OpenStack Icehouse on IPv6

Similar documents
OpenStack Havana On IPv6

OpenStack Grizzly on IPv6

ODL Summit Bangalore - Nov 2016 IPv6 Design in OpenDaylight

Introduction to Neutron. Network as a Service

IPv6 in Avi Vantage for OpenStack

Introduction to OpenStack Trove

Part2: Let s pick one cloud IaaS middleware: OpenStack. Sergio Maffioletti

The Road to Rolling Upgrade of Intel Private Cloud

FloatingIP Enhancement For Public Cloud Infrastructure

Cloud Networking (VITMMA02) Network Virtualization: Overlay Networks OpenStack Neutron Networking

Layer-4 to Layer-7 Services

Neutron networking with RHEL OpenStack Platform. Nir Yechiel Senior Technical Product Manager, OpenStack Red Hat

Linux Clusters Institute: OpenStack Neutron

OpenStack. Architecture and Operation. OpenStack Tutorial Day 2. Kasidit Chanchio Vasabilab, Thammasat University

Upcoming Services in OpenStack Rohit Agarwalla, Technical DEVNET-1102

OpenContrail Overview Architecture & Demo

Minimal OpenStack Starting Your OpenStack Journey

High Availability for Enterprise Clouds: Oracle Solaris Cluster and OpenStack

Fuel VMware DVS plugin testing documentation

Build Cloud like Rackspace with OpenStack Ansible

Using PCE for path computation, PCEP for device config and BGP-LS for topology discovery vcpe

BRKDCT-1253: Introduction to OpenStack Daneyon Hansen, Software Engineer

Open vswitch in Neutron

Best Practice Deployment of F5 App Services in Private Clouds. Henry Tam, Senior Product Marketing Manager John Gruber, Sr. PM Solutions Architect

IPv6 Autoconfiguration. Stateless and Stateful. Rabat, Maroc Mars 2007

OpenStack Network Design using Cisco Solutions Shannon McFarland CCIE #5245 Principal

Quantum, network services for Openstack. Salvatore Orlando Openstack Quantum core developer

Project Calico v3.1. Overview. Architecture and Key Components

Architecture and terminology

Neutron: peeking behind the curtains

BCS EXIN Foundation Certificate in OpenStack Software Syllabus

TungstenFabric (Contrail) at Scale in Workday. Mick McCarthy, Software Workday David O Brien, Software Workday

Spawning Virtual HPCs Using OpenStack

CS-580K/480K Advanced Topics in Cloud Computing. OpenStack

DHCPv6 OPERATIONAL ISSUES Tom Coffeen 4/7/2016

Learning/Playing with IPv6 at home. Keith Garner, Gradebook Team Lead

OpenStack Lab on VMware Workstation Setting up the All-In-One VM

GETTING STARTED WITH OPENSTACK. Kenneth Hui, Rackspace Dan Radez, Red Hat April 27, 2016

Introduction To OpenStack. Haim Ateya Group Manager, EMC

File system, 199 file trove-guestagent.conf, 40 flavor-create command, 108 flavor-related APIs list, 280 show details, 281 Flavors, 107

IPv6 Client IP Address Learning

Red Hat OpenStack Platform 10 Product Guide

Project Calico v3.2. Overview. Architecture and Key Components. Project Calico provides network security for containers and virtual machine workloads.

IPv6 Protocol Architecture

OpenStack and OpenDaylight, the Evolving Relationship in Cloud Networking Charles Eckel, Open Source Developer Evangelist

Actual Agility with SDN: Weaving SDN into Data Center Automation May 6, John Burke Principal Research Analyst & CIO

Configuring Virtual Networks Using OpenStack

Introduction to IPv6 - II

OpenStack End User Guide. SUSE OpenStack Cloud 8

Title Text. Making OpenStack Work in an Existing Environment - Challenges and Solutions. Amrish Kapoor, Pushkar Acharya, Ken Hui, Roopak Parikh

An Introduction to Red Hat Enterprise Linux OpenStack Platform. Rhys Oxenham Field Product Manager, Red Hat

INSTALLATION RUNBOOK FOR Triliodata + TrilioVault

IPv6 Best Operational Practices of Network Functions Virtualization (NFV) With Vmware NSX. Jeremy Duncan Tachyon Dynamics

IP Addressing Modes for Cisco Collaboration Products

IPv6 Protocol & Structure. npnog Dec, 2017 Chitwan, NEPAL

IP Addressing Modes for Cisco Collaboration Products

Guide to TCP/IP Fourth Edition. Chapter 6: Neighbor Discovery in IPv6

Practical IPv6 for Windows Administrators

DHCPv6 Overview 1. DHCPv6 Server Configuration 1

OPENSTACK PRIVATE CLOUD WITH GITHUB

VMware Integrated OpenStack User Guide. VMware Integrated OpenStack 4.1

Building a Video Optimized Private Cloud Platform on Cisco Infrastructure Rohit Agarwalla, Technical

Jumpstart your Production OpenStack Deployment with

IPv6 Associated Protocols. Athanassios Liakopoulos 6DEPLOY IPv6 Training, Skopje, June 2011

Application Centric Microservices Ken Owens, CTO Cisco Intercloud Services. Redhat Summit 2015

Agile OpenStack Networking with Cisco solutions Rohit Agarwalla, Technical DEVNET-1107

Step 2. Manual configuration of global unicast and link-local addresses

VMware Integrated OpenStack User Guide

IPv6 Community Wifi. Unique IPv6 Prefix per Host. IPv6 Enhanced Subscriber Access for WLAN Access Gunter Van de Velde Public.

OpenStack Admin User Guide

Fulvio Risso, Matteo Bertrone, Mauricio Vasquez Bernal

Settings. IP Settings. Set Up Ethernet Settings. Procedure

OpenStack and OVN What s New with OVS 2.7 OpenStack Summit -- Boston 2017

1. What is Cloud Computing (CC)? What are the Pros and Cons of CC? Technologies of CC 27

IPv6 Neighbor Discovery

VMware Integrated OpenStack Quick Start Guide

DHCPv6Relay LightweightDHCPv6RelayAgent

DHCPv6 (RFC3315 RFC4361)

Internet Protocol Version 6: advanced features. The innovative aspects of IPv6

Rocky Mountain IPv6 Summit April 9, 2008

OpenStack Ceilometer. Tong Li (IBM) Brad Topol (IBM)

Deployment Guide for Nuage Networks VSP

Deployment Guide for Nuage Networks VSP

COE IPv6 Roadmap Planning. ZyXEL

Setting Up a Service VM as an IPv6 vrouter

vrealize Operations Management Pack for OpenStack 5.0

NephOS. A Single Turn-key Solution for Public, Private, and Hybrid Clouds

Advanced Computer Networking. CYBR 230 Jeff Shafer University of the Pacific. IPv6

CLOUD INFRASTRUCTURE ARCHITECTURE DESIGN

NephOS. A Single Turn-key Solution for Public, Private, and Hybrid Clouds

IPv6 Security. David Kelsey (STFC-RAL) IPv6 workshop pre-gdb, CERN 7 June 2016

OpenStack Summit Tokyo Multi location implementation of OpenStack

"Charting the Course... H8Q14S HPE Helion OpenStack. Course Summary

Installing and Configuring Devstack Newton for Infoblox Integration

INSTALLATION RUNBOOK FOR. VNF (virtual firewall) 15.1X49-D30.3. Liberty. Application Type: vsrx Version: MOS Version: 8.0. OpenStack Version:

SLAACers. IPv6 Accountability without DHCPv6. Library and Information Services School of Oriental and African Studies London. Networkshop 39, 2011

Learning From Real Practice of Providing Highly Available Hybrid Cloud Service with OpenStack Neutron

IPv6 Rapid Deployment (6rd) in broadband networks. Allen Huotari Technical Leader June 14, 2010 NANOG49 San Francisco, CA

Implementing DHCP for IPv6

Fully Scalable Networking with MidoNet

Transcription:

OpenStack Icehouse on IPv6 Shixiong Shang v1.3

Agenda Introduction Overview Use Cases Design and Implementation Demo Next Steps 2

Introduction Nephos6 Founded in June, 2011 Service assurance company Twitter: @Nephos6 Web: http://www.nephos6.com Shixiong Shang Ciprian Popoviciu Founder, CEO IPv6 expert Twitter: @Nephos6 Email: chip@nephos6.com Head of Engineering Twitter: @shshang Email: shshang@nephos6.com 3

IPv6? IPv6 NOW! The promise of Cloud cannot be fully met without IPv6 - Nephos6 The Road To IPv6, Bumpy - Paul Saab from Facebook, 2014 V6 World Congress in Paris!!!!!!! Facebook s goal: 75% of internal traffic is now IPv6 with a goal to be at 100% by Q3 2014 or earlier First IPv6 only cluster (no RFC1918) by end of 2014 100% IPv6 only (no RFC1918) in 2-3 years 4

Overview OpenStack Neutron IPv6 sub team. Have been working with other stackers on weekly basis Comcast, IBM, Cisco, etc. Nephos6 main contributions: Proposed 4 + 1 blueprints Implemented 3 + 1 blueprints Submitted 400+ lines of python source code plus 300+ lines of unit testing code Target release: Icehouse in April, 2014 Status: Look forward to Juno.:) 5

Scope Current main focuses: Router Advertisement and Address Assignment SLAAC DHCPv6 (Stateful and Stateless) Tenant network Public Private/Provider Primary seven use cases Neutron Client (CLI + Dashboard): IBM and Cisco Neutron APIs: Comcast and IBM Database: Comcast Neutron DHCP Agent: Nephos6 6

IPv6 Address Auto-Configuration SLAAC* DHCPv6* IPv6 Address (non-link-local) By exchanging Router Solicitation and Router Advertisement messages with neighboring routers. From DHCPv6 server Additional Information None From DHCPv6 server Default Gateway The only way to announce default route is using Router Advertisement! Pros Plug and play IPv4-like approach, but better More control Cons Doesn t provide Hostname, DNS server, WINS, etc. Operational overhead (extra DHCP server, HA, etc.) * Based on ICMPv6 7

Use Cases - Public Tenant Network external network side (outside) tenant network (inside) neutron router VM 1 Router Advertisement Address Assignment: SLAAC Provided by OpenStack neutron router dhcpv6 server (stateful) VM 2 Router Advertisement Address Assignment: DHCPv6 Stateful neutron router dhcpv6 server (stateless) VM 3 Router Advertisement Address Assignment: DHCPv6 Stateless 8

Use Cases - Public Tenant Network external network side (outside) neutron router dhcpv6 server (stateful) tenant network (inside) Provided by customer VM 4 Provided by OpenStack Router Advertisement Address Assignment: DHCPv6 Stateful neutron router dhcpv6 server (stateless) Provided by customer VM 5 Router Advertisement Address Assignment: DHCPv6 Stateless 9

Use Cases - Provider Tenant Network external network side (outside) physical router dhcpv6 server (stateful) tenant network (inside) Provided by OpenStack VM 6 Provided by customer Router Advertisement Address Assignment: DHCPv6 Stateful physical router dhcpv6 server (stateless) Provided by Openstack VM 7 Router Advertisement Address Assignment: DHCPv6 Stateless 10

Use Cases - Private Tenant Network No external network side (outside) physical switch dhcpv6 server (stateful) tenant network (inside) Provided by OpenStack VM 8 Provided by customer Router Advertisement Address Assignment: DHCPv6 Stateful physical switch dhcpv6 server (stateless) Provided by Openstack VM 9 Router Advertisement Address Assignment: DHCPv6 Stateless 11

Who Sends RA? Who Assign Address? Network Type OpenStack ipv6_ra_mode OpenStack ipv6_address_mode Description external router (A=1, M=0, O=0) external router off off VM obtains IPv6 address from external router using SLAAC external router external DHCPv6 server off off VM obtains IPv6 address and optional info from external DHCPv6 server using DHCPv6 Stateful (A=0, M=1, O=1) OpenStack dnsmasq Private / Provider off dhcpv6-stateful VM obtains IPv6 address and optional info from OpenStack dnsmasq using DHCPv6 Stateful external router external DHCPv6 server off off VM obtains IPv6 address from external router by SLAAC and optional info from external DHCPv6 server using DHCPv6 Stateless (A=1, M=0, O=1) OpenStack dnsmasq Private / Provider off dhcpv6-stateless VM obtains IPv6 address from external router by SLAAC and optional info from OpenStack dnsmasq using DHCPv6 Stateless OpenStack dnsmasq (A=1, M=0, O=0) OpenStack dnsmasq Public slaac slaac VM obtains IPv6 address from OpenStack using SLAAC OpenStack dnsmasq external DHCPv6 server Public dhcpv6-stateful off VM obtains IPv6 address and optional info from external DHCPv6 server using DHCPv6 Stateful (A=0, M=1, O=1) OpenStack dnsmasq Public dhcpv6-stateful dhcpv6-stateful VM obtains IPv6 address and optional info from OpenStack dnsmasq using DHCPv6 Stateful OpenStack dnsmasq external DHCPv6 server Public dhcpv6-stateless off VM obtains IPv6 address from OpenStack by SLAAC and optional info from external DHCPv6 server using DHCPv6 Stateless (A=1, M=0, O=1) OpenStack dnsmasq Public dhcpv6-stateless dhcpv6-stateless VM obtains IPv6 address from OpenStack by SLAAC and optional info from OpenStack dnsmasq using DHCPv6 Stateless This table is created and submitted to Neutron IPv6 subteam by Shixiong Shang from Nephos6.

Design Proposal Separate the control of Router Advertisement from Address Assignment using two new attributes: Attribute Description Possible Values dhcpv6-stateful ipv6_ra_mode Determine who sends RA and which AMO bits are set. dhcpv6-stateless slaac attr_not_specified (i.e. blank) ipv6_address_mode Determine how VM obtains IPv6 address, default gateway, and/or optional information dhcpv6-stateful dhcpv6-stateless slaac attr_not_specified (i.e. blank) 13

Implementation Translate customer inputs to key/ value pairs in API call neutron client (via cli or horizon) New User Interface Launch dnsmasq for IPv6 subnets based on two attributes Controller Node Validate two attributes combination Neutron API Plugin Event / Task Driver (dnsmasq) DHCP Agent Network Node Attach two attributes values to IPv6 subnet DB RabbitMQ 14

Neutron Subnet Creation Neutron Client neutron subnet-create --ip-version 6 --name subnet-name network-name ipv6_prefix --enable-dhcp true --ipv6_ra_mode slaac --ipv6_address_mode slaac Neutron API MySQL DB 15

Challenges: Public Network 1. Keep dnsmasq behavior intact for IPv4 subnet 3. OpenStack needs to know VM s self- calculated IPv6 address in SLAAC case qdhcp namespace ns- interface 192.168.1.2 2001:db8:1:1::a:b:c VM vnic 192.168.1.3 2001:db8:1:1::x:y:z Network Node qrouter namespace IPv4 DHCP IPv6 RA and/or DHCPv6 Compute Node qr- interface 192.168.1.1 qr- interface 2001:db8:1:1::1 2. Launch a dnsmasq instance for IPv6 subnet, bind it to the qr- gw interface and send RA from there. May use dnsmasq as DHCPv6 server. Switching security policy 4. Need ip6tables filter rules to enable ICMPv6 at inbound direction 16

Challenges: Private/Provider Network 1. Keep dnsmasq behavior intact for IPv4 subnet qdhcp namespace VM ns- interface 192.168.1.2 2001:db8:1:1::a:b:c vnic 192.168.1.3 2001:db8:1:1::x:y:z Network Node 2. Launch a separate dnsmasq instance for IPv6 subnet and bind it to the ns- interface. Use it as DHCPv6 server without sending RA IPv4 DHCP security policy IPv6 DHCPv6 Compute Node Switching 3. Need ip6tables filter rules to enable ICMPv6 at inbound direction 17

Icehouse Demo Setup Controller Node mysql db rabbitmq horizon keystone glance swift cinder nova-api nova-scheduler nova-consoleauth nova-novncproxy nova-cert nova-conductor neutron-server Network Node neutron-dhcp-agent neutron-l3-agent neutron-metadata-agent openvswitch neutron-openvswitchagent dnsmasq Compute Node nova-compute openvswitch-agent openvswitch eth0 eth0 eth1 eth2 eth0 eth2 Management and API Networks Tenant Data Networks Tenant External Network Router 18

Icehouse Demo Setup Network Node Compute Node Neutron Router 192.168.1.1 2001:db8:1:1::1 192.168.1.d 2001:db8:1:1:x:y:z:e VM OVSwitch OVSwitch OVSwitch Physical Router net1_priv1 sub1_priv1_ipv4: 192.168.1.0/24 sub1_priv1_ipv6: 2001:db8:1:1::/64 19

Icehouse Demo - Dual-Stack VM 20

Icehouse Demo - VM IPv4 and IPv6 Address 21

Icehouse Demo - IPv6 Default Gateway 22

Icehouse Demo - IPv6 Connectivity 23

Next Step Robustness ML2 friend or foe? IPv6 External network Prefix Delegation and more! Any product that is not IPv6 based is legacy from day one. - Nephos6 24

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback