The document discusses the challenges of cloud networking, such as high-density multi-tenancy and on-demand provisioning, and presents solutions like network virtualization and software-defined networking. It explains the architecture of OpenStack networking, including core APIs, backend plugins, and advanced services like load balancing and VPN. Additionally, it provides resources for contributions and further information on OpenStack networking.

1. OpenStack Networking
Mark McClain
OpenStack Networking Program Technical Lead
mark.mcclain@dreamhost.com

2. Challenges in the Cloud
• High-density multi-tenancy
– But VLANs have trouble scaling
• On-demand provisioning
– But traditional network solutions have
interfaces designed for manual
configuration.
• Need to place / move workloads
were capacity exists
– But network state (e.g., IP address) is
tied to a particular location
© Malcolm Leman | Dreamstime.com

3. Tackling these challenges
– Network virtualization
– Overlay tunneling:
VXLAN, GRE, STT
– Software-defined
Networking (SDN) /
OpenFlow
– L2 Fabric solutions
– ???

4. What is OpenStack
Networking?

5. Basic Abstractions
Nova
VM2
10.0.0.2
VM1
10.0.0.2
virtual server
virtual interface (VIF)
virtual port
Neutron
L2 virtual network
Net1
10.0.0.0/24
virtual subnet

6. Using the API...
VM1
10.0.0.2
VM2
VM3
172.16.77.1
10.0.0.2/172.16.77.2
Tenant Net1
192.168.0.0/24
Tenant Net2
172.16.77.0/24
Router
Public Net
10.0.0.0/8

7. Multi-Project
VM2
10.0.0.2/172.16.
77.2
VM1
10.0.0.2
VM3
VM1
10.0.0.2
172.16.77.1
Tenant A Net1
192.168.0.0/24
VM2
10.0.0.2/172.16.
77.2
Tenant B Net2
172.16.77.0/24
Router
Router
Public Net
10.0.0.0/8
172.16.77.1
Tenant B Net1
192.168.0.0/24
Tenant A Net2
172.16.77.0/24
VM3

8. Architecture
Generic OpenStack APIs
Operator Selected Backends
KVM
ML2 Plugin
Ceph
Compute API
Network API
Tenant Tools
(GUI, CLI, API code)
Storage API

11. Neutron CLI
Horizon Web UI
Heat - Orchestration
Other tools
Core Neutron API
API Extensions
Authentication Authorization via OpenStack keystone
Neutron Pluggable Backend layer
Modular Layer 2 Plugin
Nova Compute
Open vSwitch
Nova Compute
Open vSwitch
Nova Compute
Open vSwitch
API Tools

12. Neutron Plugins
Open vSwitch / Linux Bridge
Ryu OpenFlow
Controller

13. Common Features
Support for overlapping IPs
DHCP
Includes custom port options
Floating IPs

14. Security Groups
Supports Overlapping IPs
Handles VMs with multiple
NICs
Ingress / Egress rules
IPv6 matching
Plugins can offload
http://www.flickr.com/photos/mikebaird/2354116406/

15. Metadata
Simplified Configuration
Supports Overlapping IPs
Non-routed networks

16. Modular Layer 2
Driver Based
Combines OVS and Linuxbridge Plugins
Other Mechanism Drivers Available
Arista, Cisco, Hyper-V, Tail-F NCS

17. Advanced Services
Load Balancing
VPN
Firewall

18. Load Balancing as Service
Multiple Implementations
Open Source - HAProxy
Proprietary Drivers Available

19. VPN as a Service
Site-to-Site
IPSec
OpenSwan Reference Implementation

20. Firewall as a Service
Stateless filtering at the edge
Vendor drivers available
Preview available in Havana

21. Horizon
Manage Resources
Networks
Subnets
Routers
VPN

22. Horizon
Select NICs when booting

23. Horizon

24. How to Contribute
Code:
https://github.com/openstack/neutron
Blueprints and Bugs
http://launchpad.net/neutron

25. More Information
Installation and Admin Manual
http://docs.openstack.org/trunk/openstacknetwork/admin/content/

26. Questions?
Mark McClain
OpenStack Networking Core Team Member and PTL
mark.mcclain@dreamhost.com