SlideShare a Scribd company logo

[2018.10.19] Andrew Kong - Tunnel without tunnel (Seminar at OpenStack Korea User Group)

OpenStack Korea Community
OpenStack Korea Community

Event information: http://festa.io/events/118

Software
1 of 23
Download to read offline
kakao
kakao • • • • • • • • • • • Supervise d, Korean edition Korean Edition.
kakao
kakao Tunneling, without Tunnel 2018 What? LoadBalancing, without LoadBalancer 2017 What is LoadBalancer? SDN, without SDN 2015 What is SDN?
kakao kakao eth0 Compute node nova-compute neutron- linuxbridge- agent neutron-dhcp- agent Gateway 10.10.100.1 linux bridge vm IP:10.10.100.2/32 Routing Table 1 10.10.100.2/32 via 192.1.1.201 BGP 192.1.1.202 BGP Virtual Switch block Process block vlan.bgp vlan.0 Virtual Router Service Route Table 1 192.1.1.201
kakao eth1 Compute node1 linux bridge vm IP:10.10.100.2/32 192.1.1.201 Routing Table Default GW 192.168.1.1 eth1 Host Route dest 10.10.100.2/32 to 10.10.100.1 connected dest 192.168.100.2 Routing Table 1 10.10.100.2/32 via 192.1.1.201 2 10.10.100.3/32 via 192.168.1.202 3 192.168.100.2/32 via 192.168.1.201, 192.1 68.1.202 192.1.1.202 Switch Namespace global name space IPTable DNAT Dest 192.168.100.2 is for warded to 10.10.100.2 Compute Node Router Veth pair Gateway 10.10.100.1 neutron- linuxbridge-agent neutron-dhcp-agent neutron-l3-agent Host Rout e dest 10.10.100.2/32 to 10.10.100.1 New IP 192.168.100.2 connected dest 192.168.100.2 Neutron Floating IP eth1 Compute node1 linux bridge vm IP:10.10.100.3/32 Routing Table Default GW 192.168.1.1 eth1 Host Route dest 10.10.100.3/32 to 10.10.100.1 connected dest 192.168.100.2 Switch Namespace global name space IPTable DNAT Dest 192.168.100.2 is for warded to 10.10.100.2 Compute Node Router Veth pair Gateway 10.10.100.1 neutron- linuxbridge-agent neutron-dhcp-agent neutron-l3-agent Host Rout e dest 10.10.100.3/32 to 10.10.100.1 New IP 192.168.100.2 connected dest 192.168.100.2 Neutron Floating IP 192.1.1.202
kakao • • • process • dhcp agent, ml2 agent, l3 agent, metadata agent and nova compute • state • linux bridge connection stage • routing table list • iptable • bgp state kakao eth0 Compute node nova-compute neutron- linuxbridge- agent neutron-dhcp- agent Gateway 10.10.100.1 linux bridge vm IP:10.10.100.2/32 Routing Table 1 10.10.100.2/32 via 192.1.1.201 BGP 192.1.1.202 BGP Virtual Switch block Process block vlan.bgp vlan.0 Virtual Router Service Route Table 1 192.1.1.201
kakao • • • Consul is hashcorp’s product • Designed for Datacenter level coordination and service discovery consul agent consul server hostname •nova process •neutron process •routing state •etc... process check state check fail? yes Alrams -kakaotalk -URL
kakao
kakao broadcast domain2 • Application TCP IPv4 ethernet driver broadcast domain ARP Table SRC IP mac eth0 Router IP mac eth0 Application TCP IPv4 ethernet driver ARP Table dest IP mac eth0 Router IP mac eth0 broadcast termination A.K.A Router client destination
kakao Application or VM TCP IPv4 ethernet driver broadcast domain ARP Table SRC IP mac eth0 Router IP mac eth0 Application or VM TCP IPv4 ethernet driver ARP Table dest IP mac eth0 Router IP mac eth0 tun nel broadcast domaintun nel
kakao It solves a problem • Tenant network link layer(East-West) separation issue. It creates problems • Tennant Network Performance • Latency due to the geographical separation • full mesh between the nodes • Retransmission due to fat(+50bytes) L2 frames • Jumbo frame is not the right solutions if you try to cover datacenter, actually you can’t • Vxlan offloading is also do-able, but needs money • NAT bottleneck • e.g. openstack neutron network node bottle neck issue • DVR can distribute the NAT network but it needs router
kakao It solves a problem • Tenant network link layer(East-West) separation issue. It creates problems • Tennant Network Performance • Latency due to the geographical separation • Retransmission due to fat(+50bytes) L2 frames • Jumbo frame is not the right solutions if you try to cover datacenter, actually you can’t • Vxlan offloading is also do-able, but needs money • NAT bottleneck (North-South) • e.g. openstack neutron network node bottle neck issue • DVR can distribute the NAT network but it needs routers
kakao • • •
kakao •
kakao • • • •
kakao • • • • • comments by Qumulus
kakao • • IP routing lookup • Attaches labels • Forwards based on label • • Use label to route ( This determined by RR) • • Removes label • Packet is delivered using normal routing Pic. by Qumulus
kakao • • • à kakao eth0 Compute node nova-compute neutron- linuxbridge- agent neutron-dhcp- agent Gateway 10.10.100.1 linux bridge vm IP:10.10.100.2/32 Routing Table 1 nexthop as to 200 via inet 192.1.1.201 BGP 192.1.1.202 BGP Virtual Switch block Process block vlan.bgp vlan.0 Virtual Router Label Route Table 1 10.10.100.2/32 encap mpls 200 via 192.1.201 192.1.1.201 Routing Table 1 10.10.100.2/32 via 192.1.1.201 Add mpls info
kakao • • The important thing is that Doesn’t touch Packet in L2 • no fat packet • it add label at L3 • • Just thinks about that I didn’t use overlay network IP, only I add label. So, don’’t need NAT at all • Use the legacy IP , So the existing routing and network modeling is just working fine.
kakao • ßà 0 5 10 15 20 25 router to vm Network Performance L3 routing L3 routing with MPLS Tunnel
kakao
kakao

