Deep Dive into OpenStack Networking

Similar documents
Neutron 技術深入探討 /6/2 Lane

Docker Networking: From One to Many. Don Mills

Test neutron network performance locally

OpenStack Neutron. Introduction and project status & Use case ML2 plugin with l2 population

Cloud Networking (VITMMA02) Network Virtualization: Overlay Networks OpenStack Neutron Networking

Open vswitch in Neutron

Lecture 5. Switching

For personnal use only

Razique Mahroua Red Hat Training - Services Content Architect

IPv6 in Avi Vantage for OpenStack

Seccomp, network and namespaces. Francesco Tornieri <francesco.tornieri AT kiratech.it>

Hardware accelerating Linux network functions Roopa Prabhu, Wilson Kok

OpenFlow Configuration Lab

Advanced IP Routing. Policy Routing QoS RVSP

Rtnetlink dump filtering in the kernel Roopa Prabhu

Safari O Reilly CLASS PREPARATION

My installation at Maple Park Development Corp.

Module 2 OpenFlow Configuration Lab

Neutron: peeking behind the curtains

Linux Clusters Institute: OpenStack Neutron

Mediant Virtual Edition SBC

Quick Start Guide for Vmware. Version 2.5 Vmware vsphere Instance

Deploy the ExtraHop Discover Appliance on a Linux KVM

Experimenting Internetworking using Linux Virtual Machines Part I

FloatingIP Enhancement For Public Cloud Infrastructure

Containers and isolation as implemented in the Linux kernel

Mediant Virtual Edition (VE) SBC

Neutron networking with RHEL OpenStack Platform. Nir Yechiel Senior Technical Product Manager, OpenStack Red Hat

Virtual Switches. Yao-Min Chen. Virtual Switches

What is new in Neutron QoS?

Introduction to Container Technology. Patrick Ladd Technical Account Manager April 13, 2016

Installation Instructions for Xorcom TwinStar Plus Servers

Cumulus VX for a POC in pre-sales. Using Cumulus VX to create a virtual POC environment.

Socket (Session) Aware Change of IP SACIP network functionality. Samo Pogačnik

Setting Up a Service VM as an IPv6 vrouter

Port Channel for Cisco Cloud Services Platform (CSP)

Integrate Bullion S Server with FlexPod Converged Infrastructure

Brocade 5600 vrouter LAN Interfaces Configuration Guide

Red Hat CloudForms 4.6

SUSE Linux Enterprise Server 11: Certified Linux Engineer Manual

Hálózati szolgáltatások OpenStack környezetben

Stand-by server iprotect 8.03

Networks and Bridges Commands

FiberstoreOS IP Service Configuration Guide

Creating private Megaport connections using Juniper MX and EX series devices

Survey of inconsistencies in Linux kernel IPv4/IPv6 UAPI Roopa Prabhu

Q&A about RHEL on z Systems BCP

BGP-4 Border Gateway Protocol 4 (BGP-4) Primer

Installing Cisco VTS. Overview to Cisco VTS Installation in Cisco NFVI

Deploy the ASAv Using KVM

Port Channel for Cisco Cloud Services Platform (CSP)

Lecture 07c Routing Border Gateway Protocol

Infrastructure at your Service. Oracle over Docker. Oracle over Docker

Configuring Avaya Identity Engines Ignition Guest Tunneling

Red Hat OpenStack Platform 8

1V0-642.exam.30q.

CIS Test 1- Practice - Fall 2011

The Essentials of Linux Network Administration

User Guide Infoblox IPAM Driver for Docker. Version 1.1

Red Hat Satellite 6.2

Red Hat Satellite 6.3

Introduction to Neutron. Network as a Service

OpenStack and Cumulus Linux Validated Design Guide. Deploying OpenStack with Network Switches Running Cumulus Linux

Deploying IPv6 in OpenStack Environments. Shannon McFarland - CCIE #5245 Distinguished Engineer Cloud Platform & Services

