Mason Mei, profile picture
Uploaded byMason Mei
PDF, PPTX557 views

Ovn vancouver

OVN is an open source virtual network solution for Open vSwitch that provides logical L2 and L3 networking, including logical switches, routers, security groups, and multiple tunneling protocols. It is designed to scale to thousands of hypervisors and VMs, improve performance over existing plugins, and integrate with OpenStack and other cloud management systems through its databases and daemons. OVN aims to become the default virtual network solution in OpenStack Neutron by replacing the existing OVS plugin.

Embed presentation

Download as PDF, PPTX
OVN: Open Virtual Network for Open vSwitch Russell Bryant (@russellbryant) Kyle Mestery (@mestery) Justin Pettit (@Justin_D_Pettit)
Virtual Networking Overview Provides a logical network abstraction on top of a physical network 2 VMA VMB VMC L-Switch VM3 HV2 L-Switch L-Router L-Switch L-Switch VM5VM4VM3 VM1 VM2 VM4 VMB VMC VM5 HV1 VM1 VM2 VMA Physical Logical
What is OVN? • Open source virtual networking for Open vSwitch (OVS) • Provides L2/L3 virtual networking – Logical switches and routers – Security groups – L2/L3/L4 ACLs – Multiple tunnel overlays (Geneve, STT, and VXLAN) – TOR-based and software-based logical-physical gateways • Work on same platforms as OVS – Linux (KVM and Xen) – Containers – DPDK – Hyper-V • Integration with OpenStack and other CMSs
The Particulars • Developed by the same community as Open vSwitch • Vendor-neutral • Architecture and implementation have all occurred on public mailing lists • Developed under the Apache license 4
Goals • Production-quality • Straight-forward design • Scale to thousands of hypervisors (each with many VMs and containers) • Improved performance and stability over existing plugin 5
Why OVN is different • Will not require any additional agents for functionality for simplified deployment and debugging • Security groups using new in-kernel conntrack integration – More secure and faster than other methods – “Taking Security Groups to Ludicrous Speed with Open vSwitch” at 9:50 on Thursday • DPDK-based and hardware-accelerated gateways – Leverages new OVS DPDK port – Works with switches from Arista, Brocade, Cumulus, Dell, HP, Juniper, and Lenovo 6
Why OVN is Important to OpenStack
Why OVN is Important to OpenStack ● Neutron’s default backend is a custom virtual networking control plane ● Long term, we feel Neutron is best served letting a separate project implement the virtual network control plane
Why OVN is Important to OpenStack ● Migration from OVS backend to OVN is very natural for Neutron ● Just taking advantage of increasing functionality in OVS, which is already in use
OpenStack Neutron Platform ● Neutron evolving to be a platform ○ First step: Plugin decomposition ○ Second step: Bringing the plugin and driver backends under the Neutron tent ○ Third step: Open Source backends mature ● OVN fits into this Neutron Platform model
Neutron Integration with OVN ● ML2 driver for OVN ○ replaces OVS ML2 driver and Neutron’s OVS agent ● Uses Neutron L3 and DHCP agents, but just until OVN support is ready
Designed to Scale • Configuration coordinated through databases • Local controller converts logical flow state into physical flow state • Desired state clearly separated from run-time state • Grouping techniques reduce Cartesian Product issues 12
OVN Architecture 13 ovn-northd ovs- vswitchd ovn-controller ovsdb- server HV-1 ovs- vswitchd ovn-controller ovsdb- server HV-n … Northbound DB Southbound DB OpenStack/ CMS Plugin
The OVN Databases • ovn-northbound – OpenStack/CMS integration point – High-level, desired state • Logical ports -> logical switches -> logical routers • ovn-southbound – Run-time state • Location of logical ports • Location of physical endpoints • Logical pipeline generated based on configured and run-time state 14
The Daemons • ovn-northd – Converts from the high-level northbound DB to the run-time southbound DB – Generates logical flows based on high-level configuration • ovn-controller – Registers chassis and VIFs to southbound DB – Converts logical flows into physical flows (ie, VIF UUIDs to OpenFlow ports) – Pushes physical configuration to local OVS instance through OVSDB and OpenFlow 15
An Example 16 Name Ports LS1 LP1,LP2 Name MAC LP1 AA LP2 BB Name Encap IP HV1 Geneve 10.0.0.10 HV2 Geneve 10.0.0.11 Name Chassis LP1 HV1 Datapath Match Action LS1 eth.dst = AA LP1 LS1 eth.dst = BB LP2 LS1 eth.dst = <broadcast> LP1,LP2 Logical_Switch Logical_Port Chassis (ovn-controller) Bindings (ovn-controller) Pipeline (ovn-northd)
LP2 Arrives on HV2 17 Name Ports LS1 LP1,LP2 Name MAC LP1 AA LP2 BB Name Encap IP HV1 Geneve 10.0.0.10 HV2 Geneve 10.0.0.11 Name Chassis LP1 HV1 LP2 HV2 Datapath Match Action LS1 eth.dst = AA LP1 LS1 eth.dst = BB LP2 LS1 eth.dst = <broadcast> LP1,LP2 Logical_Switch Logical_Port Chassis (ovn-controller) Bindings (ovn-controller) Pipeline (ovn-northd)
Resources • Architecture described in detail in ovn-architecture (5) • Configuration is through a number of databases – OVN Northbound – Interface between CMS and OVN (ovn-nb (5)) – OVN Southbound – Holds the configuration and state of the logical and physical components (ovn-sb (5)) • Available in the “ovn” branch of the main OVS repo: – https://github.com/openvswitch/ovs/tree/ovn 18
Status – The EZ Bake Milestone • From start of coding to first ping: 6 weeks • Needs more testing, obviously • Haven’t tried any scale testing • Features listed on first page should be ready by end of the year • Expect rapid progress! 19
Neutron with built-in solution DB neutron-server rabbitmq L3 agentL3 agent L3 agent L3 agentL3 agent DHCP agent Adv. Services L3 agentL3 agent OVS agent
Neutron with OVN (so far) DB neutron-server rabbitmq L3 agentL3 agent L3 agent L3 agentL3 agent DHCP agent Adv. Services ovsdb-server ovn-northd ovn-controller ovn-controllerovn-controller
Neutron with OVN (later this year) DB neutron-server rabbitmq Adv. Services ovsdb-server ovn-northd ovn-controller ovn-controllerovn-controller
Trying out OVN
Test #1 - ovs-sandbox $ git clone http://github.com/openvswitch/ovs.git $ cd ovs $ git checkout -b ovn origin/ovn $ ./boot.sh && ./configure && make $ make sandbox SANDBOXFLAGS=”--ovn”
Test #1 - ovs-sandbox $ ovn-nbctl lswitch-add sw0 $ ovn-nbctl lport-add sw0 sw0-port1 $ ovn-nbctl lport-add sw0 sw0-port2 $ ovn-nbctl lport-set-macs sw0-port1 00:00:00:00:00:01 $ ovn-nbctl lport-set-macs sw0-port2 00:00:00:00:00:02 $ ovs-vsctl add-port br-int lport1 -- set Interface lport1 external_ids:iface-id=sw0-port1 $ ovs-vsctl add-port br-int lport2 -- set Interface lport2 external_ids:iface-id=sw0-port2
Test #1 - ovs-sandbox # Trace OpenFlow flows for a packet from port 1 to 2 $ ovs-appctl ofproto/trace br-int in_port=1,dl_src=00:00:00:00:00:01, dl_dst=00:00:00:00:00:02 -generate
Test #2 - Multi-node DevStack $ git clone http://git.openstack.org/openstack- dev/devstack.git $ git clone http://git.openstack. org/stackforge/networking-ovn.git $ cd devstack … Get local.conf from networking-ovn/devstack/ … local.conf.sample or computenode-local.conf.sample $ ./stack.sh
More cool stuff that works ● Can be used to create overlay networks for containers across many hosts ● If OVN backs Neutron, containers in VMs can be hooked up to virtual networks managed by Neutron
What’s Next for Core OVN • Security groups using in-kernel conntrack • ovn-controller that translates to “vtep” schema to enable physical gateways • OVS-DPDK gateway that uses “vtep” schema • L3 routing and native IP management • New test framework that allows local build-time testing with tunnels and arbitrary topologies • Merge “ovn” into OVS master branch 29
OVN Neutron Integration Future ● L3 service plugin ● security groups ● get tempest CI job passing ● create multi-node CI job
Longer Term • DPDK datapath – Move beyond the capabilities of the “vtep” schema to support fail- over, scale-out, and more stateful services – Will become a reference for building OVS DPDK applications • Architecture will allow innovation in the logical network space – New approaches to networking and security 31
How you can help • Try it! Test it! Write Code! • Report bugs and try it at scale • Core OVN is being developed on ovs-dev mailing list: – http://openvswitch.org/pipermail/dev/ – #openvswitch on Freenode • Neutron plugin for OVN is being developed here: – http://git.openstack.org/stackforge/networking-ovn.git – openstack-dev mailing list – #openstack-neutron-ovn on Freenode 32
Thank you! Russell Bryant (@russellbryant) Kyle Mestery (@mestery) Justin Pettit (@Justin_D_Pettit)

More Related Content

PPTX
OVN - Basics and deep dive
byTrinath Somanchi
 
PDF
The Open vSwitch and OVN Projects
byLinuxCon ContainerCon CloudOpen China
 
PPTX
Meetup 23 - 02 - OVN - The future of networking in OpenStack
byVietnam Open Infrastructure User Group
 
PDF
rtnetlink
byTaku Fukushima
 
PPTX
Neutron behind the scenes
byinbroker
 
PPTX
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
byJames Denton
 
PDF
OVN: Scaleable Virtual Networking for Open vSwitch
bymestery
 
PDF
Open Source Backends for OpenStack Neutron
bymestery
 
OVN - Basics and deep dive
byTrinath Somanchi
 
The Open vSwitch and OVN Projects
byLinuxCon ContainerCon CloudOpen China
 
Meetup 23 - 02 - OVN - The future of networking in OpenStack
byVietnam Open Infrastructure User Group
 
rtnetlink
byTaku Fukushima
 
Neutron behind the scenes
byinbroker
 
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
byJames Denton
 
OVN: Scaleable Virtual Networking for Open vSwitch
bymestery
 
Open Source Backends for OpenStack Neutron
bymestery
 

What's hot

PDF
Open vSwitch Introduction
byHungWei Chiu
 
PDF
OpenStack Neutron Tutorial
bymestery
 
PDF
Red Hat demo of OpenStack and ODL at ODL summit 2016
byRedHatTelco
 
PDF
OpenDaylight OpenStack Integration
byLinuxCon ContainerCon CloudOpen China
 
PDF
Improving Network Application Performance using Load Aware Libeventdev
byMichelle Holley
 
PDF
Open stack networking vlan, gre
bySim Janghoon
 
PDF
Open daylight and Openstack
byDave Neary
 
PPTX
Openstack Basic with Neutron
byKwonSun Bae
 
ODP
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...
byDave Neary
 
PDF
Open stack networking_101_part-2_tech_deep_dive
byyfauser
 
PPTX
Training open stack networking -neutron
byHaifeng Yan (颜海峰)
 
PDF
"One network to rule them all" - OpenStack Summit Austin 2016
byPhil Estes
 
PDF
Linux Tag 2014 OpenStack Networking
byyfauser
 
PPTX
L2 and L3 agent restructure
byRossella Sblendido
 
PDF
Status of Embedded Linux
byLinuxCon ContainerCon CloudOpen China
 
PDF
MidoNet deep dive
byTaku Fukushima
 
PDF
OpenStack Neutron: What's New In Kilo and a Look Toward Liberty
bymestery
 
PDF
An Introduction to OpenStack Networking
byScott Lowe
 
PDF
Introduction to Software Defined Networking and OpenStack Neutron
bySana Khan
 
PDF
OpenStack Tokyo Summit Keynote Slides
bymestery
 
Open vSwitch Introduction
byHungWei Chiu
 
OpenStack Neutron Tutorial
bymestery
 
Red Hat demo of OpenStack and ODL at ODL summit 2016
byRedHatTelco
 
OpenDaylight OpenStack Integration
byLinuxCon ContainerCon CloudOpen China
 
Improving Network Application Performance using Load Aware Libeventdev
byMichelle Holley
 
Open stack networking vlan, gre
bySim Janghoon
 
Open daylight and Openstack
byDave Neary
 
Openstack Basic with Neutron
byKwonSun Bae
 
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...
byDave Neary
 
Open stack networking_101_part-2_tech_deep_dive
byyfauser
 
Training open stack networking -neutron
byHaifeng Yan (颜海峰)
 
"One network to rule them all" - OpenStack Summit Austin 2016
byPhil Estes
 
Linux Tag 2014 OpenStack Networking
byyfauser
 
L2 and L3 agent restructure
byRossella Sblendido
 
Status of Embedded Linux
byLinuxCon ContainerCon CloudOpen China
 
MidoNet deep dive
byTaku Fukushima
 
OpenStack Neutron: What's New In Kilo and a Look Toward Liberty
bymestery
 
An Introduction to OpenStack Networking
byScott Lowe
 
Introduction to Software Defined Networking and OpenStack Neutron
bySana Khan
 
OpenStack Tokyo Summit Keynote Slides
bymestery
 

Viewers also liked

PDF
淺談系統監控與 AWS CloudWatch 的應用
byRick Hwang
 
PDF
Serverless api gateway + lambda
byLeon Li
 
PPTX
基于AWS Lambda的无服务器架构在Strikingly中的应用
byDaniel Gong
 
PDF
基于Aws的持续集成、交付和部署 代闻
byMason Mei
 
PPTX
Internet Cloud Operations - ChinaNetcloud & AWS Event Beijing
byChinaNetCloud
 
PPTX
Dev-Ops与Docker的最佳实践 QCon2016 北京站演讲
byChinaNetCloud
 
PPTX
OpsStack--Integrated Operation Platform
byChinaNetCloud
 
PDF
Getting Started with AWS EC2. From Zero to Hero
byAWSBulgaria
 
PPTX
AWS ELB Tips & Best Practices
byChinaNetCloud
 
PPTX
2016 AWS Summit TPE - Hiiir 如何透過 AWS IAM 做好雲端權限控管
byChiaHsien Lee
 
PPTX
AWS Summit OaaS Talk by ChinaNetCloud
byChinaNetCloud
 
淺談系統監控與 AWS CloudWatch 的應用
byRick Hwang
 
Serverless api gateway + lambda
byLeon Li
 
基于AWS Lambda的无服务器架构在Strikingly中的应用
byDaniel Gong
 
基于Aws的持续集成、交付和部署 代闻
byMason Mei
 
Internet Cloud Operations - ChinaNetcloud & AWS Event Beijing
byChinaNetCloud
 
Dev-Ops与Docker的最佳实践 QCon2016 北京站演讲
byChinaNetCloud
 
OpsStack--Integrated Operation Platform
byChinaNetCloud
 
Getting Started with AWS EC2. From Zero to Hero
byAWSBulgaria
 
AWS ELB Tips & Best Practices
byChinaNetCloud
 
2016 AWS Summit TPE - Hiiir 如何透過 AWS IAM 做好雲端權限控管
byChiaHsien Lee
 
AWS Summit OaaS Talk by ChinaNetCloud
byChinaNetCloud
 

Similar to Ovn vancouver

PDF
SDN & NFV Introduction - Open Source Data Center Networking
byThomas Graf
 
PDF
LF_OVS_17_State of the OVN
byLF_OpenvSwitch
 
PDF
Agile OpenStack Networking with Cisco Solutions
byCisco DevNet
 
PDF
What's the deal with Neutron?
byCynthia Thomas
 
PDF
Bridges and Tunnels: A Drive Through OpenStack Networking
bymarkmcclain
 
PPTX
Week_3.pptxmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm
byNavumGupta1
 
PDF
Introduction to open virtual network Dawid Deja
byOpenInfra Days Poland 2019
 
PDF
neutron_icehouse_update
byAkihiro Motoki
 
PPTX
OpenStack Networking and Automation
byAdam Johnson
 
PDF
[OpenStack Day in Korea 2015] Track 3-6 - Archiectural Overview of the Open S...
byOpenStack Korea Community
 
PDF
Open stack networking_101_update_2014
byyfauser
 
PPTX
Midokura OpenStack Meetup Taipei
byDan Mihai Dumitriu
 
PPTX
Supporting Virtualized Telco Applications with OpenStack
byBruce Davie
 
PDF
Open stack networking_101_part-1
byyfauser
 
PDF
Open stack networking_101_update_2014-os-meetups
byyfauser
 
PDF
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
bymarkmcclain
 
PDF
Nova net-or-neutron-atlanta2014.pptx
bySomik Behera
 
PDF
Network Virtualization & Software-defined Networking
byDigicomp Academy AG
 
PDF
CloudKC: Evolution of Network Virtualization
byCynthia Thomas
 
PPTX
OPNFV: Upstream Headwaters to Full Deployment
byOPNFV
 
SDN & NFV Introduction - Open Source Data Center Networking
byThomas Graf
 
LF_OVS_17_State of the OVN
byLF_OpenvSwitch
 
Agile OpenStack Networking with Cisco Solutions
byCisco DevNet
 
What's the deal with Neutron?
byCynthia Thomas
 
Bridges and Tunnels: A Drive Through OpenStack Networking
bymarkmcclain
 
Week_3.pptxmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm
byNavumGupta1
 
Introduction to open virtual network Dawid Deja
byOpenInfra Days Poland 2019
 
neutron_icehouse_update
byAkihiro Motoki
 
OpenStack Networking and Automation
byAdam Johnson
 
[OpenStack Day in Korea 2015] Track 3-6 - Archiectural Overview of the Open S...
byOpenStack Korea Community
 
Open stack networking_101_update_2014
byyfauser
 
Midokura OpenStack Meetup Taipei
byDan Mihai Dumitriu
 
Supporting Virtualized Telco Applications with OpenStack
byBruce Davie
 
Open stack networking_101_part-1
byyfauser
 
Open stack networking_101_update_2014-os-meetups
byyfauser
 
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
bymarkmcclain
 
Nova net-or-neutron-atlanta2014.pptx
bySomik Behera
 
Network Virtualization & Software-defined Networking
byDigicomp Academy AG
 
CloudKC: Evolution of Network Virtualization
byCynthia Thomas
 
OPNFV: Upstream Headwaters to Full Deployment
byOPNFV
 

More from Mason Mei

PDF
Atf 3 q15-7 - delivering cloud scale workflow automation control and visibili...
byMason Mei
 
PDF
Brkdcn 2035 multi-x
byMason Mei
 
PDF
New idc architecture
byMason Mei
 
PDF
Atf 3 q15-8 - introducing macro-segementation
byMason Mei
 
PDF
16 vxlan配置指导-整本手册
byMason Mei
 
PPTX
H3 cswitch2015
byMason Mei
 
PDF
Atf 3 q15-4 - scaling the the software driven cloud network
byMason Mei
 
PDF
Atf 3 q15-6 - solutions for scaling the cloud computing network infrastructure
byMason Mei
 
PDF
04 hou ziqiang
byMason Mei
 
PDF
08 sdn system intelligence short public beijing sdn conference - 130828
byMason Mei
 
PDF
05 zhao huiling
byMason Mei
 
PDF
201507131408448146
byMason Mei
 
PDF
03 jiang lintao
byMason Mei
 
PDF
07 tang xiongyan
byMason Mei
 
PDF
01 dan chinese-chinese sdn china 2013- dan's keynote draft aug 14 2013
byMason Mei
 
PDF
10 2013 sdn summit ch reviewed-new
byMason Mei
 
PDF
11 zhuai chuanpu h3 c
byMason Mei
 
PDF
06 duan xiaodong
byMason Mei
 
PDF
02 china sdn conf ron keynote
byMason Mei
 
PDF
Atf 3 q15-9 - summary and close
byMason Mei
 
Atf 3 q15-7 - delivering cloud scale workflow automation control and visibili...
byMason Mei
 
Brkdcn 2035 multi-x
byMason Mei
 
New idc architecture
byMason Mei
 
Atf 3 q15-8 - introducing macro-segementation
byMason Mei
 
16 vxlan配置指导-整本手册
byMason Mei
 
H3 cswitch2015
byMason Mei
 
Atf 3 q15-4 - scaling the the software driven cloud network
byMason Mei
 
Atf 3 q15-6 - solutions for scaling the cloud computing network infrastructure
byMason Mei
 
04 hou ziqiang
byMason Mei
 
08 sdn system intelligence short public beijing sdn conference - 130828
byMason Mei
 
05 zhao huiling
byMason Mei
 
201507131408448146
byMason Mei
 
03 jiang lintao
byMason Mei
 
07 tang xiongyan
byMason Mei
 
01 dan chinese-chinese sdn china 2013- dan's keynote draft aug 14 2013
byMason Mei
 
10 2013 sdn summit ch reviewed-new
byMason Mei
 
11 zhuai chuanpu h3 c
byMason Mei
 
06 duan xiaodong
byMason Mei
 
02 china sdn conf ron keynote
byMason Mei
 
Atf 3 q15-9 - summary and close
byMason Mei
 

Recently uploaded

PPTX
AN Introduction to UNIX File System—An Approach
bysonjuktaweb
 
PDF
Top 10 API Automation Testing Tools: Features, Pros & Cons
byhenrycavill30521
 
PPTX
Information about Trusted Platform Module(TPM)
bynewtoknow techs
 
PPTX
Salesforce Spring 26 Release Key .pptx
byMehediHasan939830
 
PDF
Benefits of Using the IAC 500 Sensor for Ambient Conditions
byCS Instruments
 
PDF
AI Driven & AI Native Development AI native development
byZainKarim7
 
PDF
Artificial Intelligence and Barbarism - Conceptual Map
byalfadix
 
PDF
कम्प्यूटर.pdf for all computer examination
bynm92169694
 
PDF
“Lessons from Yesterday's Tomorrowland” by Scott M. Graffius
byScott M. Graffius
 
PPTX
UNIT III TYPOLOGY OF CRIME AND CRIMINAL BEHAVIOUR (1).pptx
bybloodyhumanoid
 
PPTX
Cybersecurity Basics: Understanding Threats, Protection Methods, and Safe Dig...
byDhruvManiar3
 
PPTX
Pizza Chain Market Data Scraping for Better Insights Report.pptx
byWeb Data Crawler
 
PDF
Regenerative Agriculture Finance : Environmental impact
byrose mason
 
PDF
Azure Identity, Governance, and Monitoring solutions
byVICTOR MAESTRE RAMIREZ
 
PPTX
Digital transformation success powered by EPM and NexInfo.pptx
byjayasuryanexinfo
 
PDF
How to Connect HP LaserJet MFP M234dwe to WiFi
byPrinter Tales
 
PDF
Ai In Courts Ai in courts AI in court AI in court
byZainKarim7
 
PPT
Information and Communication Technologies and Power
byJeffrey Hart
 
PDF
The map to conquer linear algebra for IT engineer
byakipii ogaoga
 
PPTX
AI Bot Traffic Surge: Retail Fraud Threat for Age-Restricted Websites
byFTx Identity
 
AN Introduction to UNIX File System—An Approach
bysonjuktaweb
 
Top 10 API Automation Testing Tools: Features, Pros & Cons
byhenrycavill30521
 
Information about Trusted Platform Module(TPM)
bynewtoknow techs
 
Salesforce Spring 26 Release Key .pptx
byMehediHasan939830
 
Benefits of Using the IAC 500 Sensor for Ambient Conditions
byCS Instruments
 
AI Driven & AI Native Development AI native development
byZainKarim7
 
Artificial Intelligence and Barbarism - Conceptual Map
byalfadix
 
कम्प्यूटर.pdf for all computer examination
bynm92169694
 
“Lessons from Yesterday's Tomorrowland” by Scott M. Graffius
byScott M. Graffius
 
UNIT III TYPOLOGY OF CRIME AND CRIMINAL BEHAVIOUR (1).pptx
bybloodyhumanoid
 
Cybersecurity Basics: Understanding Threats, Protection Methods, and Safe Dig...
byDhruvManiar3
 
Pizza Chain Market Data Scraping for Better Insights Report.pptx
byWeb Data Crawler
 
Regenerative Agriculture Finance : Environmental impact
byrose mason
 
Azure Identity, Governance, and Monitoring solutions
byVICTOR MAESTRE RAMIREZ
 
Digital transformation success powered by EPM and NexInfo.pptx
byjayasuryanexinfo
 
How to Connect HP LaserJet MFP M234dwe to WiFi
byPrinter Tales
 
Ai In Courts Ai in courts AI in court AI in court
byZainKarim7
 
Information and Communication Technologies and Power
byJeffrey Hart
 
The map to conquer linear algebra for IT engineer
byakipii ogaoga
 
AI Bot Traffic Surge: Retail Fraud Threat for Age-Restricted Websites
byFTx Identity
 

Ovn vancouver

  • 1.
    OVN: Open Virtual Network forOpen vSwitch Russell Bryant (@russellbryant) Kyle Mestery (@mestery) Justin Pettit (@Justin_D_Pettit)
  • 2.
    Virtual Networking Overview Providesa logical network abstraction on top of a physical network 2 VMA VMB VMC L-Switch VM3 HV2 L-Switch L-Router L-Switch L-Switch VM5VM4VM3 VM1 VM2 VM4 VMB VMC VM5 HV1 VM1 VM2 VMA Physical Logical
  • 3.
    What is OVN? •Open source virtual networking for Open vSwitch (OVS) • Provides L2/L3 virtual networking – Logical switches and routers – Security groups – L2/L3/L4 ACLs – Multiple tunnel overlays (Geneve, STT, and VXLAN) – TOR-based and software-based logical-physical gateways • Work on same platforms as OVS – Linux (KVM and Xen) – Containers – DPDK – Hyper-V • Integration with OpenStack and other CMSs
  • 4.
    The Particulars • Developedby the same community as Open vSwitch • Vendor-neutral • Architecture and implementation have all occurred on public mailing lists • Developed under the Apache license 4
  • 5.
    Goals • Production-quality • Straight-forwarddesign • Scale to thousands of hypervisors (each with many VMs and containers) • Improved performance and stability over existing plugin 5
  • 6.
    Why OVN isdifferent • Will not require any additional agents for functionality for simplified deployment and debugging • Security groups using new in-kernel conntrack integration – More secure and faster than other methods – “Taking Security Groups to Ludicrous Speed with Open vSwitch” at 9:50 on Thursday • DPDK-based and hardware-accelerated gateways – Leverages new OVS DPDK port – Works with switches from Arista, Brocade, Cumulus, Dell, HP, Juniper, and Lenovo 6
  • 7.
    Why OVN isImportant to OpenStack
  • 8.
    Why OVN isImportant to OpenStack ● Neutron’s default backend is a custom virtual networking control plane ● Long term, we feel Neutron is best served letting a separate project implement the virtual network control plane
  • 9.
    Why OVN isImportant to OpenStack ● Migration from OVS backend to OVN is very natural for Neutron ● Just taking advantage of increasing functionality in OVS, which is already in use
  • 10.
    OpenStack Neutron Platform ●Neutron evolving to be a platform ○ First step: Plugin decomposition ○ Second step: Bringing the plugin and driver backends under the Neutron tent ○ Third step: Open Source backends mature ● OVN fits into this Neutron Platform model
  • 11.
    Neutron Integration withOVN ● ML2 driver for OVN ○ replaces OVS ML2 driver and Neutron’s OVS agent ● Uses Neutron L3 and DHCP agents, but just until OVN support is ready
  • 12.
    Designed to Scale •Configuration coordinated through databases • Local controller converts logical flow state into physical flow state • Desired state clearly separated from run-time state • Grouping techniques reduce Cartesian Product issues 12
  • 13.
  • 14.
    The OVN Databases •ovn-northbound – OpenStack/CMS integration point – High-level, desired state • Logical ports -> logical switches -> logical routers • ovn-southbound – Run-time state • Location of logical ports • Location of physical endpoints • Logical pipeline generated based on configured and run-time state 14
  • 15.
    The Daemons • ovn-northd –Converts from the high-level northbound DB to the run-time southbound DB – Generates logical flows based on high-level configuration • ovn-controller – Registers chassis and VIFs to southbound DB – Converts logical flows into physical flows (ie, VIF UUIDs to OpenFlow ports) – Pushes physical configuration to local OVS instance through OVSDB and OpenFlow 15
  • 16.
    An Example 16 Name Ports LS1LP1,LP2 Name MAC LP1 AA LP2 BB Name Encap IP HV1 Geneve 10.0.0.10 HV2 Geneve 10.0.0.11 Name Chassis LP1 HV1 Datapath Match Action LS1 eth.dst = AA LP1 LS1 eth.dst = BB LP2 LS1 eth.dst = <broadcast> LP1,LP2 Logical_Switch Logical_Port Chassis (ovn-controller) Bindings (ovn-controller) Pipeline (ovn-northd)
  • 17.
    LP2 Arrives onHV2 17 Name Ports LS1 LP1,LP2 Name MAC LP1 AA LP2 BB Name Encap IP HV1 Geneve 10.0.0.10 HV2 Geneve 10.0.0.11 Name Chassis LP1 HV1 LP2 HV2 Datapath Match Action LS1 eth.dst = AA LP1 LS1 eth.dst = BB LP2 LS1 eth.dst = <broadcast> LP1,LP2 Logical_Switch Logical_Port Chassis (ovn-controller) Bindings (ovn-controller) Pipeline (ovn-northd)
  • 18.
    Resources • Architecture describedin detail in ovn-architecture (5) • Configuration is through a number of databases – OVN Northbound – Interface between CMS and OVN (ovn-nb (5)) – OVN Southbound – Holds the configuration and state of the logical and physical components (ovn-sb (5)) • Available in the “ovn” branch of the main OVS repo: – https://github.com/openvswitch/ovs/tree/ovn 18
  • 19.
    Status – TheEZ Bake Milestone • From start of coding to first ping: 6 weeks • Needs more testing, obviously • Haven’t tried any scale testing • Features listed on first page should be ready by end of the year • Expect rapid progress! 19
  • 20.
    Neutron with built-insolution DB neutron-server rabbitmq L3 agentL3 agent L3 agent L3 agentL3 agent DHCP agent Adv. Services L3 agentL3 agent OVS agent
  • 21.
    Neutron with OVN(so far) DB neutron-server rabbitmq L3 agentL3 agent L3 agent L3 agentL3 agent DHCP agent Adv. Services ovsdb-server ovn-northd ovn-controller ovn-controllerovn-controller
  • 22.
    Neutron with OVN(later this year) DB neutron-server rabbitmq Adv. Services ovsdb-server ovn-northd ovn-controller ovn-controllerovn-controller
  • 23.
  • 24.
    Test #1 -ovs-sandbox $ git clone http://github.com/openvswitch/ovs.git $ cd ovs $ git checkout -b ovn origin/ovn $ ./boot.sh && ./configure && make $ make sandbox SANDBOXFLAGS=”--ovn”
  • 25.
    Test #1 -ovs-sandbox $ ovn-nbctl lswitch-add sw0 $ ovn-nbctl lport-add sw0 sw0-port1 $ ovn-nbctl lport-add sw0 sw0-port2 $ ovn-nbctl lport-set-macs sw0-port1 00:00:00:00:00:01 $ ovn-nbctl lport-set-macs sw0-port2 00:00:00:00:00:02 $ ovs-vsctl add-port br-int lport1 -- set Interface lport1 external_ids:iface-id=sw0-port1 $ ovs-vsctl add-port br-int lport2 -- set Interface lport2 external_ids:iface-id=sw0-port2
  • 26.
    Test #1 -ovs-sandbox # Trace OpenFlow flows for a packet from port 1 to 2 $ ovs-appctl ofproto/trace br-int in_port=1,dl_src=00:00:00:00:00:01, dl_dst=00:00:00:00:00:02 -generate
  • 27.
    Test #2 -Multi-node DevStack $ git clone http://git.openstack.org/openstack- dev/devstack.git $ git clone http://git.openstack. org/stackforge/networking-ovn.git $ cd devstack … Get local.conf from networking-ovn/devstack/ … local.conf.sample or computenode-local.conf.sample $ ./stack.sh
  • 28.
    More cool stuffthat works ● Can be used to create overlay networks for containers across many hosts ● If OVN backs Neutron, containers in VMs can be hooked up to virtual networks managed by Neutron
  • 29.
    What’s Next forCore OVN • Security groups using in-kernel conntrack • ovn-controller that translates to “vtep” schema to enable physical gateways • OVS-DPDK gateway that uses “vtep” schema • L3 routing and native IP management • New test framework that allows local build-time testing with tunnels and arbitrary topologies • Merge “ovn” into OVS master branch 29
  • 30.
    OVN Neutron IntegrationFuture ● L3 service plugin ● security groups ● get tempest CI job passing ● create multi-node CI job
  • 31.
    Longer Term • DPDKdatapath – Move beyond the capabilities of the “vtep” schema to support fail- over, scale-out, and more stateful services – Will become a reference for building OVS DPDK applications • Architecture will allow innovation in the logical network space – New approaches to networking and security 31
  • 32.
    How you canhelp • Try it! Test it! Write Code! • Report bugs and try it at scale • Core OVN is being developed on ovs-dev mailing list: – http://openvswitch.org/pipermail/dev/ – #openvswitch on Freenode • Neutron plugin for OVN is being developed here: – http://git.openstack.org/stackforge/networking-ovn.git – openstack-dev mailing list – #openstack-neutron-ovn on Freenode 32
  • 33.
    Thank you! Russell Bryant(@russellbryant) Kyle Mestery (@mestery) Justin Pettit (@Justin_D_Pettit)