Recommended

[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
Open Source Consulting
 
[OpenInfra Days Korea 2018] Day 2 - E6 - OpenInfra monitoring with Prometheus
[OpenInfra Days Korea 2018] Day 2 - E6 - OpenInfra monitoring with Prometheus[OpenInfra Days Korea 2018] Day 2 - E6 - OpenInfra monitoring with Prometheus
[OpenInfra Days Korea 2018] Day 2 - E6 - OpenInfra monitoring with Prometheus
OpenStack Korea Community
 
[오픈소스컨설팅] EFK Stack 소개와 설치 방법
[오픈소스컨설팅] EFK Stack 소개와 설치 방법[오픈소스컨설팅] EFK Stack 소개와 설치 방법
[오픈소스컨설팅] EFK Stack 소개와 설치 방법
Open Source Consulting
 
SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack
SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStackSaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack
SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack
SaltStack
 
[OpenInfra Days Korea 2018] Day 1 - T4-7: "Ceph 스토리지, PaaS로 서비스 운영하기"
[OpenInfra Days Korea 2018] Day 1 - T4-7: "Ceph 스토리지, PaaS로 서비스 운영하기"[OpenInfra Days Korea 2018] Day 1 - T4-7: "Ceph 스토리지, PaaS로 서비스 운영하기"
[OpenInfra Days Korea 2018] Day 1 - T4-7: "Ceph 스토리지, PaaS로 서비스 운영하기"
OpenStack Korea Community
 
[OpenInfra Days Korea 2018] (Track 3) - CephFS with OpenStack Manila based on...
[OpenInfra Days Korea 2018] (Track 3) - CephFS with OpenStack Manila based on...[OpenInfra Days Korea 2018] (Track 3) - CephFS with OpenStack Manila based on...
[OpenInfra Days Korea 2018] (Track 3) - CephFS with OpenStack Manila based on...
OpenStack Korea Community
 
Ovs perf
Ovs perfOvs perf
Ovs perf
Madhu c
 
[NYC Meetup] Docker at Nuxeo
[NYC Meetup] Docker at Nuxeo[NYC Meetup] Docker at Nuxeo
[NYC Meetup] Docker at Nuxeo
Nuxeo
 

Recommended

[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
Open Source Consulting
 
[OpenInfra Days Korea 2018] Day 2 - E6 - OpenInfra monitoring with Prometheus
[OpenInfra Days Korea 2018] Day 2 - E6 - OpenInfra monitoring with Prometheus[OpenInfra Days Korea 2018] Day 2 - E6 - OpenInfra monitoring with Prometheus
[OpenInfra Days Korea 2018] Day 2 - E6 - OpenInfra monitoring with Prometheus
OpenStack Korea Community
 
[오픈소스컨설팅] EFK Stack 소개와 설치 방법
[오픈소스컨설팅] EFK Stack 소개와 설치 방법[오픈소스컨설팅] EFK Stack 소개와 설치 방법
[오픈소스컨설팅] EFK Stack 소개와 설치 방법
Open Source Consulting
 
SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack
SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStackSaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack
SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack
SaltStack
 
[OpenInfra Days Korea 2018] Day 1 - T4-7: "Ceph 스토리지, PaaS로 서비스 운영하기"
[OpenInfra Days Korea 2018] Day 1 - T4-7: "Ceph 스토리지, PaaS로 서비스 운영하기"[OpenInfra Days Korea 2018] Day 1 - T4-7: "Ceph 스토리지, PaaS로 서비스 운영하기"
[OpenInfra Days Korea 2018] Day 1 - T4-7: "Ceph 스토리지, PaaS로 서비스 운영하기"
OpenStack Korea Community
 
[OpenInfra Days Korea 2018] (Track 3) - CephFS with OpenStack Manila based on...
[OpenInfra Days Korea 2018] (Track 3) - CephFS with OpenStack Manila based on...[OpenInfra Days Korea 2018] (Track 3) - CephFS with OpenStack Manila based on...
[OpenInfra Days Korea 2018] (Track 3) - CephFS with OpenStack Manila based on...
OpenStack Korea Community
 
Ovs perf
Ovs perfOvs perf
Ovs perf
Madhu c
 
[NYC Meetup] Docker at Nuxeo
[NYC Meetup] Docker at Nuxeo[NYC Meetup] Docker at Nuxeo
[NYC Meetup] Docker at Nuxeo
Nuxeo
 
Tuning TCP and NGINX on EC2
Tuning TCP and NGINX on EC2Tuning TCP and NGINX on EC2
Tuning TCP and NGINX on EC2
Chartbeat
 
Accelerating Neutron with Intel DPDK
Accelerating Neutron with Intel DPDKAccelerating Neutron with Intel DPDK
Accelerating Neutron with Intel DPDK
Alexander Shalimov
 
Why you’re going to fail running java on docker!
Why you’re going to fail running java on docker!Why you’re going to fail running java on docker!
Why you’re going to fail running java on docker!
Red Hat Developers
 
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
SaltStack
 
Peter Zaitsev "18 ways to fix MySQL bottlenecks"
Peter Zaitsev "18 ways to fix MySQL bottlenecks"Peter Zaitsev "18 ways to fix MySQL bottlenecks"
Peter Zaitsev "18 ways to fix MySQL bottlenecks"
Fwdays
 
Kubernetes internals (Kubernetes 해부하기)
Kubernetes internals (Kubernetes 해부하기)Kubernetes internals (Kubernetes 해부하기)
Kubernetes internals (Kubernetes 해부하기)
DongHyeon Kim
 
IPTABLES Introduction
IPTABLES IntroductionIPTABLES Introduction
IPTABLES Introduction
HungWei Chiu
 
Cobbler - Fast and reliable multi-OS provisioning
Cobbler - Fast and reliable multi-OS provisioningCobbler - Fast and reliable multi-OS provisioning
Cobbler - Fast and reliable multi-OS provisioning
RUDDER
 
OVN 設定サンプル | OVN config example 2015/12/27
OVN 設定サンプル | OVN config example 2015/12/27OVN 設定サンプル | OVN config example 2015/12/27
OVN 設定サンプル | OVN config example 2015/12/27
Kentaro Ebisawa
 
XPDS14 - Towards Massive Server Consolidation - Filipe Manco, NEC
XPDS14 - Towards Massive Server Consolidation - Filipe Manco, NECXPDS14 - Towards Massive Server Consolidation - Filipe Manco, NEC
XPDS14 - Towards Massive Server Consolidation - Filipe Manco, NEC
The Linux Foundation
 
A user's perspective on SaltStack and other configuration management tools
A user's perspective on SaltStack and other configuration management toolsA user's perspective on SaltStack and other configuration management tools
A user's perspective on SaltStack and other configuration management tools
SaltStack
 
Optimizing kubernetes networking
Optimizing kubernetes networkingOptimizing kubernetes networking
Optimizing kubernetes networking
Laurent Bernaille
 
Load Balancing 101
Load Balancing 101Load Balancing 101
Load Balancing 101
HungWei Chiu
 
OpenStack networking-sfc flow 분석
OpenStack networking-sfc flow 분석OpenStack networking-sfc flow 분석
OpenStack networking-sfc flow 분석
Yongyoon Shin
 
Linux networking is Awesome!
Linux networking is Awesome!Linux networking is Awesome!
Linux networking is Awesome!
Cumulus Networks
 
High Performance Erlang - Pitfalls and Solutions
High Performance Erlang - Pitfalls and SolutionsHigh Performance Erlang - Pitfalls and Solutions
High Performance Erlang - Pitfalls and Solutions
Yinghai Lu
 
See what happened with real time kvm when building real time cloud pezhang@re...
See what happened with real time kvm when building real time cloud pezhang@re...See what happened with real time kvm when building real time cloud pezhang@re...
See what happened with real time kvm when building real time cloud pezhang@re...
LinuxCon ContainerCon CloudOpen China
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes Networking
CJ Cullen
 
DCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep diveDCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep dive
Madhu Venugopal
 
Kubernetes at Datadog Scale
Kubernetes at Datadog ScaleKubernetes at Datadog Scale
Kubernetes at Datadog Scale
Docker, Inc.
 
Tunnel without tunnel
Tunnel without tunnelTunnel without tunnel
Tunnel without tunnel
Andrew Yongjoon Kong
 
Automating auto-scaled load balancer based on linux and vm orchestrator
Automating auto-scaled load balancer based on linux and vm orchestratorAutomating auto-scaled load balancer based on linux and vm orchestrator
Automating auto-scaled load balancer based on linux and vm orchestrator
Andrew Yongjoon Kong
 

More Related Content

What's hot

Cobbler - Fast and reliable multi-OS provisioning
Cobbler - Fast and reliable multi-OS provisioningCobbler - Fast and reliable multi-OS provisioning
Cobbler - Fast and reliable multi-OS provisioning
RUDDER
 
XPDS14 - Towards Massive Server Consolidation - Filipe Manco, NEC
XPDS14 - Towards Massive Server Consolidation - Filipe Manco, NECXPDS14 - Towards Massive Server Consolidation - Filipe Manco, NEC
XPDS14 - Towards Massive Server Consolidation - Filipe Manco, NEC
The Linux Foundation
 
High Performance Erlang - Pitfalls and Solutions
High Performance Erlang - Pitfalls and SolutionsHigh Performance Erlang - Pitfalls and Solutions
High Performance Erlang - Pitfalls and Solutions
Yinghai Lu
 
See what happened with real time kvm when building real time cloud pezhang@re...
See what happened with real time kvm when building real time cloud pezhang@re...See what happened with real time kvm when building real time cloud pezhang@re...
See what happened with real time kvm when building real time cloud pezhang@re...
LinuxCon ContainerCon CloudOpen China
 
Kubernetes at Datadog Scale
Kubernetes at Datadog ScaleKubernetes at Datadog Scale
Kubernetes at Datadog Scale
Docker, Inc.
 

What's hot (20)

Tuning TCP and NGINX on EC2
Tuning TCP and NGINX on EC2Tuning TCP and NGINX on EC2
Tuning TCP and NGINX on EC2
 
Accelerating Neutron with Intel DPDK
Accelerating Neutron with Intel DPDKAccelerating Neutron with Intel DPDK
Accelerating Neutron with Intel DPDK
 
Why you’re going to fail running java on docker!
Why you’re going to fail running java on docker!Why you’re going to fail running java on docker!
Why you’re going to fail running java on docker!
 
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
 
Peter Zaitsev "18 ways to fix MySQL bottlenecks"
Peter Zaitsev "18 ways to fix MySQL bottlenecks"Peter Zaitsev "18 ways to fix MySQL bottlenecks"
Peter Zaitsev "18 ways to fix MySQL bottlenecks"
 
Kubernetes internals (Kubernetes 해부하기)
Kubernetes internals (Kubernetes 해부하기)Kubernetes internals (Kubernetes 해부하기)
Kubernetes internals (Kubernetes 해부하기)
 
IPTABLES Introduction
IPTABLES IntroductionIPTABLES Introduction
IPTABLES Introduction
 
Cobbler - Fast and reliable multi-OS provisioning
Cobbler - Fast and reliable multi-OS provisioningCobbler - Fast and reliable multi-OS provisioning
Cobbler - Fast and reliable multi-OS provisioning
 
OVN 設定サンプル | OVN config example 2015/12/27
OVN 設定サンプル | OVN config example 2015/12/27OVN 設定サンプル | OVN config example 2015/12/27
OVN 設定サンプル | OVN config example 2015/12/27
 
XPDS14 - Towards Massive Server Consolidation - Filipe Manco, NEC
XPDS14 - Towards Massive Server Consolidation - Filipe Manco, NECXPDS14 - Towards Massive Server Consolidation - Filipe Manco, NEC
XPDS14 - Towards Massive Server Consolidation - Filipe Manco, NEC
 
A user's perspective on SaltStack and other configuration management tools
A user's perspective on SaltStack and other configuration management toolsA user's perspective on SaltStack and other configuration management tools
A user's perspective on SaltStack and other configuration management tools
 
Optimizing kubernetes networking
Optimizing kubernetes networkingOptimizing kubernetes networking
Optimizing kubernetes networking
 
Load Balancing 101
Load Balancing 101Load Balancing 101
Load Balancing 101
 
OpenStack networking-sfc flow 분석
OpenStack networking-sfc flow 분석OpenStack networking-sfc flow 분석
OpenStack networking-sfc flow 분석
 
Linux networking is Awesome!
Linux networking is Awesome!Linux networking is Awesome!
Linux networking is Awesome!
 
High Performance Erlang - Pitfalls and Solutions
High Performance Erlang - Pitfalls and SolutionsHigh Performance Erlang - Pitfalls and Solutions
High Performance Erlang - Pitfalls and Solutions
 
See what happened with real time kvm when building real time cloud pezhang@re...
See what happened with real time kvm when building real time cloud pezhang@re...See what happened with real time kvm when building real time cloud pezhang@re...
See what happened with real time kvm when building real time cloud pezhang@re...
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes Networking
 
DCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep diveDCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep dive
 
Kubernetes at Datadog Scale
Kubernetes at Datadog ScaleKubernetes at Datadog Scale
Kubernetes at Datadog Scale
 

Similar to [2018.10.19] Andrew Kong - Tunnel without tunnel (Seminar at OpenStack Korea User Group)

Can We Emulate Local Circuit Switching in Cloud Storage?
Can We Emulate Local Circuit Switching in Cloud Storage?Can We Emulate Local Circuit Switching in Cloud Storage?
Can We Emulate Local Circuit Switching in Cloud Storage?
Tokyo University of Science
 
Latihan soal
Latihan soalLatihan soal
Latihan soal
joko
 
How to Modernize Your Database Platform to Realize Consolidation Savings
How to Modernize Your Database Platform to Realize Consolidation SavingsHow to Modernize Your Database Platform to Realize Consolidation Savings
How to Modernize Your Database Platform to Realize Consolidation Savings
Isaac Christoffersen
 
Why we didn't catch that
Why we didn't catch thatWhy we didn't catch that
Why we didn't catch that
gaoliang641
 

Similar to [2018.10.19] Andrew Kong - Tunnel without tunnel (Seminar at OpenStack Korea User Group) (20)

Tunnel without tunnel
Tunnel without tunnelTunnel without tunnel
Tunnel without tunnel
 
Automating auto-scaled load balancer based on linux and vm orchestrator
Automating auto-scaled load balancer based on linux and vm orchestratorAutomating auto-scaled load balancer based on linux and vm orchestrator
Automating auto-scaled load balancer based on linux and vm orchestrator
 
Can We Emulate Local Circuit Switching in Cloud Storage?
Can We Emulate Local Circuit Switching in Cloud Storage?Can We Emulate Local Circuit Switching in Cloud Storage?
Can We Emulate Local Circuit Switching in Cloud Storage?
 
IPv6 Council: IPv6 on your servers; fun or frightening?
IPv6 Council: IPv6 on your servers; fun or frightening? IPv6 Council: IPv6 on your servers; fun or frightening?
IPv6 Council: IPv6 on your servers; fun or frightening?
 
IPv6 on your servers; fun or frightening? - Swiss IPv6 Council meeting
IPv6 on your servers; fun or frightening? - Swiss IPv6 Council meetingIPv6 on your servers; fun or frightening? - Swiss IPv6 Council meeting
IPv6 on your servers; fun or frightening? - Swiss IPv6 Council meeting
 
Routed networks sydney
Routed networks sydneyRouted networks sydney
Routed networks sydney
 
Packet walks in_kubernetes-v4
Packet walks in_kubernetes-v4Packet walks in_kubernetes-v4
Packet walks in_kubernetes-v4
 
2020 2ed tcp
2020 2ed tcp2020 2ed tcp
2020 2ed tcp
 
Latihan soal
Latihan soalLatihan soal
Latihan soal
 
Successes and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICSuccesses and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNIC
 
OpenContrail deployment experience
OpenContrail deployment experienceOpenContrail deployment experience
OpenContrail deployment experience
 
OpenStack Scale-out Networking Architecture
OpenStack Scale-out Networking ArchitectureOpenStack Scale-out Networking Architecture
OpenStack Scale-out Networking Architecture
 
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
 
Cloud data center and openstack
Cloud data center and openstackCloud data center and openstack
Cloud data center and openstack
 
How to Modernize Your Database Platform to Realize Consolidation Savings
How to Modernize Your Database Platform to Realize Consolidation SavingsHow to Modernize Your Database Platform to Realize Consolidation Savings
How to Modernize Your Database Platform to Realize Consolidation Savings
 
DevOops - Lessons Learned from an OpenStack Network Architect
DevOops - Lessons Learned from an OpenStack Network ArchitectDevOops - Lessons Learned from an OpenStack Network Architect
DevOops - Lessons Learned from an OpenStack Network Architect
 
Why we didn't catch that
Why we didn't catch thatWhy we didn't catch that
Why we didn't catch that
 
When DevOps and Networking Intersect by Brent Salisbury of socketplane.io
When DevOps and Networking Intersect by Brent Salisbury of socketplane.ioWhen DevOps and Networking Intersect by Brent Salisbury of socketplane.io
When DevOps and Networking Intersect by Brent Salisbury of socketplane.io
 
La apuesta de Telefónica por la cloud privada
La apuesta de Telefónica por la cloud privadaLa apuesta de Telefónica por la cloud privada
La apuesta de Telefónica por la cloud privada
 
Cloud: From Unmanned Data Center to Algorithmic Economy using Openstack
Cloud: From Unmanned Data Center to Algorithmic Economy using OpenstackCloud: From Unmanned Data Center to Algorithmic Economy using Openstack
Cloud: From Unmanned Data Center to Algorithmic Economy using Openstack
 

More from OpenStack Korea Community

More from OpenStack Korea Community (20)

2019년 커뮤니티 활동 보고: 오픈스택 한국 커뮤니티
2019년 커뮤니티 활동 보고: 오픈스택 한국 커뮤니티2019년 커뮤니티 활동 보고: 오픈스택 한국 커뮤니티
2019년 커뮤니티 활동 보고: 오픈스택 한국 커뮤니티
 
[2018.10.19] 김용기 부장 - IAC on OpenStack (feat. ansible)
[2018.10.19] 김용기 부장 - IAC on OpenStack (feat. ansible)[2018.10.19] 김용기 부장 - IAC on OpenStack (feat. ansible)
[2018.10.19] 김용기 부장 - IAC on OpenStack (feat. ansible)
 
[OpenInfra Days Korea 2018] Day 2 - E6: "SONA: ONOS SDN Controller 기반 OpenSta...
[OpenInfra Days Korea 2018] Day 2 - E6: "SONA: ONOS SDN Controller 기반 OpenSta...[OpenInfra Days Korea 2018] Day 2 - E6: "SONA: ONOS SDN Controller 기반 OpenSta...
[OpenInfra Days Korea 2018] Day 2 - E6: "SONA: ONOS SDN Controller 기반 OpenSta...
 
[OpenInfra Days Korea 2018] Day 2 - E3-2: "핸즈온 워크샵: Kubespray, Helm, Armada를 ...
[OpenInfra Days Korea 2018] Day 2 - E3-2: "핸즈온 워크샵: Kubespray, Helm, Armada를 ...[OpenInfra Days Korea 2018] Day 2 - E3-2: "핸즈온 워크샵: Kubespray, Helm, Armada를 ...
[OpenInfra Days Korea 2018] Day 2 - E3-2: "핸즈온 워크샵: Kubespray, Helm, Armada를 ...
 
[OpenInfra Days Korea 2018] Day 2 - E5-1: "Invited Talk: Kubicorn - Building ...
[OpenInfra Days Korea 2018] Day 2 - E5-1: "Invited Talk: Kubicorn - Building ...[OpenInfra Days Korea 2018] Day 2 - E5-1: "Invited Talk: Kubicorn - Building ...
[OpenInfra Days Korea 2018] Day 2 - E5-1: "Invited Talk: Kubicorn - Building ...
 
[OpenInfra Days Korea 2018] Day 2 - E5: Mesos to Kubernetes, Cloud Native 서비스...
[OpenInfra Days Korea 2018] Day 2 - E5: Mesos to Kubernetes, Cloud Native 서비스...[OpenInfra Days Korea 2018] Day 2 - E5: Mesos to Kubernetes, Cloud Native 서비스...
[OpenInfra Days Korea 2018] Day 2 - E5: Mesos to Kubernetes, Cloud Native 서비스...
 
[OpenInfra Days Korea 2018] Day 2 - E1: 딥다이브 - OpenStack 생존기
[OpenInfra Days Korea 2018] Day 2 - E1: 딥다이브 - OpenStack 생존기[OpenInfra Days Korea 2018] Day 2 - E1: 딥다이브 - OpenStack 생존기
[OpenInfra Days Korea 2018] Day 2 - E1: 딥다이브 - OpenStack 생존기
 
[OpenInfra Days Korea 2018] Day 2 - E4 - 딥다이브: immutable Kubernetes architecture
[OpenInfra Days Korea 2018] Day 2 - E4 - 딥다이브: immutable Kubernetes architecture[OpenInfra Days Korea 2018] Day 2 - E4 - 딥다이브: immutable Kubernetes architecture
[OpenInfra Days Korea 2018] Day 2 - E4 - 딥다이브: immutable Kubernetes architecture
 
[OpenInfra Days Korea 2018] Day 2 - E6 - 마이크로서비스를 위한 Istio & Kubernetes [다운로드...
[OpenInfra Days Korea 2018] Day 2 - E6 - 마이크로서비스를 위한 Istio & Kubernetes [다운로드...[OpenInfra Days Korea 2018] Day 2 - E6 - 마이크로서비스를 위한 Istio & Kubernetes [다운로드...
[OpenInfra Days Korea 2018] Day 2 - E6 - 마이크로서비스를 위한 Istio & Kubernetes [다운로드...
 
[OpenInfra Days Korea 2018] Day 2 - E5: GPU on Kubernetes
[OpenInfra Days Korea 2018] Day 2 - E5: GPU on Kubernetes[OpenInfra Days Korea 2018] Day 2 - E5: GPU on Kubernetes
[OpenInfra Days Korea 2018] Day 2 - E5: GPU on Kubernetes
 
[OpenInfra Days Korea 2018] Day 2 - CEPH 운영자를 위한 Object Storage Performance T...
[OpenInfra Days Korea 2018] Day 2 - CEPH 운영자를 위한 Object Storage Performance T...[OpenInfra Days Korea 2018] Day 2 - CEPH 운영자를 위한 Object Storage Performance T...
[OpenInfra Days Korea 2018] Day 2 - CEPH 운영자를 위한 Object Storage Performance T...
 
[OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때
[OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때 [OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때
[OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때
 
[OpenInfra Days Korea 2018] (삼성전자) Evolution to Cloud Native
[OpenInfra Days Korea 2018] (삼성전자) Evolution to Cloud Native[OpenInfra Days Korea 2018] (삼성전자) Evolution to Cloud Native
[OpenInfra Days Korea 2018] (삼성전자) Evolution to Cloud Native
 
[OpenInfra Days Korea 2018] (NetApp) Open Source with NetApp - 전국섭 상무
[OpenInfra Days Korea 2018] (NetApp) Open Source with NetApp - 전국섭 상무[OpenInfra Days Korea 2018] (NetApp) Open Source with NetApp - 전국섭 상무
[OpenInfra Days Korea 2018] (NetApp) Open Source with NetApp - 전국섭 상무
 
[OpenInfra Days Korea 2018] (Track 4) - 오픈스택기반 NFV 관리 및 HA (high Availability...
[OpenInfra Days Korea 2018] (Track 4) - 오픈스택기반 NFV 관리 및 HA (high Availability...[OpenInfra Days Korea 2018] (Track 4) - 오픈스택기반 NFV 관리 및 HA (high Availability...
[OpenInfra Days Korea 2018] (Track 4) - 오픈스택기반 NFV 관리 및 HA (high Availability...
 
[OpenInfra Days Korea 2018] (Track 4) - FreeIPA와 함께 SSO 구성
[OpenInfra Days Korea 2018] (Track 4) - FreeIPA와 함께 SSO 구성[OpenInfra Days Korea 2018] (Track 4) - FreeIPA와 함께 SSO 구성
[OpenInfra Days Korea 2018] (Track 4) - FreeIPA와 함께 SSO 구성
 
[OpenInfra Days Korea 2018] (Track 4) - Backend.AI: 오픈소스 머신러닝 인프라 프레임워크
[OpenInfra Days Korea 2018] (Track 4) - Backend.AI: 오픈소스 머신러닝 인프라 프레임워크[OpenInfra Days Korea 2018] (Track 4) - Backend.AI: 오픈소스 머신러닝 인프라 프레임워크
[OpenInfra Days Korea 2018] (Track 4) - Backend.AI: 오픈소스 머신러닝 인프라 프레임워크
 
[OpenInfra Days Korea 2018] (Track 4) - Grafana를 이용한 OpenStack 클라우드 성능 모니터링
[OpenInfra Days Korea 2018] (Track 4) - Grafana를 이용한 OpenStack 클라우드 성능 모니터링[OpenInfra Days Korea 2018] (Track 4) - Grafana를 이용한 OpenStack 클라우드 성능 모니터링
[OpenInfra Days Korea 2018] (Track 4) - Grafana를 이용한 OpenStack 클라우드 성능 모니터링
 
[OpenInfra Days Korea 2018] (Track 3) - OpenStack Automation with Ansible
[OpenInfra Days Korea 2018] (Track 3) - OpenStack Automation with Ansible[OpenInfra Days Korea 2018] (Track 3) - OpenStack Automation with Ansible
[OpenInfra Days Korea 2018] (Track 3) - OpenStack Automation with Ansible
 
[OpenInfra Days Korea 2018] (Track 3) - SDN/NFV enabled Openstack Platform : ...
[OpenInfra Days Korea 2018] (Track 3) - SDN/NFV enabled Openstack Platform : ...[OpenInfra Days Korea 2018] (Track 3) - SDN/NFV enabled Openstack Platform : ...
[OpenInfra Days Korea 2018] (Track 3) - SDN/NFV enabled Openstack Platform : ...
 

Recently uploaded

%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
masabamasaba
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
Juha-Pekka Tolvanen
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
masabamasaba
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
masabamasaba
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
masabamasaba
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
Papp Krisztián
 

Recently uploaded (20)

%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni
 
%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go Platformless
 

[2018.10.19] Andrew Kong - Tunnel without tunnel (Seminar at OpenStack Korea User Group)

