Network Virtualization with
MidoNet in CloudStack
YOSHI TAMURA
Midokura
Jun 23, 2013
Copyright ©2012 Midokura All rights reserved
Hello CloudStack community!
2
YOSHI TAMURA
Product Manager, Midokura
Copyright ©2012 Midokura All rights reserved
Agenda
3
 Midokura’s focus
 Challenges in IaaS Cloud Network
 Introduction...
Copyright ©2012 Midokura All rights reserved
IaaS Cloud – Elasticity and Automation
4
Photo Credit: skarpi - www.skarpi.is...
Copyright ©2012 Midokura All rights reserved
Midokura’s Focus
5
Photo Credit: dampoint via Compfight cc
Copyright ©2012 Midokura All rights reserved
Let’s build a network for IaaS Cloud !
6
Flat L2 network!
It’s simple!
7
Photo Credit: Studio Toveraap via Compfight cc
Copyright ©2012 Midokura All rights reserved
Let’s build a network for IaaS Cloud !
8
How about
VLAN then!?
9
Photo Credit: CHRISTOPHER MACSURAK via Compfight cc
Copyright ©2012 Midokura All rights reserved 10
Actually, we
want L3 too…
Firewall and
Load Balancer
please!
Let’s build a...
11
Photo Credit: CHRISTOPHER MACSURAK via Compfight ccPhoto Credit: JBurkunkvia Compfight cc
Copyright ©2012 Midokura All rights reserved
Tenant/Project A
Network A1
VM1 VM3
Network A2
VM5
Tenant/Project B
Network B...
Copyright ©2012 Midokura All rights reserved
Tenant/Project A
Network A1
VM1 VM3
Network A2
VM5
Tenant/Project B
Network B...
Copyright ©2012 Midokura All rights reserved 14Photo Credit: milos milosevic via Compfight cc
Copyright ©2012 Midokura All rights reserved
VLAN
15
 4096 limit on number of unique tags
 Large spanning trees terminat...
Copyright ©2012 Midokura All rights reserved 16
 Mostly used by Carriers/Telco but too much for IaaS
 Network gear could...
Copyright ©2012 Midokura All rights reserved 17
 Not scalable to cloud scale
 Expensive hardware
 Not fault tolerant (H...
18
Can we do this better?
Copyright ©2012 Midokura All rights reserved 19
VM
VM
Edge
EdgeEdge
Edge Edge
Edge
Virtual network
changes don't affect
un...
Overlays are the best approach!
But not sufficient...
We still need a scalable control plane.
20
Copyright ©2012 Midokura All rights reserved 21
VM
VM
DB
DB
DB
Internet
EdgeMN EdgeMN
EdgeMN
Edge
MN
Edge
MN
Edge
MN
Our s...
Upcoming SlideShare
Loading in …5
×

Network Virtualization with MidoNet in CloudStack

946 views

Published on

Network Virtualization with MidoNet in CloudStack

Presented at CloudStack Collaboration Conference, June 2013 in Santa Clara, by Yoshi Tamura and Dave Cahill

Published in: Technology, Economy & Finance
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
946
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
16
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Network Virtualization with MidoNet in CloudStack

  1. 1. Network Virtualization with MidoNet in CloudStack YOSHI TAMURA Midokura Jun 23, 2013
  2. 2. Copyright ©2012 Midokura All rights reserved Hello CloudStack community! 2 YOSHI TAMURA Product Manager, Midokura
  3. 3. Copyright ©2012 Midokura All rights reserved Agenda 3  Midokura’s focus  Challenges in IaaS Cloud Network  Introduction to MidoNet  MidoNet and CloudStack (Dave Cahill)
  4. 4. Copyright ©2012 Midokura All rights reserved IaaS Cloud – Elasticity and Automation 4 Photo Credit: skarpi - www.skarpi.is via Compfight cc
  5. 5. Copyright ©2012 Midokura All rights reserved Midokura’s Focus 5 Photo Credit: dampoint via Compfight cc
  6. 6. Copyright ©2012 Midokura All rights reserved Let’s build a network for IaaS Cloud ! 6 Flat L2 network! It’s simple!
  7. 7. 7 Photo Credit: Studio Toveraap via Compfight cc
  8. 8. Copyright ©2012 Midokura All rights reserved Let’s build a network for IaaS Cloud ! 8 How about VLAN then!?
  9. 9. 9 Photo Credit: CHRISTOPHER MACSURAK via Compfight cc
  10. 10. Copyright ©2012 Midokura All rights reserved 10 Actually, we want L3 too… Firewall and Load Balancer please! Let’s build a network for IaaS Cloud !
  11. 11. 11 Photo Credit: CHRISTOPHER MACSURAK via Compfight ccPhoto Credit: JBurkunkvia Compfight cc
  12. 12. Copyright ©2012 Midokura All rights reserved Tenant/Project A Network A1 VM1 VM3 Network A2 VM5 Tenant/Project B Network B1 VM2 VM4 uplink Provider Virtual Router (L3) Tenant A Virtual Router Tenant B Virtual Router VM6 Virtual L2 Switch B1 Virtual L2 Switch A1 Virtual L2 Switch A2 TenantB office Tenant B VPN Router Office Network Requirements for IaaS Cloud Network 12
  13. 13. Copyright ©2012 Midokura All rights reserved Tenant/Project A Network A1 VM1 VM3 Network A2 VM5 Tenant/Project B Network B1 VM2 VM4 uplink Provider Virtual Router (L3) Tenant A Virtual Router Tenant B Virtual Router VM6 Virtual L2 Switch B1 Virtual L2 Switch A1 Virtual L2 Switch A2 TenantB office Tenant B VPN Router Office Network 13 Isolated tenant network (virtual data center) L3 isolation (similar to VPC and VRF) Isolated L2 networks Redundant, optimized and fault-tolerant paths to the Internet (e.g. via BGP) Fault-tolerant devices and links NAT, LB, Filtering NAT, LB, and Firewalls L3 (and L2) VPNs Minimize ARP broadcasts by exploiting CMS config RESTful API for CMS Solid integration with leading open CMS DHCP, DNS and other services Requirements for IaaS Cloud Network
  14. 14. Copyright ©2012 Midokura All rights reserved 14Photo Credit: milos milosevic via Compfight cc
  15. 15. Copyright ©2012 Midokura All rights reserved VLAN 15  4096 limit on number of unique tags  Large spanning trees terminating on many hosts  High churn in switch control planes due to MAC learning  Need MLAG for L2 multi-path (vendor specific) VLAN1 VLAN2
  16. 16. Copyright ©2012 Midokura All rights reserved 16  Mostly used by Carriers/Telco but too much for IaaS  Network gear could be very expensive MPLS VPN tag tag
  17. 17. Copyright ©2012 Midokura All rights reserved 17  Not scalable to cloud scale  Expensive hardware  Not fault tolerant (HSRP?)  L2 and L3 isolation. What about NAT, LB, FW? c.f.:http://infrastructureadventures.com/tag/vrf-lite/ Core VLAN 10 VLAN11 VLAN12 Product VLAN 20 VLAN21 VLAN22 Sales VLAN 99 VRF VRF VRF VRF
  18. 18. 18 Can we do this better?
  19. 19. Copyright ©2012 Midokura All rights reserved 19 VM VM Edge EdgeEdge Edge Edge Edge Virtual network changes don't affect underlay state Use scalable IGP to build multi-path underlay with cheap HW IP encapsulation provides isolation without using VLAN Decoupled from physical network. Wired once Edge-to-Edge Overlays
  20. 20. Overlays are the best approach! But not sufficient... We still need a scalable control plane. 20
  21. 21. Copyright ©2012 Midokura All rights reserved 21 VM VM DB DB DB Internet EdgeMN EdgeMN EdgeMN Edge MN Edge MN Edge MN Our solution ➡ MidoNet Stores Virtual NW configs Transmits the packets through the tunnel Emulates the whole NW topology at ingress

×