Network as a Service, Assaf Muller

1,252 views

Published on

OpenStack Neutron Conceptual Overview: What is networking virtualization? *Example of Neutron capabilities * Run down of components including L2, L3, DHCP agents, the service itself * Core concepts - Ports, networks, subnets * Network types - External, provider, tenant * VLANs and tunnels for connectivity and segregation * Instances IP addressing, routers, NAT and floating IPs * Nova Neutron interaction, workflow of creating a VM with network connectivity * Neutron modularity - Core and service plugins

Published in: Technology, Business
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,252
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
101
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Network as a Service, Assaf Muller

  1. 1. Network as a Service Assaf Muller, Associate Software Engineer, Cloud Networking, Red Hat assafmuller.wordpress.com, amuller@redhat.com, amuller on Freenode (#openstack) Introduction to Neutron
  2. 2. ● The first slide is always a giant graph ● Forget graphs, why Neutron? – Tenant connectivity and isolation – Network virtualization – Tenant creates his own network(s), router(s), allowing complex network topologies for multi-tier applications – *aaS The Why
  3. 3. Network Virtualization Example ● Create a network ● Connect the new private network to the public network ● Create a DB instance ● Create three web servers ● Make DB accessable exclusively by web servers ● Create a load balancer to the web servers ● Attach a floating IP to the load balancer ● Filter anything other than incoming HTTP(s) traffic All done logically, in software, via the GUI, API or CLI
  4. 4. Core Concepts Ports Network Subnets 10.0.0.1 10.0.0.2 10.128.0.1 VLAN 10 10.0.0.1 10.0.0.0 – 10.127.255.255 10.128.0.0 – 10.255.255.255
  5. 5. ● External network – Internet routable network ● Provider network – Created by admin, mapped to pre-existing network in datacenter, used for external networks* ● Tenant network – Self provisioned network, isolated from other tenants, optionally connected to other tenant and external networks Network Types * VMs may also be directly connected to provider networks
  6. 6. Compute NodeCompute Node Routers, NAT, Floating IPs VM: 10.0.0.1 VM: 10.0.0.2 Tenant Network – 10.0.0.0/8 Network Node
  7. 7. Compute Node vRouter – Internal – 10.255.255.254 vRouter – External – 212.10.20.1 vRouter – Floating IP – 212.10.20.2 Compute Node Routers, NAT, Floating IPs VM: 10.0.0.1 VM: 10.0.0.2 Tenant Network – 10.0.0.0/8 Provider Network – 212.10.20.0/24Network Node
  8. 8. VM Data Management Internet API Services Compute Node (Nova compute, L2 agent) Network Node (L2 agent, vRouters, DHCP, Metadata) Components API Compute Node (Nova compute, L2 agent)
  9. 9. Components API Node: Neutron Nova Keystone Glance Swift Cinder ... Optionally SQL Database Optionally AMQP Broker Network Node: L2 Agent L3 Agent DHCP Agent Metadata Agent Optionally LB, VPN and FW agents Compute Node: L2 Agent Nova Compute Compute Node: L2 Agent Nova Compute
  10. 10. ● Neutron Service – Accepts API requests, handles DB ● L3 Agent – Manages virtual routers ● DHCP Agent – Manages dnsmasq instances ● Metadata Agent – Proxy to Nova metadata service ● L2 Agent – Manages networking on compute node – OVS flows / Linux bridges, VLAN tagging, security groups * Components talk via RPC Components API Network Node Compute
  11. 11. Nova <--> Neutron Interaction Nova Neutron DHCP Agent L2 Agent Nova Compute L2 Agent Nova Compute 1. Create VM connected to network X (API)
  12. 12. Nova <--> Neutron Interaction Nova Neutron DHCP Agent L2 Agent Nova Compute L2 Agent Nova Compute 1. Create VM connected to network X (API) 2. Create VM (RPC: Nova API to Nova conductor)
  13. 13. Nova <--> Neutron Interaction Nova Neutron DHCP Agent L2 Agent Nova Compute L2 Agent Nova Compute 1. Create VM connected to network X (API) 3. Nova schedules VM 2. Create VM (RPC: Nova API to Nova conductor)
  14. 14. Nova <--> Neutron Interaction Nova Neutron DHCP Agent L2 Agent Nova Compute L2 Agent Nova Compute 1. Create VM connected to network X (API) 3. Nova schedules VM 4. Create VM (RPC: Nova conductor to Nova compute) 2. Create VM (RPC: Nova API to Nova conductor)
  15. 15. Nova <--> Neutron Interaction Nova Neutron DHCP Agent L2 Agent Nova Compute L2 Agent Nova Compute 1. Create VM connected to network X (API) 3. Nova schedules VM 4. Create VM (RPC: Nova conductor to Nova compute) 5. Create Port (API: Nova compute to Neutron service) 6. Create tap device 2. Create VM (RPC: Nova API to Nova conductor)
  16. 16. Nova <--> Neutron Interaction Nova Neutron DHCP Agent L2 Agent Nova Compute L2 Agent Nova Compute 1. Create VM connected to network X (API) 3. Nova schedules VM 4. Create VM (RPC: Nova conductor to Nova compute) 5. Create Port (API: Nova compute to Neutron service) 7. Neutron creates port (Allocates MAC, IP) 6. Create tap device 2. Create VM (RPC: Nova API to Nova conductor)
  17. 17. Nova <--> Neutron Interaction Nova Neutron DHCP Agent L2 Agent Nova Compute L2 Agent Nova Compute 1. Create VM connected to network X (API) 3. Nova schedules VM 4. Create VM (RPC: Nova conductor to Nova compute) 5. Create Port (API: Nova compute to Neutron service) 7. Neutron creates port (Allocates MAC, IP) 6. Create tap device 8. Notify DHCP agent (RPC) 2. Create VM (RPC: Nova API to Nova conductor) 9. Notify L2 agent (RPC)
  18. 18. Nova <--> Neutron Interaction Nova Neutron DHCP Agent L2 Agent Nova Compute L2 Agent Nova Compute 1. Create VM connected to network X (API) 3. Nova schedules VM 4. Create VM (RPC: Nova conductor to Nova compute) 5. Create Port (API: Nova compute to Neutron service) 7. Neutron creates port (Allocates MAC, IP) 6. Create tap device 8. Notify DHCP agent (RPC) 2. Create VM (RPC: Nova API to Nova conductor) 9. Notify L2 agent (RPC) 10. get_device_details (RPC: L2 agent to Neutron service)
  19. 19. Nova <--> Neutron Interaction Nova Neutron DHCP Agent L2 Agent Nova Compute L2 Agent Nova Compute 1. Create VM connected to network X (API) 3. Nova schedules VM 4. Create VM (RPC: Nova conductor to Nova compute) 5. Create Port (API: Nova compute to Neutron service) 7. Neutron creates port (Allocates MAC, IP) 6. Create tap device 8. Notify DHCP agent (RPC) 2. Create VM (RPC: Nova API to Nova conductor) 9. Notify L2 agent (RPC) 10. get_device_details (RPC: L2 agent to Neutron service) 11. Configure local VLAN, OVS flows 12. Send port_up notification (RPC: L2 agent to Neutron service)
  20. 20. Nova <--> Neutron Interaction Nova Neutron DHCP Agent L2 Agent Nova Compute L2 Agent Nova Compute 1. Create VM connected to network X (API) 3. Nova schedules VM 4. Create VM (RPC: Nova conductor to Nova compute) 5. Create Port (API: Nova compute to Neutron service) 7. Neutron creates port (Allocates MAC, IP) 6. Create tap device 8. Notify DHCP agent (RPC) 2. Create VM (RPC: Nova API to Nova conductor) 9. Notify L2 agent (RPC) 10. get_device_details (RPC: L2 agent to Neutron service) 11. Configure local VLAN, OVS flows 12. Send port_up notification (RPC: L2 agent to Neutron service) 13. Send port_up notification (API: Neutron service to Nova)
  21. 21. Nova <--> Neutron Interaction Nova Neutron DHCP Agent L2 Agent Nova Compute L2 Agent Nova Compute 1. Create VM connected to network X (API) 3. Nova schedules VM 4. Create VM (RPC: Nova conductor to Nova compute) 5. Create Port (API: Nova compute to Neutron service) 7. Neutron creates port (Allocates MAC, IP) 6. Create tap device 8. Notify DHCP agent (RPC) 2. Create VM (RPC: Nova API to Nova conductor) 9. Notify L2 agent (RPC) 10. get_device_details (RPC: L2 agent to Neutron service) 11. Configure local VLAN, OVS flows 12. Send port_up notification (RPC: L2 agent to Neutron service) 13. Send port_up notification (API: Neutron service to Nova) 14. port_up (RPC: Nova service to Nova compute)
  22. 22. Nova <--> Neutron Interaction Nova Neutron DHCP Agent L2 Agent Nova Compute L2 Agent Nova Compute 1. Create VM connected to network X (API) 3. Nova schedules VM 4. Create VM (RPC: Nova conductor to Nova compute) 5. Create Port (API: Nova compute to Neutron service) 7. Neutron creates port (Allocates MAC, IP) 6. Create tap device 8. Notify DHCP agent (RPC) 2. Create VM (RPC: Nova API to Nova conductor) 9. Notify L2 agent (RPC) 10. get_device_details (RPC: L2 agent to Neutron service) 11. Configure local VLAN, OVS flows 12. Send port_up notification (RPC: L2 agent to Neutron service) 13. Send port_up notification (API: Neutron service to Nova) 14. port_up (RPC: Nova service to Nova compute) 15. Nova compute boots VM!
  23. 23. Core Plugin ● Implementation of API is pluggable ● Many plugins exist: – ML2 (Open source, Red Hat blessed) – Vendor plugins (Proprietary, some are certified) ● Each plugin implements API differently. For example, 'create_port' may be proxied to some 3rd party server
  24. 24. Service Plugins ● Firewall as a Service – Filter traffic at the router level ● VPN as a Service – Extend your tenant networks off-site ● Load Balancer as a Service – Distribute incoming messages to a pool of VMs * Service plugins also have multiple implementations
  25. 25. Tenant Connectivity & Isolation ● How is tenant networks connectivity and isolation achieved, exactly? – Via VLANs or GRE / VXLAN tunnels ● More information at FOSDEM talk: – http://assafmuller.wordpress.com/2014/02/03/f osdem-14/ – Includes video, slides and series of blog posts
  26. 26. Questions? Assaf Muller, Associate Software Engineer, Cloud Networking, Red Hat assafmuller.wordpress.com, amuller@redhat.com, amuller on Freenode (#openstack) Network as a Service

×