Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Upcoming SlideShare
Inside Architecture of Neutron
Next
Download to read offline and view in fullscreen.

5

Share

Download to read offline

OpenStack networking - Neutron deep dive with PLUMgrid

Download to read offline

These are slides from the OpenSTack Meeting in Boston on Marck 18, 2015. The session led by Fernando Sanchez - Principal Systems Engineer, at PLUMgrid. In this talk, Fernando discussed OpenStack architecture with a particular focus on networking. We’ll cover some important considerations for networking in your OpenStack cloud, provide a look at common terminology, and discuss how Open Networking Suite works with OpenStack to alleviate networking challenges.

Related Books

Free with a 30 day trial from Scribd

See all

OpenStack networking - Neutron deep dive with PLUMgrid

  1. 1. 2011-2014 © PLUMgrid - Confidential Information Fernando Sanchez – Principal Systems Engineer @ PLUMgrid fernando@plumgrid.com @fernandosanchez OpenStack Networking & PLUMgrid Open Networking Suite for OpenStack
  2. 2. 2011-2014 © PLUMgrid - Confidential Information OpenStack: Open Source Cloud OS •  Open source software for compute, storage, networking •  Distributions simplify installation and maintenance •  Several commercial and “free” OpenStack distributions available
  3. 3. 2011-2014 © PLUMgrid - Confidential Information 3 Conceptual communication among services
  4. 4. 2011-2014 © PLUMgrid - Confidential Information At the junction of any Cloud ISOLATION CONNECTIVITY COMPUTE STORAGE Network
  5. 5. 2011-2014 © PLUMgrid - Confidential Information Physical & Virtual Network Infrastructure PHYSICAL INFRASTRUCTURE VIEW VIRTUAL INFRASTRUCTURE VIEW •  QoS, Bandwidth •  Latency •  Multicast •  Capacity •  Connectivity •  On-Demand •  Multi Tenant •  Automated •  Self Service •  Secure •  Distributed Overlay Network TENANT NETWORKS
  6. 6. 2011-2014 © PLUMgrid - Confidential Information OpenStack Networking (Neutron) 6
  7. 7. 2011-2014 © PLUMgrid - Confidential Information Why Neutron? •  Started with the Folsom release •  Provide Network as a Service •  Provide Operator & Tenants ability to create and offer rich network topologies and configure advanced policies •  Offer a technology agnostic layer while enabling vendor extensions •  Support for advanced services Compute Storage Network
  8. 8. 2011-2014 © PLUMgrid - Confidential Information What is Neutron? §  Provides REST APIs to manage network connections for the resources managed by other OpenStack Services (e.g. Nova) §  Technology Agnostic (framework based on “plug-ins”) §  Multi-tenancy: Isolation, Abstraction, full control over virtual networks §  Modular Design: API specifies service, vendor provides its implementation. Extensions for vendor-specific features. §  Exposes vendor-specific network virtualization and SDN technologies 8
  9. 9. 2011-2014 © PLUMgrid - Confidential Information What Neutron is NOT •  Neutron does NOT implement the networks, but rather is the front-end to the component that does create and implement the rich network functionalities •  When integrated with an SDN solution, it will “pass through” OpenStack Networking API calls to the SDN Controller. The SDN solution will then “build the actual networks”. •  When integrated with OVS and a Network node solution*…. *this is what many people call “running Neutron” (inaccurately) •  It can be very THIN or very THICK depending on functionalities available in the underlying solution 9
  10. 10. 2011-2014 © PLUMgrid - Confidential Information Why Neutron Plugins? 10 •  The initial Openstack networking implementation based on nova (nova- network) only implemented a basic model of isolation through Linux VLANs and IP tables •  Neutron was always architected as a pluggable architecture to provide choice •  back-end hardware and software agnostic •  use a variety of technologies to implement the API requests •  supports a broad spectrum of choices – from basic Linux VLANs and IP tables to more advanced technologies such as network overlays
  11. 11. 2011-2014 © PLUMgrid - Confidential Information Neutron Architecture 11 Neutron API Neutron Service Neutron Plug-in API API Extensions Service API (VPN, FW & LBaaS) VNI & PNI Virtual & Physical Networking Infrastructure Plug-In ExtensionsPlug-In Implementation
  12. 12. 2011-2014 © PLUMgrid - Confidential Information Two Types of Neutron Plugins 12 •  Implements Neutron Core API •  Layer 2 (Switch) •  Optionally implements Service plugin functionality by using extensions Core Service •  Implements Neutron API extensions •  Layer 3 (Router) •  Firewall •  Load Balancer •  VPN
  13. 13. 2011-2014 © PLUMgrid - Confidential Information Vendor to Plugin Type Mapping 13 PLUMgrid, VMware NSX, Midokura, Nuage, OpenContrail Arista, Big Switch, Brocade, Cisco, Embrane, Extreme, Huawei, Juniper, Microsoft (HyperV), IBM, Mellanox, NEC, One Convergence, ODL Core Service Router: Cisco LBaaS: A10 Networks, Embrane, Citrix (Netscaler), F5, Radware, vArmour FWaaS: Cisco, Freescale VPNaaS: Cisco List is a sample and is incompleteSource: OpenStack Marketplace/Drivers
  14. 14. 2011-2014 © PLUMgrid - Confidential Information Architecture Challenges: Neutron & OVS Neutron ML2/OVS plugin VM Network Nodes VM VM VM VM VM VM VM VM VM VM VM VM VM VM VMVM VM Nova Glance Swift Cinder L3 Agent FWaaS Agent LBaaS Agent Agent Agent Agent Agent Agent Agent DHCP Agent Services Neutron Framework Placement of these components is critical; They are in data path and become bottlenecks Advanced Services run on dedicated nodes. Limited HA. Creation of new tenants requires careful sizing of components to maintain performance level VM traffic flow can be handled in kernel, in local user space or in network nodes with different performance level
  15. 15. 2011-2014 © PLUMgrid - Confidential Information OpenStack Networking & PLUMgrid 15
  16. 16. 2011-2014 © PLUMgrid - Confidential Information Last Mile to Agility: Virtual Networks 16 PHYSICAL INFRASTRUCTURE VIRTUAL INFRASTRUCTURE Virtual Compute Compute Storage Virtual Storage CRM VDI ERP IaaSSaaS PaaS Network Virtual Networks Self Service Portal/Catalog Cloud Management Platform
  17. 17. 2011-2014 © PLUMgrid - Confidential Information PLUMgrid Open Networking Suite 17 PHYSICAL NETWORK INFRASTRUCTURE VIRTUAL DOMAIN Tenant A PLUMGRID NETWORK LIBRARY Bridge Router LB Security Policies Bridge Security Policies Bridge DHCP FW VIRTUAL DOMAIN Tenant B Scalable Architecture Non-Stop Forwarding Service Insertion
  18. 18. 2011-2014 © PLUMgrid - Confidential Information PLUMgrid Open Networking Suite 18 ü  No single point of failure ü  Highly resilient & self-healing ü  Terabits of distributed scale out performance Internet PLUMgrid IO Visor Edge PLUMgrid Directors PLUMgrid IO Visor Gateway Virtual Domain A Virtual Domain B Overlay Network
  19. 19. 2011-2014 © PLUMgrid - Confidential Information Understanding Virtual Domains PHYSICAL INFRASTRUCTURE VIEW VIRTUAL INFRASTRUCTURE VIEW Custom or Template based Virtual Network Domains per Tenant Tenant 1 Tenant 2 Tenant 3 VM VM VM VM Internet VM VM VM VM PLUMgrid Zone  
  20. 20. 2011-2014 © PLUMgrid - Confidential Information Architecture Solution: Neutron & PLUMgrid Neutron PLUMgrid Plugin VM Virtual Domains Tenant Networks iO Visor Kernel Module -- Distributed Data Plane PLUMgrid Director VM VM VM VM VM VM VM VM VM VM VM VM VM VM VMVM VM Nova Glance Swift Cinder 3rd party Virtual Network Functions Control Plane VM to VM optimized packet flow due to distributed VNFs – Eliminating bottlenecks Virtual Domains automatically scale out as more servers are deployed All VNF control planes are fully redundant Director Cluster is deployed in management rack Virtual Domain A Virtual Domain B Virtual Domain C
  21. 21. 2011-2014 © PLUMgrid - Confidential Information PLUMgrid Platform Architecture 21
  22. 22. 2011-2014 © PLUMgrid - Confidential Information Data  Plane     Controller     Closed  Network   Functions   Orchestration layers South  Bound  API   North  Bound  API   Management  API   Physical Network Infrastructure Vendors SDN Vendors Commodity Switch or Software Virtual Switch From PNI to SDN vendors? Data Plane Controller Closed Network Functions From one Vertically Integrated Environment to the Next?
  23. 23. 2011-2014 © PLUMgrid - Confidential Information Data  Plane  ‘   Controller  ‘   Closed  Network   Functions   Orchestration layers South  Bound  API  +  Extensions   North  Bound  API   Management  API   3rd party Network Function North  Bound  AP  Extensions   3rd party new Network Functions Required Platform changes (unfunded) Data Plane Controller Closed Network Functions Architecture Gridlock Networking: Extending the Data Plane?
  24. 24. 2011-2014 © PLUMgrid - Confidential Information Data Plane Controller Closed Network Functions South Bound API North Bound API Management API DP DP DP CP CP CP Network Function CP-DP APIs Management API DEVELOPERS OPERATORS PG-SDK OPERATORS IO-VISOR™ Director Old SDN architecture PLUMgrid Platform IO-visor™ based Architecture Platform Ecosystem: Get the Controller Out of the Way Platform Ecosystem: Get the Controller out of the way
  25. 25. 2011-2014 © PLUMgrid - Confidential Information BRIDGE ROUTER NAT IO VISOR™ DP DP DP IO Visor™ : Internals PLUMgrid Director CP CP CP Director APIs API BRG API RTR API NAT API BRG API RTR API NAT Ports REST APIs Port Mgr. (PEM) IO Visor •  Stiches multiple ‘PLUMlet DPs’ as directed by NOS •  Allows different NF CPs to manage their ‘PLUMlets’ •  The Director controls the IO Visor™
  26. 26. 2011-2014 © PLUMgrid - Confidential Information IO VISOR™ BRIDGE ROUTER NAT DP DP DP OPERATORS PLUMgrid IOVisor Ecosystem – SDK & APIs SDK PLUMgrid Director REST APIs CP CP CP CMS GUI Network Services Hypervisor Infrastructure
  27. 27. 2011-2014 © PLUMgrid - Confidential Information PLUMgrid Ignition 27 Immersive PLUMgrid Technology Experience
  28. 28. 2011-2014 © PLUMgrid - Confidential Information PLUMgrid Ignition 28 Go to: www.plumgrid.com/plumgrid-ignition/
  29. 29. 2011-2014 © PLUMgrid - Confidential Information 29 Next Steps Stay Connect at www.plumgrid.com/events/ Sign Up for PLUMgrid Ignition at www.plumgrid.com Follow Us @PLUMgrid
  30. 30. 2011-2014 © PLUMgrid - Confidential Information Our Vision 30 THANK YOU!
  • Kevin_Kuo

    Jul. 20, 2016
  • cgshome

    Jun. 22, 2016
  • rendezvoush

    Apr. 26, 2016
  • fabrizioe

    Apr. 26, 2016
  • VIonescu1

    Feb. 23, 2016

These are slides from the OpenSTack Meeting in Boston on Marck 18, 2015. The session led by Fernando Sanchez - Principal Systems Engineer, at PLUMgrid. In this talk, Fernando discussed OpenStack architecture with a particular focus on networking. We’ll cover some important considerations for networking in your OpenStack cloud, provide a look at common terminology, and discuss how Open Networking Suite works with OpenStack to alleviate networking challenges.

Views

Total views

2,486

On Slideshare

0

From embeds

0

Number of embeds

12

Actions

Downloads

156

Shares

0

Comments

0

Likes

5

×