Triangle OpenStack Meetup

1,112 views

Published on

Slides on OpenStack Networking from the inaugural Triangle OpenStack Meetup.

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,112
On SlideShare
0
From Embeds
0
Number of Embeds
42
Actions
Shares
0
Downloads
32
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Triangle OpenStack Meetup

  1. 1. Kyle MesteryTechnical Leader, Office of the Cloud CTO© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
  2. 2. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
  3. 3. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
  4. 4. • Advantages of cloud computing On-demand virtualized resources, self-service, lower cost Resources managed by others• Ability to create your own isolated private networks• Extensible• Challenge!! Easy-to-use Minus the complexity of the traditional data center Quantum Should work with different networking infrastructure Network Service© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
  5. 5. • Compute service (EC2): virtual machines App Svr • Specify vCPU, Memory, Disk OS • Launch instance (image, mem_size, disk) VM • Suspend, clone, migrate• Storage service (S3, EBS): virtual disks • Specify storage amount, access rights • Store object • Create/attach block• What to do about networks? Simplistic implementation Embedded in the compute component© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
  6. 6. 2011 Design Summit - community-driven merger of proposals … more NetworkService NaaS Core Design NetworkServicePOC NetworkContainers Citrix/Rackspace/Nicira Intel NTT/Midokura Cisco Quantum© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
  7. 7. • Compute service (EC2): virtual machines App Svr • Launch instance (image, mem_size, disk) OS • Suspend, clone, migrate VM• Storage service (S3, EBS): virtual disks • Store object • Create/attach block• Network service (Quantum): virtual networks App Svr OS App Svr OS • Create/delete private network VM VM • Attach VM to network resource • Create subnets and routers • Work with different networking environments© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
  8. 8. Quantum Virtual Network Service: A first class citizen in cloud computing Portal (Horizon) Applications Other Services Cloud Platform - Developer API Compute Storage Network Identity (Keystone) (Nova) (Swift) (Quantum) Servers Disks Networks Images (Glance) Folsom Release© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
  9. 9. Quantum Abstractions  Virtual Networks:  A basic dedicated L2 network segment  Common realization is a VLAN  Virtual Ports:  Attachment point for devices connecting to virtual networks.  Ports expose configuration and monitoring state via extensions (e.g., ACLs, QoS policies, Packet Statistics)  Subnets:  An IPAM construct to store CIDR  Also allows to set the Gateway IP and host routes  Virtual Routers  Per tenant routers© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
  10. 10. Quantum Plugins & Extensions  Plugin:  Realization of the Quantum abstractions  Supports different back-end technologies and vendors  One plugin per Quantum deployment (there could be sub-plugins managed by the main plugin)  Examples: Linux Bridge Plugin, OVS Plugin, Cisco (Nexus)  Extensions:  API Extensibility for new or back-end specific features  Example: Port-profiles, quality-of-service, etc.© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
  11. 11. Quantum Plug-in Architecture Quantum Service API API Extensions Quantum API & Extensions Framework Quantum Plug-in Framework Cisco Network Plugin Cisco Device Managers Cisco Compute & Networking Infra • Switching portfolio (Nexus 1k/3k/5k/7k) • Unified Computing System • Routing portfolio (e.g. ASR, CRS)© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
  12. 12. Plugins and Drivers in the Cisco Plugin  Plugin:  A plugin registers to handle all Quantum API calls (e.g., all network/port calls)  Plugins may make decisions that are technology, but not device-specific (e.g., mapping quantum network ‘HR’ to VLAN 100)  There needs to be a master entity making/resolving decisions in a deployment, that entity is the plugin  Drivers:  The plugin may use drivers to communicate the results of this decision to different devices (e.g., it may configure the VLAN on a port on a virtual switch port, and also tell the upstream physical switch to trunk that VLAN)  Configurable components which can be shared/reused© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
  13. 13. Extending Quantum to support L3 Constructs  Routing within the Further evolve Quantum to be a multi-tenant network service for creating virtual data centers (application specific topologies + network tenant (support multi- services) tier topologies)  Overlapping IP addresses  Support gateways – Internet, VPN  Support other L3 services – LB, Firewall, Caching, etc.  Hybrid Cloud (Public + Private) © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
  14. 14. Why is Quantum important to OpenStack?© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
  15. 15. Current Infrastructure-as-a-Service has Challenges Developer API • Only provides basic Network Connectivity. Compute Storage • Difficult to create N-tier apps. Service Services User and System • Limited ability for applications to (VMs, Memory, (Block, Massive Local Disk) Key-value Admin take advantage of network store) services. Servers Disks Accounts Basic Network Connectivity© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
  16. 16. Network Services Enable Developer Solutions Developer API Network APIs Compute Storage Network Service Services Services User and (VMs, Memory, (Block, Massive System Admin (Subnets, Network Local Disk) Key-value store) Svcs, Security) Virtual Servers Networks Disks Network Connectivity  Create-network(“L2”)  Attach-vm-to-network(vnet-a)  Attach-service-to-network(vnet-b)© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
  17. 17. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
  18. 18. Quantum Server Quantum L2 and Plugin Agent Quantum L2 Agent Quantum L2 Nova Nova Compute Agent Nova Compute … Nova Compute ethX Control Node Compute Node Control Node Quantum L2 ethX Quantum L2 Control Node Agent Quantum L2 Agent AgentQuantum L3 Quantum L3 Agent ethX Quantum L3 Agent Quantum DHCP Agent br-ex QuantumAgent DHCP External Network Quantum Agent DHCP Agent Management Network Network Node Network Node Data Network Network Node© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
  19. 19. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
  20. 20. VM1 VM1 VM1 Linux Bridge Linux Bridge Linux Bridge Security Groups rules applied here VLANs used for isolation amongst br-int tenants here GRE Keys used to isolate tenant traffic br-tun in the tunnel Tenant A Network bond0 Tenant B Network eth0 eth1 eth2 Management Network Data Network© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20

×