which ones are feasible to support?
» Goal: KVM hypervisor with ODL orchestrating the overlay network
» Should be easy, where is the API exactly?
What the bleep to integrate with..
» Existing support for KVM and openVswitch already in CS.
– Easiest to go with that and have OpenDaylight orchestrate the openVswitch and the overlay
– I know OVSDB and OpenFlow, lets stick with that
OpenFlow / OVSDB
– Tells the switch what action to take on which condition.
– Manages the openvSwitch“hardware”like
ports, tunnels and switches.
Down to business
» OMG I have API docs and still no clue.
» Ouch, OVSDB is very much a work in progress.
» Guess i need to talk to a human about this…
– Brent Salisbury (@networkstatic)
– Madhu Venugopal
– And a lot of other folks at #opendaylight-ovsdb (freenode)
» At which level to we integrate and what do i expect from OpenDaylight
– OpenDaylight supports direct interaction with OVSDB and a higher level API
– Higher layer API designed for Neutron, can it be used by ACS?
» Where are the brains at
– Who decides what?
– Who owns the state of the network and is the authoritative source?
– Reconciliation between controller and CMS?
» OpenDaylight is about to make its first release (Hydrogen)
– But what is going to be in in there?
– And is it enough to support the functionality i need for ACS
What did we end up with
» Apache CloudStack OpenDaylight plugin
– Works with KVM hypervisors (using OpenVswitch)
– Provides tenant isolation using overlay networks based on gre or vxlan
» Plugin available in ACS master branch
– targeted for the next release cycle (4.4.0)
How does it work
» The test setup i used
– Two KVM hypervisors with OpenVSwitch
– CloudStack Management Server
– OpenDaylight controller
» OpenVswitch on KVM hypervisors pre setup with the bridges required by CloudStack and a
bridge called br-int.
How does it work 1
» In ACS setup a physical network with isolation type ODL
– Physical network is a construct where tenant networks actually send their data
– Provides traﬃc isolating using the selected method (VLAN, ODL, VXLAN, …)
– Determines with bridge to
connect VMs to on KVM
(br-int in this example)
» Add an OpenDaylight
controller to the network
How does it work 2
» Setup a network oﬀering for the tenants with virtual networking
» As a tenant
– Create a network based on the
– Start a new VM
How does it work 3
» Magic happens in the OpenDaylight plugin
– Does OpenDaylight know about the hypervisor where the VM will be provisioned?
• No, use the ODL ConnectionManager to create a new OVSDB node for that hypervisor
• OVSDB creates a br-tun switch and creates a patch between br-int and br-tun
– ACS pushed a network object to
ODL using the NeutronNetwork
– ACS pushes a port object to ODL
using the NeutronPort API
How does it work 4
» Tenant starts another node (which we assume starts on another hypervisor)
– ACS configures the second hypervisor using the ConnectionManager API
– ACS pushes a port configuration using the NeutronPort API
– OpenDaylight recognizes that ports belonging to a network are present on two hypervisors
and pushes a tunnel configuration to both nodes.
– OpenDaylight pushed flows to all switches to make traﬃc move from A to B
Are we there yet?
» This is just the first step, ODL oﬀers a lot more.
» Cross pollination of ideas
– implement networking features from ODL in ACS
– support networking scenarios from ACS in ODL
» What do you guys think?