  • 4. kakao Tunneling, without Tunnel 2018 What? LoadBalancing, without LoadBalancer 2017 What is LoadBalancer? SDN, without SDN 2015 What is SDN?
  • 5. kakao kakao eth0 Compute node nova-compute neutron- linuxbridge- agent neutron-dhcp- agent Gateway 10.10.100.1 linux bridge vm IP:10.10.100.2/32 Routing Table 1 10.10.100.2/32 via 192.1.1.201 BGP 192.1.1.202 BGP Virtual Switch block Process block vlan.bgp vlan.0 Virtual Router Service Route Table 1 192.1.1.201
  • 6. kakao eth1 Compute node1 linux bridge vm IP:10.10.100.2/32 192.1.1.201 Routing Table Default GW 192.168.1.1 eth1 Host Route dest 10.10.100.2/32 to 10.10.100.1 connected dest 192.168.100.2 Routing Table 1 10.10.100.2/32 via 192.1.1.201 2 10.10.100.3/32 via 192.168.1.202 3 192.168.100.2/32 via 192.168.1.201, 192.1 68.1.202 192.1.1.202 Switch Namespace global name space IPTable DNAT Dest 192.168.100.2 is for warded to 10.10.100.2 Compute Node Router Veth pair Gateway 10.10.100.1 neutron- linuxbridge-agent neutron-dhcp-agent neutron-l3-agent Host Rout e dest 10.10.100.2/32 to 10.10.100.1 New IP 192.168.100.2 connected dest 192.168.100.2 Neutron Floating IP eth1 Compute node1 linux bridge vm IP:10.10.100.3/32 Routing Table Default GW 192.168.1.1 eth1 Host Route dest 10.10.100.3/32 to 10.10.100.1 connected dest 192.168.100.2 Switch Namespace global name space IPTable DNAT Dest 192.168.100.2 is for warded to 10.10.100.2 Compute Node Router Veth pair Gateway 10.10.100.1 neutron- linuxbridge-agent neutron-dhcp-agent neutron-l3-agent Host Rout e dest 10.10.100.3/32 to 10.10.100.1 New IP 192.168.100.2 connected dest 192.168.100.2 Neutron Floating IP 192.1.1.202
  • 7. kakao • • • process • dhcp agent, ml2 agent, l3 agent, metadata agent and nova compute • state • linux bridge connection stage • routing table list • iptable • bgp state kakao eth0 Compute node nova-compute neutron- linuxbridge- agent neutron-dhcp- agent Gateway 10.10.100.1 linux bridge vm IP:10.10.100.2/32 Routing Table 1 10.10.100.2/32 via 192.1.1.201 BGP 192.1.1.202 BGP Virtual Switch block Process block vlan.bgp vlan.0 Virtual Router Service Route Table 1 192.1.1.201
  • 8. kakao • • • Consul is hashcorp’s product • Designed for Datacenter level coordination and service discovery consul agent consul server hostname •nova process •neutron process •routing state •etc... process check state check fail? yes Alrams -kakaotalk -URL
  • 10. kakao broadcast domain2 • Application TCP IPv4 ethernet driver broadcast domain ARP Table SRC IP mac eth0 Router IP mac eth0 Application TCP IPv4 ethernet driver ARP Table dest IP mac eth0 Router IP mac eth0 broadcast termination A.K.A Router client destination
  • 11. kakao Application or VM TCP IPv4 ethernet driver broadcast domain ARP Table SRC IP mac eth0 Router IP mac eth0 Application or VM TCP IPv4 ethernet driver ARP Table dest IP mac eth0 Router IP mac eth0 tun nel broadcast domaintun nel
  • 12. kakao It solves a problem • Tenant network link layer(East-West) separation issue. It creates problems • Tennant Network Performance • Latency due to the geographical separation • full mesh between the nodes • Retransmission due to fat(+50bytes) L2 frames • Jumbo frame is not the right solutions if you try to cover datacenter, actually you can’t • Vxlan offloading is also do-able, but needs money • NAT bottleneck • e.g. openstack neutron network node bottle neck issue • DVR can distribute the NAT network but it needs router
  • 13. kakao It solves a problem • Tenant network link layer(East-West) separation issue. It creates problems • Tennant Network Performance • Latency due to the geographical separation • Retransmission due to fat(+50bytes) L2 frames • Jumbo frame is not the right solutions if you try to cover datacenter, actually you can’t • Vxlan offloading is also do-able, but needs money • NAT bottleneck (North-South) • e.g. openstack neutron network node bottle neck issue • DVR can distribute the NAT network but it needs routers
  • 18. kakao • • IP routing lookup • Attaches labels • Forwards based on label • • Use label to route ( This determined by RR) • • Removes label • Packet is delivered using normal routing Pic. by Qumulus
  • 19. kakao • • • à kakao eth0 Compute node nova-compute neutron- linuxbridge- agent neutron-dhcp- agent Gateway 10.10.100.1 linux bridge vm IP:10.10.100.2/32 Routing Table 1 nexthop as to 200 via inet 192.1.1.201 BGP 192.1.1.202 BGP Virtual Switch block Process block vlan.bgp vlan.0 Virtual Router Label Route Table 1 10.10.100.2/32 encap mpls 200 via 192.1.201 192.1.1.201 Routing Table 1 10.10.100.2/32 via 192.1.1.201 Add mpls info
  • 20. kakao • • The important thing is that Doesn’t touch Packet in L2 • no fat packet • it add label at L3 • • Just thinks about that I didn’t use overlay network IP, only I add label. So, don’’t need NAT at all • Use the legacy IP , So the existing routing and network modeling is just working fine.
  • 21. kakao • ßà 0 5 10 15 20 25 router to vm Network Performance L3 routing L3 routing with MPLS Tunnel
  • 22. kakao
  • 23. kakao