Quantum, network services for Openstack. Salvatore Orlando Openstack Quantum core developer

Similar documents
Introduction to Neutron. Network as a Service

BRKDCT-1253: Introduction to OpenStack Daneyon Hansen, Software Engineer

Deploying TeraVM in an OpenStack Environment

Ryu: Network Operating System

Part2: Let s pick one cloud IaaS middleware: OpenStack. Sergio Maffioletti

Network Mul,tenancy in Xen- based Clouds. Chiradeep Vi;al CloudStack Commi;er Citrix Sep

Xen*, SDN and Apache Cloudstack. Sebastien Goasguen, Apache CloudStack Citrix EMEA August 28 th 2012 Xen Summit

OpenContrail Overview Architecture & Demo

TEN ESSENTIAL NETWORK VIRTUALIZATION DEFINITIONS

Best Practice Deployment of F5 App Services in Private Clouds. Henry Tam, Senior Product Marketing Manager John Gruber, Sr. PM Solutions Architect

Cloud Networking From Theory to Practice. Ivan Pepelnjak NIL Data Communications

Intel Open Network Platform. Recep Ozdag Intel Networking Division May 8, 2013

Building NFV Solutions with OpenStack and Cisco ACI

Distributed Systems. 31. The Cloud: Infrastructure as a Service Paul Krzyzanowski. Rutgers University. Fall 2013

DEPLOYING NFV: BEST PRACTICES

Cloud Networking (VITMMA02) Network Virtualization: Overlay Networks OpenStack Neutron Networking

Xen and CloudStack. Ewan Mellor. Director, Engineering, Open-source Cloud Platforms Citrix Systems

Ethernet Fabrics- the logical step to Software Defined Networking (SDN) Frank Koelmel, Brocade

Cross-Site Virtual Network Provisioning in Cloud and Fog Computing

Session objectives and takeaways

Service Graph Design with Cisco Application Centric Infrastructure

NephOS. A Single Turn-key Solution for Public, Private, and Hybrid Clouds

Fully Scalable Networking with MidoNet

Neutron: peeking behind the curtains

NephOS. A Single Turn-key Solution for Public, Private, and Hybrid Clouds

CloudBridge and Get Ready for Desktops and Apps as a Service. Henrik Poulsen

OPENSTACK PRIVATE CLOUD WITH GITHUB

CS-580K/480K Advanced Topics in Cloud Computing. OpenStack

SDN+NFV Next Steps in the Journey

OSDC.de 2013 Introduction to OpenStack. Justin Clift Open Source & Standards RH 17 April 2013

"Charting the Course... H8Q14S HPE Helion OpenStack. Course Summary

Nexus 1000V in Context of SDN. Martin Divis, CSE,

VMWARE SOLUTIONS AND THE DATACENTER. Fredric Linder

Apache CloudStack. Sebastien Goasguen Open Source Office,

Huawei CloudFabric and VMware Collaboration Innovation Solution in Data Centers

WIND RIVER TITANIUM CLOUD FOR TELECOMMUNICATIONS

OPEN CONTRAIL ARCHITECTURE GEORGIA TECH SDN EVENT

OpenADN: Service Chaining of Globally Distributed VNFs

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

5 Things You Need for a True VMware Private Cloud

Red Hat OpenStack Platform 10 Red Hat OpenDaylight Product Guide

An Introduction to Red Hat Enterprise Linux OpenStack Platform. Rhys Oxenham Field Product Manager, Red Hat

Deploying Cloud Network Services Prime Network Services Controller (formerly VNMC)

Provisioning Overlay Networks

Building a Big IaaS Cloud. David /

Managing Demand Spikes in a highly flexible and agile deployment

Introduction To OpenStack. Haim Ateya Group Manager, EMC

OpenStack Networking Services and Orchestration 2015 BROCADE COMMUNICATIONS SYSTEMS, INC. COMPANY PROPRIETARY INFORMATION

Provisioning Overlay Networks

BROCADE CLOUD-OPTIMIZED NETWORKING: THE BLUEPRINT FOR THE SOFTWARE-DEFINED NETWORK

SDN Security BRKSEC Alok Mittal Security Business Group, Cisco

Road to Private Cloud mit OpenStack Projekterfahrungen

Welcome to Manila: An OpenStack File Share Service. May 14 th, 2014

IBM Cloud for VMware Solutions NSX Edge Services Gateway Solution Architecture

Building a government cloud Concepts and Solutions

Architecture and terminology

and public cloud infrastructure, including Amazon Web Services (AWS) and AWS GovCloud, Microsoft Azure and Azure Government Cloud.

Actual Agility with SDN: Weaving SDN into Data Center Automation May 6, John Burke Principal Research Analyst & CIO

The Next Opportunity in the Data Centre

Running RHV integrated with Cisco ACI. JuanLage Principal Engineer - Cisco May 2018

Build Cloud like Rackspace with OpenStack Ansible

ITRI Cloud OS: An End-to-End OpenStack Solution

Contrail Cloud Platform Architecture

SOFTWARE DEFINED NETWORKING/ OPENFLOW: A PATH TO PROGRAMMABLE NETWORKS

CS-580K/480K Advanced Topics in Cloud Computing. Network Virtualization

SDN TO BE OR NOT TO BE. Uwe Richter SE Director Russia/CIS, East and South East Europe

BRKCDN-1006: Building Scalable OpenStack based Clouds on Cisco Architectures

BCS EXIN Foundation Certificate in OpenStack Software Neutron Syllabus

Network Virtualization

Minimizing the Risks of OpenStack Adoption

ANALYSIS OF VIRTUAL NETWORKS IN DATA CENTERS.

Huawei FusionSphere 6.0 Technical White Paper on OpenStack Integrating FusionCompute HUAWEI TECHNOLOGIES CO., LTD. Issue 01.

High Availability for Enterprise Clouds: Oracle Solaris Cluster and OpenStack

POWERED BY OPENSTACK. Powered by OpenStack. Globo.Tech GloboTech Communications

Use Case Brief BUILDING A PRIVATE CLOUD PROVIDING PUBLIC CLOUD FUNCTIONALITY WITHIN THE SAFETY OF YOUR ORGANIZATION

Securing VMware NSX-T J U N E 2018

Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13

Fulvio Risso, Matteo Bertrone, Mauricio Vasquez Bernal

1V0-642.exam.30q.

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

VMware + OpenStack. Dan Wendlandt Director of Product Management VMware VMware Inc. All rights reserved.

Automating Cloud Networking with RedHat OpenStack

OpenStack Networking: Where to Next?

Baremetal with Apache CloudStack

Virtualization Design

F5 Networks in the Software Defined DataCenter Era. Paolo Pambianco System Engineer CSP

Contrail Cloud Platform Architecture

Securing VMware NSX MAY 2014

Minimal OpenStack Starting Your OpenStack Journey

Network flow automation and Visibility. Arista Networks France IX

Cloud Storage. Patrick Osborne Director of Product Management. Sam Fineberg Distinguished Technologist.

PSOACI Why ACI: An overview and a customer (BBVA) perspective. Technology Officer DC EMEAR Cisco

Migration Strategies from vsphere to Linux and OpenStack via a shared virtualized network

lecture 18: network virtualization platform (NVP) 5590: software defined networking anduo wang, Temple University TTLMAN 401B, R 17:30-20:00

Juniper JN0-410 Exam. Volume: 65 Questions. Question No: 1 What are two valid service VMs in a service chain? (Choose two.) A.

OpenStack and OVN What s New with OVS 2.7 OpenStack Summit -- Boston 2017

Weiterentwicklung von OpenStack Netzen 25G/50G/100G, FW-Integration, umfassende Einbindung. Alexei Agueev, Systems Engineer

Cisco ACI Unified Plug-in for OpenStack Architectural Overview

Using Network Virtualization in DevOps environments Yves Fauser, 22. March 2016 (Technical Product Manager VMware NSBU)

Building a Video Optimized Private Cloud Platform on Cisco Infrastructure Rohit Agarwalla, Technical

Transcription:

Quantum, network services for Openstack Salvatore Orlando sorlando@nicira.com Openstack Quantum core developer Twitter- @taturiello

Caveats Quantum is in its teenage years: there are lots of things that it WILL do, but doesn t do yet; nevertheless it has a great potential and energy however it is a bit unruly and sometimes needs extra patience The main focus of this talk is on users wishing to deploy Quantum in their cloud

Outline What is OpenStack? Why Quantum? What is Quantum? API Overview Plugin Architecture Quantum in Openstack Folsom Use Case: Nicira NVP Plugin Network virtualization model Questions

What is OpenStack?

What is OpenStack? To produce the ubiquitous open source cloud computing platform that will meet the needs of public and private cloud providers regardless of size, by being simple to implement and massively scalable. Allow anyone to automate IT provisioning in a public or private IaaS cloud that meets (and exceeds) the capabilities of Amazon EC2.

Why is Openstack Compelling? Incredible cross-industry mindshare and momentum Real resource commitments from many companies: 200+ unique developers from 55+ companies in last 6-month release

Openstack core HORIZON Credits to Syed Armani http://www.youtube.com/watch?v =dd80pddn6gw&context=c31ba4 d9adoegstopdskjn_ho1uy2bqnr Gy-crqhnz KEYSTONE NOVA GLANCE

Who is Deploying OpenStack? Hosting Providers Carrier / Telco Large Enterprise Government More information: http://www.openstack.org

10,000 ft (3 km) Architecture View Each service is a separate piece of software, includes: A tenant-facing API that exposes logical abstractions for consuming/monitoring the service. Pluggable backend to choose best of breed implementations (open source or vendor proprietary). Generic OpenStack APIs Compute API Operator Selected Backends XenServer KVM Tenant (GUI, CLI, API code) Network API Storage API VLANs Nicira + IPtables NVP EMC NFS

Why Quantum?

In the beginning.. *-as-a-service Capability OpenStack Service Compute Nova Object Storage Swift Image Glance Identity Keystone Network?

Why Quantum? Networking was sub-component of OpenStack Compute layer (Nova). Two Key Problems: #1: No tenant control of networking. #2: Limited technology baked in to design.

Problem #1: No Tenant Control To move enterprise apps to the cloud, tenants want to copy and paste their existing data center network topologies: Ability to create multi-tier networks (e.g., web tier, app tier, db tier) Control over IP addressing. Ability to insert and configure your own services (e.g., firewall, IPS) VPN/Bridge to remote physical hosting or customer premises ( cloudbursting ). You can have any color as long as its black. - Henry Ford about the Model-T

Why Quantum? Reason #1 On-demand Enterprise-Class Networking Tenants can: create multiple private networks control IP addressing monitor basic network status. Quantum API extensions provide: Advanced control + visibility: Security policies, Quality-of-Service, Monitoring + Troubleshooting. Advanced Network Services: routers, Firewalls, VPN, IDS, etc. Build rich networks, customized to tenant needs.

Problem #2: Technology Limitations Cloud puts new stresses on networks: High-density multi-tenancy, massive scale Strict uptime requirements. Integrate with legacy hosting environments / remote data centers. VM mobility On-demand service insertion But Nova was limited to basic VLAN model + Linux IPtables. Who needs private networks? Trunking all VLANs is a great idea! - Stone Age Man

Why Quantum? #2: Leveraging Advanced Technologies New networking technologies are emerging to try and tackle these challenges. Overlay tunneling: VXLAN, NVGRE, STT Software-defined Networking (SDN) / OpenFlow VPN-based solutions (e.g., E-VPN). L2 Fabric solutions: FabricPath, Qfabric, etc. Your Own Idea for virtual networking! Quantum provides a plugin mechanism to enable different technologies (more later). Choice is a good thing! Use advanced technologies to reach new heights.

and finally *-as-a-service Capability OpenStack Service Compute Nova Object Storage Swift Image Glance Identity Keystone Network Quantum

What is Quantum?

Quantum Architecture Generic OpenStack APIs Compute API Operator Selected Backends XenServer Tenant Tools (GUI, CLI, API code) Network API Storage API Nicira NVP EMC An eco-system of tools that leverage the Quantum API. A generic tenant API to create and configure virtual networks A plugin architecture with different back-end engines

Basic API Abstractions Nova VM1 10.0.0.2 VM2 10.0.0.3 virtual server virtual interface (VIF) Quantum Net1 10.0.0.0/24 virtual port L2 virtual network Subnet (new!) virtual networks are fundamentally multi-tenant, just like virtual servers.

Tenant view vs Provider view Tenant View Provider View

Quantum Model: Dynamic Network Creation + Association TenantA-VM1 10.0.0.2 TenantA-VM2 10.0.0.3 9.0.0.3 TenantA-VM3 9.0.0.2 Tenant-A Net1 10.0.0.0/24 Tenant-A Net2 9.0.0.0/24 Public Net 88.0.0.0/18 Tenant can use API to create many networks. When booting a VM, define which network(s) it should connect to. Can even plug-in instances from other services (e.g., a load-balancing service).

Quantum API Extensions Enables innovation in virtual networking. Tenants can query API to programmatically discover supported extensions. Overtime, extensions implemented by many plugins can become core. Add properties on top of existing network/port abstractions: QoS/SLA guarantees / limits Security Filter Policies port statistics / netflow New Services L3 forwarding, ACLs + NAT ( elastic or floating IPs) VPN connectivity between cloud and customer site, or another cloud datacenter.

Example: Quantum + Extensions TenantA-VM1 10.0.0.2 TenantA-VM2 10.0.0.3 9.0.0.3 TenantA-VM3 10.0.1.2 TenantA-VM4 172.16.0.30 Tenant-A Net1 10.0.0.0/24 Tenant-A Net2 10.0.1.0/24 VPN Tenant-A On Premise Net 172.16.0.0/24 Tenant-A Net3 172.16.0.0/24 Public Net 88.0.0.0/18 Not necessarily a VM!

Quantum Architecture Generic OpenStack APIs Compute API Operator Selected Backends XenServer Tenant Tools (GUI, CLI, API code) Network API Storage API Nicira NVP EMC An eco-system of tools that leverage the Quantum API. A generic tenant API to create and configure virtual networks A plugin architecture with different back-end engines

Quantum Plugins Different plugin engines present different trade-offs: Free vs. Commercially Supported Advanced Features (exposed as API extensions) Scalability High Availability (control & data plane) Hypervisor Compatibility Network HW Compat (vendor specific? Allow L3 scale-out?) Manageability / troubleshooting Cloud Operators weigh trade-offs, choose a plugin. Note: Back-end technology hidden behind core Quantum API Example: VLANs vs. tunneling

Quantum Architecture (generic) API Clients Quantum Service Backend X Quantum API Tenant Scripts Horizon GUI Orchestration Code Create-net... Createport Plugin X virtual switch Physical Network API Extensions Nova Compute Uniform API for all clients Interfaces from Nova plug into a switch manages by the Quantum plugin.

Open Source and Commercial Quantum Plugins Basic open source plugins based on Open vswitch, Linux Bridge, and Ryu network operating system exist The following vendors have publicly stated that they already have or are developing a Quantum plugin (others exist as well)

Quantum Project Releases Incubation release (OpenStack Essex, April 12) v1 API, base L2 API abstractions 5 plugins available. In production at early adopters. First core release (OpenStack Folsom, Oct. 12) v2 API, with L2 + L3 API abstractions Additional plugins available. Quantum becomes default networking option for OpenStack.

New in Folsom Quantum API v2 merge between Quantum v1 and Melange API specification draft: http://wiki.openstack.org/quantum/apiv2- specification New resource: Subnet IP address blocks for instances, IP gateway, dns nameservers, host routes and IP allocation pools IP and MAC allocation for ports Shared networks Provider networks (API extension)

New in Folsom Interaction with nova Nova-network not invoked anymore Compute manager calls Quantum directly Capabilities exposed by the Quantum Manager for nova network now provided by Quantum

Changes in Nova/Quantum interaction

New in Folsom DHCP agent Sends IP configuration to instances IP address and default gateway DNS nameservers Host Routes Configuration info fetched from Quantum database Attaches to Quantum networks and listens for DHCP requests

Quantum Case Study: Quantum Plugin for Nicira NVP

Nicira NVP Network Virt Model Edge virtualization in hypervisor (open vswitch) with overlay tunneling decouples logical + physical topology. Flexibility designing Fabric (requires only IP unicast) Can use traditional design, or Fat-tree/Clos No requirement for L2 adjacency, large MAC/ACL tables in HW Place/move any workload anywhere in the DC. Control Plane work is Distributed across nodes within the NVP control cluster to provide scalability & fault tolerance. Quantum Tenants can dynamically create/modify/monitor rich networks abstractions via Quantum API.

Quantum w/nvp Architecture API Clients Quantum Service Nicira NVP Tenant Scripts Horizon Orchestration Code Quantum API Create-net... Create-port API Extensions NVP Plugin Createnet... Createport NVP NVP NVP Controller Controller Cluster OVS Nova Compute Controller Cluster handles NO dataplane traffic. L3 Fabric

Thanks! Questions? Salvatore Orlando sorlando@nicira.com OpenStack Quantum core developer twitter - @taturiello

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback