free the packets - unconstrained networking in openstack
TRANSCRIPT
![Page 1: Free the Packets - Unconstrained Networking in Openstack](https://reader034.vdocument.in/reader034/viewer/2022042707/58f266081a28ab144a8b45a3/html5/thumbnails/1.jpg)
CONFIDENTIAL - SOLELYFORAUTHORIZED PERSONS HAVING ANEEDTOKNOWPROPRIETARY – USEPURSUANT TOCOMPANY INSTRUCTION
©2016Nokia. All rights reserved. Nuage Networks isaNokia venture.
FreethePackets- UnconstrainedNetworkinginOpenstackationAndreasRoeder– [email protected],2016
@roeder_andreas
![Page 2: Free the Packets - Unconstrained Networking in Openstack](https://reader034.vdocument.in/reader034/viewer/2022042707/58f266081a28ab144a8b45a3/html5/thumbnails/2.jpg)
CONFIDENTIAL - SOLELYFORAUTHORIZED PERSONS HAVING ANEEDTOKNOWPROPRIETARY – USEPURSUANT TOCOMPANY INSTRUCTION
©2016Nokia. All rights reserved. Nuage Networks isaNokia venture.
Agenda§ Introduction§ CurrentnetworkingArchitecturesinOpenStackShortcomings->Solutions
§ DemoQnA
2/26/16
2
![Page 3: Free the Packets - Unconstrained Networking in Openstack](https://reader034.vdocument.in/reader034/viewer/2022042707/58f266081a28ab144a8b45a3/html5/thumbnails/3.jpg)
CONFIDENTIAL - SOLELYFORAUTHORIZED PERSONS HAVING ANEEDTOKNOWPROPRIETARY – USEPURSUANT TOCOMPANY INSTRUCTION
©2016Nokia. All rights reserved. Nuage Networks isaNokia venture.
IntroductionWhatisallofthisabout?
2/26/16
3
![Page 4: Free the Packets - Unconstrained Networking in Openstack](https://reader034.vdocument.in/reader034/viewer/2022042707/58f266081a28ab144a8b45a3/html5/thumbnails/4.jpg)
CONFIDENTIAL - SOLELYFORAUTHORIZED PERSONS HAVING ANEEDTOKNOWPROPRIETARY – USEPURSUANT TOCOMPANY INSTRUCTION
©2016Nokia. All rights reserved. Nuage Networks isaNokia venture.
Nuage NetworksOverview§ Nuage isbasedinSiliconValleywithateamaround theworld
§ AnNokiaventurefocusedondatacenterandbranchofficenetworkevolution forthe
cloudera§ LeverageNokiainfrastructureandkeytechnologies
§ CreationofanAbstraction&Automation layerbetweennetworking featuresandhardwareequipment
§ Policy-drivennetworkingdesign reflectingbusinessdirectives,notnetwork
![Page 5: Free the Packets - Unconstrained Networking in Openstack](https://reader034.vdocument.in/reader034/viewer/2022042707/58f266081a28ab144a8b45a3/html5/thumbnails/5.jpg)
CONFIDENTIAL - SOLELYFORAUTHORIZED PERSONS HAVING ANEEDTOKNOWPROPRIETARY – USEPURSUANT TOCOMPANY INSTRUCTION
©2016Nokia. All rights reserved. Nuage Networks isaNokia venture.
WhatUserswantfromOpenStackNetworking
2/26/16
5
Source:http://superuser.openstack.org/articles/openstack-mitaka-release-what-s-next-for-neutron-cinder-and-ceilometer
![Page 6: Free the Packets - Unconstrained Networking in Openstack](https://reader034.vdocument.in/reader034/viewer/2022042707/58f266081a28ab144a8b45a3/html5/thumbnails/6.jpg)
CONFIDENTIAL - SOLELYFORAUTHORIZED PERSONS HAVING ANEEDTOKNOWPROPRIETARY – USEPURSUANT TOCOMPANY INSTRUCTION
©2016Nokia. All rights reserved. Nuage Networks isaNokia venture.
WhatUserswantfromOpenStackNetworking
2/26/16
6
Source:http://superuser.openstack.org/articles/openstack-mitaka-release-what-s-next-for-neutron-cinder-and-ceilometer
![Page 7: Free the Packets - Unconstrained Networking in Openstack](https://reader034.vdocument.in/reader034/viewer/2022042707/58f266081a28ab144a8b45a3/html5/thumbnails/7.jpg)
CONFIDENTIAL - SOLELYFORAUTHORIZED PERSONS HAVING ANEEDTOKNOWPROPRIETARY – USEPURSUANT TOCOMPANY INSTRUCTION
©2016Nokia. All rights reserved. Nuage Networks isaNokia venture.
CurrentnetworkingArchitecturesinOpenStack
Whatarewetryingtofix?
2/26/16
7
![Page 8: Free the Packets - Unconstrained Networking in Openstack](https://reader034.vdocument.in/reader034/viewer/2022042707/58f266081a28ab144a8b45a3/html5/thumbnails/8.jpg)
CONFIDENTIAL - SOLELYFORAUTHORIZED PERSONS HAVING ANEEDTOKNOWPROPRIETARY – USEPURSUANT TOCOMPANY INSTRUCTION
©2016Nokia. All rights reserved. Nuage Networks isaNokia venture.
2/26/16
8
OVSPluginvs.NuageVRS(insertedonKVMHypervisors)NeutronDatapath onCompute– SDNInsertion
GREEncapsulated
br-int
br-tun
patch-tun
patch-int
PortVLAN:10 PortVLAN:20
VM1TenantA
VM2TenantA
VM3TenantB
eth0eth0eth0
qbra
qvba
vneta
qvoa
qbrb
qvbb
ventb
qvob
qbrc
qvbc
vnetc
qvo
gre-10.0.0.1
eth0
TAPDevice
veth pair
LinuxBridge
Open vSwitch
ConfiguredbyNovaCompute
ConfiguredbyNeutronL2Agent
o TenantswillbeseparatedbyinternalassignedVLANS
o VLANS will bemappedegresstowardsGREtunnelswhichareuniquebytunnelID
VM1TenantA
VM2TenantA
VM3TenantB
eth0eth0eth0
tapa tapb tapc
alubr0
VXLANEncapsulated
eth0
Policy DrivenConfigurationfrom
Nuage VSP
OVSDatapath(supportsL2only)
NuageDatapath(supportsdistributedL2,L3,FloatingIP,…)
PHYPort
![Page 9: Free the Packets - Unconstrained Networking in Openstack](https://reader034.vdocument.in/reader034/viewer/2022042707/58f266081a28ab144a8b45a3/html5/thumbnails/9.jpg)
CONFIDENTIAL - SOLELYFORAUTHORIZED PERSONS HAVING ANEEDTOKNOWPROPRIETARY – USEPURSUANT TOCOMPANY INSTRUCTION
©2016Nokia. All rights reserved. Nuage Networks isaNokia venture.
2/26/16
9
DatapathComparetoNeutron+Nuage
br-intint-br-ext
VM1TenantA
VM2TenantA
VM3TenantB
eth0eth0eth0
qbra
qvba
vneta
qvoa
qbrb
qvbb
vnetb
qvob
qbrc
qvbc
vnetc
qvoc
TAPDevice
veth pair
LinuxBridge
Open vSwitch
VM3TenantB
eth0
qbrd
qvbd
vnetdPHYPort
qvod
br-ext
phy-br-ext
InternalRouterNamespace
qr-f qr-g
IP IP IP IP
IP IP
qr-fqrouter-yInternalRouterNamespace
qr-h qr-jIP IP
qr-n qrouter-z
FloatingIPNamespace
qfloat-x qf-nqr-m
qf-x
br-tun
int-br-tun1
int-br-tun1
FlowTableentry
FlowTableentry
DVRAGENT(Enhanced L3
Agent)
PrivateNetwork
eth1
Public Network
eth0
Ext-IP
alubr0VRS
(SingleOVSbridge)
o SingleOVSBridgeo IsFlow-Basedo PerformsFirewalling,
Switching,Routing,NAT,…
o ProcessesARP,DHCPLOCALLY
o NoDedicatedNetworkNodeforo non-DVRcase:
Routing,DNAT,SNAT,DHCP
o DVRcase: SNAT,DHCP
![Page 10: Free the Packets - Unconstrained Networking in Openstack](https://reader034.vdocument.in/reader034/viewer/2022042707/58f266081a28ab144a8b45a3/html5/thumbnails/10.jpg)
CONFIDENTIAL - SOLELYFORAUTHORIZED PERSONS HAVING ANEEDTOKNOWPROPRIETARY – USEPURSUANT TOCOMPANY INSTRUCTION
©2016Nokia. All rights reserved. Nuage Networks isaNokia venture.
ComputeNodeComputeNode
ComputeNode NetworkNode
br-int
qbr..
2/26/16
10
NeutronL3Datapath
VM1TenantA
VM2TenantA
A Q
B
C
qbr..
R
S
D T
br-tun
E
F
G br-tunH
br-intJ
I
M O
dhcprouter
PN
Kbr-ext L
ML2OVS/NetworkNode
VM1TenantA
VM2TenantA
A B
VM1TenantA
VM2TenantA
C D
alubr0 alubr0
VRS-GSoftwareGW
alubr0
HardwareGW
alubr0
VXLAN VXLANVXLAN
VXLAN
NuageVSP
![Page 11: Free the Packets - Unconstrained Networking in Openstack](https://reader034.vdocument.in/reader034/viewer/2022042707/58f266081a28ab144a8b45a3/html5/thumbnails/11.jpg)
CONFIDENTIAL - SOLELYFORAUTHORIZED PERSONS HAVING ANEEDTOKNOWPROPRIETARY – USEPURSUANT TOCOMPANY INSTRUCTION
©2016Nokia. All rights reserved. Nuage Networks isaNokia venture.
NeutronServer
MySQL
RabbitMQ
L3Agent
OVSAgent
MetadataProxy
MetadataAgent
Keepalived
OVS
dnsmasq
NetworkNode
OVSAgent
OVS
ComputeNode
RabbitMQ
Acutal ArchitectureLimitationo NeutronisrequiredhighDatabasereadandwriteoperations
o SincethereisNOseparatecontrolplane,Neutronserverhastodealwitheverycomputenodewithoutanyoffload
o Nodatabaseinquirycachesupported fortheDatabasewhichtremendouslyincreasedDatabasereadpressure
o MassivelySQLAlchemy misuseandbugsintheneutroncodewhichgreatlyaddedDatabasepressure
![Page 12: Free the Packets - Unconstrained Networking in Openstack](https://reader034.vdocument.in/reader034/viewer/2022042707/58f266081a28ab144a8b45a3/html5/thumbnails/12.jpg)
CONFIDENTIAL - SOLELYFORAUTHORIZED PERSONS HAVING ANEEDTOKNOWPROPRIETARY – USEPURSUANT TOCOMPANY INSTRUCTION
©2016Nokia. All rights reserved. Nuage Networks isaNokia venture.
MySQL
Push
Nuage architectureisdesignedfor ScaleComputeNode
ComputeNode
ComputeNode
ComputeNode
o VSDonepushtoVSC
o VSCdonothaveDatabasethereforesupportmuchfasteroperationandprovidegreaterscale
VRS
VRSVRS
VRSVRSVRS
![Page 13: Free the Packets - Unconstrained Networking in Openstack](https://reader034.vdocument.in/reader034/viewer/2022042707/58f266081a28ab144a8b45a3/html5/thumbnails/13.jpg)
CONFIDENTIAL - SOLELYFORAUTHORIZED PERSONS HAVING ANEEDTOKNOWPROPRIETARY – USEPURSUANT TOCOMPANY INSTRUCTION
©2016Nokia. All rights reserved. Nuage Networks isaNokia venture.
Nuage architectureisdesignedfor ScaleComputeNode
ComputeNode
ComputeNode
ComputeNode
VRS
VRSVRS
VRSVRVRS
ComputeNode
ComputeNode
ComputeNode
ComputeNode
VRS
VRSVRS
VRSVRVRS
ComputeNode
ComputeNode
ComputeNode
ComputeNode
VRS
VRSVRS
VVVRS
ComputeNode
ComputeNode
ComputeNode
ComputeNode
VRS
VRSVRS
VRSVRVRS
MySQL
Push
Push
Push
Push
MP-BGP Federation
![Page 14: Free the Packets - Unconstrained Networking in Openstack](https://reader034.vdocument.in/reader034/viewer/2022042707/58f266081a28ab144a8b45a3/html5/thumbnails/14.jpg)
CONFIDENTIAL - SOLELYFORAUTHORIZED PERSONS HAVING ANEEDTOKNOWPROPRIETARY – USEPURSUANT TOCOMPANY INSTRUCTION
©2016Nokia. All rights reserved. Nuage Networks isaNokia venture.
TypicalNuage Usecases§ ConvergedDatacenter(MultipleSites,MultipleCMS,MultipleWorkloadFormfactors)onPremise
§ Microsegmentation§ Desaster recovery§ P2V/V2Vmigration§ Devops§ NGDataCenter FabricAutomation
2/26/16
14
![Page 15: Free the Packets - Unconstrained Networking in Openstack](https://reader034.vdocument.in/reader034/viewer/2022042707/58f266081a28ab144a8b45a3/html5/thumbnails/15.jpg)
CONFIDENTIAL - SOLELYFORAUTHORIZED PERSONS HAVING ANEEDTOKNOWPROPRIETARY – USEPURSUANT TOCOMPANY INSTRUCTION
©2016Nokia. All rights reserved. Nuage Networks isaNokia venture.
CloudServiceManagement Plane
VirtualizedServicesDirectory
VirtualRouting &Switching (VRS)• Distributed switch/router – L2-4rules• Integration ofbaremetalassets
Virtualized ServicesController (VSC)• SDNController, programsthenetwork• Richrouting featuresetbasedonALU7x50
Virtualized ServicesDirectory(VSD)• Network PolicyEngine– abstracts complexity• Servicetemplates andanalytics
NuageNetworksVirtualizedServicesPlatform(VSP)
DatacenterControl Plane
VirtualizedServicesController
MP-BGP
VirtualRouting&Switching
HYPERVISOR
HYPERVISOR
HYPERVISOR
HYPERVISOR
HYPERVISOR
HYPERVISOR
HardwareGWforBareMetal
Nuage or3rd partyIPFabric
DatacenterData Plane
EdgeRouter
MP-BGP
NuageNetworksVSPArchitecture
C VPC
V
![Page 16: Free the Packets - Unconstrained Networking in Openstack](https://reader034.vdocument.in/reader034/viewer/2022042707/58f266081a28ab144a8b45a3/html5/thumbnails/16.jpg)
CONFIDENTIAL - SOLELYFORAUTHORIZED PERSONS HAVING ANEEDTOKNOWPROPRIETARY – USEPURSUANT TOCOMPANY INSTRUCTION
©2016Nokia. All rights reserved. Nuage Networks isaNokia venture.
SoftwareDefinedNetworkingforCloudsatScale
16
![Page 17: Free the Packets - Unconstrained Networking in Openstack](https://reader034.vdocument.in/reader034/viewer/2022042707/58f266081a28ab144a8b45a3/html5/thumbnails/17.jpg)
CONFIDENTIAL - SOLELYFORAUTHORIZED PERSONS HAVING ANEEDTOKNOWPROPRIETARY – USEPURSUANT TOCOMPANY INSTRUCTION
©2016Nokia. All rights reserved. Nuage Networks isaNokia venture.
Thenewly announced vspk and associated tools are now available onGitHub andPIP: https://github.com/nuagenetworks
Nuage git
![Page 18: Free the Packets - Unconstrained Networking in Openstack](https://reader034.vdocument.in/reader034/viewer/2022042707/58f266081a28ab144a8b45a3/html5/thumbnails/18.jpg)
CONFIDENTIAL - SOLELYFORAUTHORIZED PERSONS HAVING ANEEDTOKNOWPROPRIETARY – USEPURSUANT TOCOMPANY INSTRUCTION
©2016Nokia. All rights reserved. Nuage Networks isaNokia venture.
Demo/QnA
![Page 19: Free the Packets - Unconstrained Networking in Openstack](https://reader034.vdocument.in/reader034/viewer/2022042707/58f266081a28ab144a8b45a3/html5/thumbnails/19.jpg)
CONFIDENTIAL - SOLELYFORAUTHORIZED PERSONS HAVING ANEEDTOKNOWPROPRIETARY – USEPURSUANT TOCOMPANY INSTRUCTION
©2016Nokia. All rights reserved. Nuage Networks isaNokia venture.
DemoOverview1/2
2/26/16
19
§ SetupbasedonRedHat OSP6togetherwithNuage 3.2R4
§ NonHASetup
![Page 20: Free the Packets - Unconstrained Networking in Openstack](https://reader034.vdocument.in/reader034/viewer/2022042707/58f266081a28ab144a8b45a3/html5/thumbnails/20.jpg)
CONFIDENTIAL - SOLELYFORAUTHORIZED PERSONS HAVING ANEEDTOKNOWPROPRIETARY – USEPURSUANT TOCOMPANY INSTRUCTION
©2016Nokia. All rights reserved. Nuage Networks isaNokia venture.
DemoOverview2/2§ SetupbasedonCentoswithdocker:1.8.2-7.el7.centos
2/26/16
20
![Page 21: Free the Packets - Unconstrained Networking in Openstack](https://reader034.vdocument.in/reader034/viewer/2022042707/58f266081a28ab144a8b45a3/html5/thumbnails/21.jpg)
CONFIDENTIAL - SOLELYFORAUTHORIZED PERSONS HAVING ANEEDTOKNOWPROPRIETARY – USEPURSUANT TOCOMPANY INSTRUCTION
©2016Nokia. All rights reserved. Nuage Networks isaNokia venture.
2/26/16
21
THANKYOU