LTIB for i.mx28, a step-by-step guide

IPv6 in 60 minutes. aarnet Australia's Academic and Research Network

Building High-Performance NFV Solutions Using Containers

Virtual switching technologies and Linux bridge

CMG- EAM-R. Quick-Start Guide. Part No. MSH-EAM- 0004

Rajeev Grover. Maruti Kamat. Vivek Narasimhan

netkit lab bgp: transit as Università degli Studi Roma Tre Dipartimento di Informatica e Automazione Computer Networks Research Group

OpenSwitch OPX Configuration Guide. Release 2.1.0

Identifying State Inconsistency in OpenStack

TABLE OF CONTENTS. ACI Solutions Team by Tomas de Leon 2

RHCE-PARTE-12 DHCPv6 SLAAC (StateLess Address AutoConfiguration) 1/5. Objetivo:

BRKDCT-1253: Introduction to OpenStack Daneyon Hansen, Software Engineer

November 11, Docker Networking with Linux. Guillaume Urvoy-Keller. Reference Scenario. Basic tools: bridges, VETH

January 27, Docker Networking with Linux. Guillaume Urvoy-Keller. Reference Scenario. Basic tools: bridges, VETH

HOW-TO-GUIDE: demonstrating Fabric Attach using OpenVSwitch

Configuring VM-FEX. Information About VM-FEX. VM-FEX Overview. VM-FEX Components. This chapter contains the following sections:

FiberstoreOS. IP Service Configuration Guide

FSOS IP Service Configuration Guide

}w!"#$%&'()+,-./012345<ya

An Introduction to Open vswitch

Running KVM for Dynamic Infrastructure Creation

Architecture and terminology

Acropolis Hypervisor Administration Guide

Configuring L3 Forwarding

Installing Cisco VTS on a VMware Environment, page 6 Installing the Virtual Topology Forwarder, page 9 Verifying VTS Installation, page 14

Kubernetes Love at first sight?

installing Linux Paul Cobbaut

Question: 3 Which LSA type describes the router ID of ASBR routers located in remote areas?

Red Hat OpenStack Platform 13

ODL Summit Bangalore - Nov 2016 IPv6 Design in OpenDaylight

Virtualized Access Layer. Petr Grygárek

Configure the Protocol Family on page 40. Configure the Interface Address on page 40

Deploy the ExtraHop Explore Appliance on a Linux KVM

Experimenting Internetworking using Linux Virtual Machines Part II

Preparing for Installation

User Guide for XenServer Fuel Plugin

Transcription:

Deep Dive into OpenStack Networking Damrongsak Reetanon Solutions Architect Red Hat (Thailand) September 22, 2016 <= RHCA RHCDS RHCE RHCSA RHCI =>

Deep Dive into OpenStack Networking

Deep Dive into OpenStack Networking

Network/neutron-renaming This is our whiteboard for handling the Quantum -> Neutron transition. Summary: Starting with the Havana release, the OpenStack Networking project's code name is Neutron. Quantum is no longer used https://wiki.openstack.org/wiki/network/neutron-renaming

What is Neutron? Neutron is an OpenStack project to provide "networking as a service" between interface devices (e.g., vnics) managed by other Openstack services (e.g., nova). Starting in the Folsom release, Neutron is a core and supported part of the OpenStack platform (for Essex, we were an "incubated" project, which means use is suggested only for those who really know what they're doing with Neutron). https://wiki.openstack.org/wiki/neutron

Neutron server Plugin agent Neutron Components DHCP agent L3 agent Network provider services

How does it work?

All in One - Controller 1

1 2

1 2

Multiple Network Node 2

NETWORK

NETWORK

X

L3-High Availability 3

NETWORK Active NETWORK Virtual Router Redundancy Protocol (VRRP) Standby

X

Distributed Virtual Router (DVR) 3

NETWORK 1 2

X 1 2

EAST - WEST Traffic

? North - South

DEEP DIVE into NEUTRON

instance

TAP Device 01 eth0 veth pair Linux Bridge vnet0 qbrxxx qvbxxx openvswitch qvoxxx Port VLAN TAG Port VLAN TAG br-int int-br-ex phy-br-ex br-ex eth0

TAP Device veth pair Linux Bridge openvswitch TUN (namely network TUNnel) simulates a network layer device and it operates with layer 3 packets like IP packets. TAP (namely network tap) simulates a link layer device and it operates with layer 2 packets like Ethernet frames. TUN is used with routing, while TAP is used for creating a network bridge. A TAP device, such as vnet0 is how hypervisors such as K and Xen implement a virtual network interface card (typically called a VIF or vnic). An Ethernet frame sent to a TAP device is received by the guest operating system.

TAP Device veth pair Linux Bridge openvswitch A veth pair is a pair of directly connected virtual network interfaces. An Ethernet frame sent to one end of a veth pair is received by the other end of a veth pair. Networking uses veth pairs as virtual patch cables to make connections between virtual bridges

TAP Device veth pair Linux Bridge openvswitch A Linux bridge behaves like a simple MAC learning switch: you can connect multiple (physical or virtual) network interfaces devices to a Linux bridge. The Linux bridge uses a MAC caching table to record which interface on the bridge is used to communicate with a host on the link. For any Ethernet frames that come in from one interface attached to the bridge, the host MAC address and port on which the frame was received is recorded in the MAC caching table for a limited time. When the bridge needs to forward a frame, it will check to see if the frame's destination MAC address is recorded in the table. If so, the Linux bridge forwards the frame through only that port. If not, the frame is flooded to all network ports in the bridge, with the exception of the port where the frame was received.

TAP Device veth pair Linux Bridge openvswitch An Open vswitch bridge behaves like a virtual switch: network interface devices connect to Open vswitch bridge's ports, and the ports can be configured much like a physical switch's ports, including VLAN configurations.

instance#ip addr 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether fa:16:3e:42:11:db brd ff:ff:ff:ff:ff:ff inet 192.168.64.2/24 brd 192.168.64.255 scope global eth0 inet6 fe80::f816:3eff:fe42:11db/64 scope link valid_lft forever preferred_lft forever TAP Device 01 eth0 compute#ip addr 19: tap435e6cba-bc: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master qbr435e6cba-bc state UNKNOWN qlen 500 link/ether fe:16:3e:42:11:db brd ff:ff:ff:ff:ff:ff inet6 fe80::fc16:3eff:fe42:11db/64 scope link valid_lft forever preferred_lft forever vnet0 qbrxxx qvbxxx qvoxxx Port VLAN TAG Port VLAN TAG br-int int-br-ex phy-br-ex br-ex eth0 compute#cat /etc/libvirt/qemu/instance-00000001.xml... <interface type='bridge'> <mac address='fa:16:3e:42:11:db'/> <source bridge='qbr435e6cba-bc'/> <target dev='tap435e6cba-bc'/> <model type='virtio'/> <driver name='qemu'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/> </interface>...

veth pair compute#ip addr 17: qvo435e6cba-bc: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master ovs-system state UP qlen 1000 link/ether 1e:8d:cf:23:97:5a brd ff:ff:ff:ff:ff:ff inet6 fe80::1c8d:cfff:fe23:975a/64 scope link valid_lft forever preferred_lft forever 18: qvb435e6cba-bc: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master qbr435e6cba-bc state UP qlen 1000 link/ether ee:64:c7:31:17:69 brd ff:ff:ff:ff:ff:ff inet6 fe80::ec64:c7ff:fe31:1769/64 scope link valid_lft forever preferred_lft forever 01 eth0 vnet0 qbrxxx qvbxxx qvoxxx Port VLAN TAG Port VLAN TAG br-int int-br-ex compute# ethtool -S qvo435e6cba-bc NIC statistics: peer_ifindex: 18 compute# ethtool -S qvb435e6cba-bc NIC statistics: peer_ifindex: 17 phy-br-ex br-ex eth0

Linux Bridge 01 eth0 vnet0 qbrxxx qvbxxx instance#ip addr 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether fa:16:3e:42:11:db brd ff:ff:ff:ff:ff:ff inet 192.168.64.2/24 brd 192.168.64.255 scope global eth0 inet6 fe80::f816:3eff:fe42:11db/64 scope link valid_lft forever preferred_lft forever compute#ip addr 19: tap435e6cba-bc: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master qbr435e6cba-bc state UNKNOWN qlen 500 link/ether fe:16:3e:42:11:db brd ff:ff:ff:ff:ff:ff inet6 fe80::fc16:3eff:fe42:11db/64 scope link valid_lft forever preferred_lft forever compute# brctl show bridge name bridge id STP enabled qbr435e6cba-bc 8000.ee64c7311769 no qvoxxx Port VLAN TAG Port VLAN TAG br-int int-br-ex phy-br-ex br-ex eth0 interfaces qvb435e6cba-bc tap435e6cba-bc compute#cat /etc/libvirt/qemu/instance-00000001.xml... <interface type='bridge'> <mac address='fa:16:3e:42:11:db'/> <source bridge='qbr435e6cba-bc'/> <target dev='tap435e6cba-bc'/> <model type='virtio'/> <driver name='qemu'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/> </interface>

openvswitc h 01 eth0 vnet0 qbrxxx qvbxxx qvoxxx Port VLAN TAG Port VLAN TAG br-int int-br-eth1 phy-br-eth1 br-eth1 eth1 compute# ovs-vsctl show d766ab40-b367-407d-ac98-a733be43c3cc Bridge "br-eth1" Port "phy-br-eth1" Interface "phy-br-eth1" Port "br-eth1" Interface "br-eth1" type: internal Bridge br-int fail_mode: secure Port br-int Interface br-int type: internal Port "int-br-eth1" Interface "int-br-eth1" Port patch-tun Interface patch-tun type: patch options: {peer=patch-int} Port "tapbf360721-11" tag: 1 Interface "tapbf360721-11" type: internal Port "qvo435e6cba-bc" tag: 1 Interface "qvo435e6cba-bc" Port "qr-8a679f69-7d" tag: 1 Interface "qr-8a679f69-7d" type: internal

# ip netns qdhcp-6af79125-63cb-47cc-b8af-7981e860a73d qrouter-4cfd7137-86c2-4855-a81a-8a5cf37a85e7 # ip netns exec qrouter-4cfd7137-86c2-4855-a81a-8a5cf37a85e7 ip addr 13: qr-8a679f69-7d: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/ether fa:16:3e:91:60:f5 brd ff:ff:ff:ff:ff:ff inet 192.168.64.1/24 brd 192.168.64.255 scope global qr-8a679f69-7d valid_lft forever preferred_lft forever inet6 fe80::f816:3eff:fe91:60f5/64 scope link valid_lft forever preferred_lft forever 14: qg-951729dd-88: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/ether fa:16:3e:8e:2f:76 brd ff:ff:ff:ff:ff:ff inet 192.168.32.50/24 brd 192.168.32.255 scope global qg-951729dd-88 valid_lft forever preferred_lft forever inet 192.168.32.51/32 brd 192.168.32.51 scope global qg-951729dd-88 valid_lft forever preferred_lft forever inet6 fe80::f816:3eff:fe8e:2f76/64 scope link valid_lft forever preferred_lft forever compute# ping 192.168.64.2 PING 192.168.64.2 (192.168.64.2) 56(84) bytes of data. ^C --- 192.168.64.2 ping statistics --5 packets transmitted, 0 received, 100% packet loss, time 3999ms compute# ip netns exec qrouter-4cfd7137-86c2-4855-a81a-8a5cf37a85e7 ping 192.168.64.2 PING 192.168.64.2 (192.168.64.2) 56(84) bytes of data. 64 bytes from 192.168.64.2: icmp_seq=1 ttl=64 time=7.95 ms 64 bytes from 192.168.64.2: icmp_seq=2 ttl=64 time=1.30 ms 64 bytes from 192.168.64.2: icmp_seq=3 ttl=64 time=0.984 ms ^C --- 192.168.64.2 ping statistics --3 packets transmitted, 3 received, 0% packet loss, time 2003ms rtt min/avg/max/mdev = 0.984/3.414/7.955/3.213 ms

THANK YOU plus.google.com/+redhat facebook.com/redhatinc linkedin.com/company/red-hat twitter.com/redhatnews youtube.com/user/redhatvideos

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback