openstack neutron behind the senes
TRANSCRIPT
Copyright Cloud Enabled Ltd, All rights Reserved.
OpenStack Neutron : Behind the Scenes
Speaker,Anil BidariFounder and CEO, Cloud Enabled What am doing these days : “Breathing OpenStack these Days” [email protected] Website : thecloudenabled.com
Disclaimer : The content published in this presentation is Intellectual property of Cloud Enabled . This content may not be reproduced, downloaded, disseminated, published, or transferred in any form or by any means, except with the prior written permission of Cloud Enabled ,Bangalore. All product and company names,logos used in this presentation are trademarks™ or registered® trademarks of their respective holders.
Copyright Cloud Enabled Ltd, All rights Reserved.
Learning ObjectivesSoftware Defined networking - An overview
OpenStack Neutron Overview
Packet flow to external network
21
3
Agenda
Copyright Cloud Enabled Ltd, All rights Reserved.
4
Packet flow from VM to VM
OpenVswitch - Overview
Neutron-VXLAN-GRE-OVS : behind the scenes
5
6
Copyright Cloud Enabled Ltd, All rights Reserved.
SDN
Copyright Cloud Enabled Ltd, All rights Reserved.
Definition of SDN ?
SDN is a Separation of a control plane with data plane. Where a single control plane can manage multiple data planes ( both hardware based and software based) --------Anil Bidari, Founder and CEO, Cloud Enabled
Copyright Cloud Enabled Ltd, All rights Reserved.
SDN Architecture
SDN Controller
Hardware based Openflow supported switch Software based switch (Ex : OpenvSwitch )
Openflow protocol Openflow protocol
Note : Openflow is not the only protocol in SDN, it is mostly widely used. we will focus on SDN from openflow perspective for this deck
Copyright Cloud Enabled Ltd, All rights Reserved.
Characteristics of SDN ?
Unified/ centralized
network services
management
SDN controller runs on
commodity hardware or
virtual machine
No vendor lock in
Less Expensive
On demand provisioning
Copyright Cloud Enabled Ltd, All rights Reserved.Copyright Cloud Enabled Ltd, All rights Reserved.
Why SDN ?
Emergence of Cloud services era :
Users expect on-demand networks in cloud and flexibility to create their own
• network ( create L2 software based networks )
• routes ( create l3 software based routers )
• ACL ( Allow/Deny rules as required on demand)
Copyright Cloud Enabled Ltd, All rights Reserved.
OpenFlow Switch –components
Copyright Cloud Enabled Ltd, All rights Reserved.
An OpenFlow switch can be broken into two components: the switch-agent and the data plane.
• The switch-agent speaks the OpenFlow protocol to one or more controllers.
• The switch-agent will translate commands from the controller to the data plane performs all packet forwarding and manipulation. • data plane of a switch is composed of only a few things: ports, flow tables, flows,
classifiers, and actions.
Data plane
Switch-agent
Copyright Cloud Enabled Ltd, All rights Reserved.
Neutron and OVS
Neutron – Overview ( Networking Project of OpenStack foundation)
Physical Infrastructure(Physical Server, Network Switches, Storage, SAN Fabric)
Virtual Infrastructure(Hypervisor, VM’s, vLAN, vSAN , vSwitch)
Cloud Management Stack(Self service Portal, Service catalogue ,Metering , Automation )
Network-aaS
ESXi
NAT VPNaaS Neutron
Neutron allows you to provide Network-As-A-Service (IaaS) for your consumers of private or public cloud
Copyright Cloud Enabled 2014 , www.cloudenabled.in All product and company names are trademarks™ or registered® trademarks of their respective holders.
FWaaS Virtual Router LBaaS
Copyright Cloud Enabled Ltd, All rights Reserved.
Networking agents
These agents interact with the main neutron process through RabbitMQ or Qpid
Neutron Agents
OVS-agent
Dhcp-agent
L3 agent
Helps neutron to talk to
OpenvSwitch
Allocates IP for user
created VM
facilitates external
connectivity to user created vm
Copyright Cloud Enabled Ltd, All rights Reserved.
Neutron behind the scenes
Compute Node -01
NFS storage
Controller Node Neutron Node100.100.100.51 100.100.100.61
Compute Node -02 100.100.100.71 100.100.100.81
Setup details
Copyright Cloud Enabled Ltd, All rights Reserved.
Neutron node and compute node : Peering & integration
100.100.100.81 – Compute Node-02
OpenStack Multi Node How are they connected
br-int
br-int br-int
br-ex
100.100.100.61 : Neutron Node
100.100.100.71 : Compute Node-01
Port eth1 Port phy-br-ex
Port int-br-ex
br-tun
br-tun Port "gre-6464643d
Port patch-int
Port patch-tun
br-tun
Port "gre-64646447"
Port "gre-64646451" Port "gre-64646447"
Port "gre-6464643d"
Port "gre-64646451"
Port patch-int
Port patch-tun
Port patch-int
Port patch-tun
Port br-intPort br-int
Port br-ex
Internet
Port br-int
Copyright Cloud Enabled Ltd, All rights Reserved.
Packet flow to external network /internet
100.100.100.81 – Compute Node-02
VM internet access flow
br-int
br-int br-int
br-ex
100.100.100.61 : Neutron Node
100.100.100.71 : Compute Node-01
Port eth1 Port phy-br-ex
Port int-br-ex
br-tun
br-tun Port "gre-6464643d
Port patch-int
Port patch-tun
br-tun
Port "gre-64646447"
Port "gre-64646451" Port "gre-64646447"
Port "gre-6464643d"
Port "gre-64646451"
Port patch-int
Port patch-tun
Port patch-int
Port patch-tun
Port br-intPort br-int
Port br-ex
Internet
Port br-intPort tap7c1593a0-ea
qvo689bd406-ed
"
Port "qg-24aa68e7-15
Copyright Cloud Enabled Ltd, All rights Reserved.
Packet flow to VM to VM (same network)
100.100.100.81 – Compute Node-02
Intra vm communication across hosts
br-int
br-int br-int
br-ex
100.100.100.61 : Neutron Node
100.100.100.71 : Compute Node-01
Port eth1 Port phy-br-ex
Port int-br-ex
br-tun
br-tun Port "gre-6464643d
Port patch-int
Port patch-tun
br-tun
Port "gre-64646447"
Port "gre-64646451" Port "gre-64646447"
Port "gre-6464643d"
Port "gre-64646451"
Port patch-int
Port patch-tun
Port patch-int
Port patch-tun
Port br-intPort br-int
Port br-ex
Internet
Port br-intPort tap7c1593a0-ea
qvoc6e94c39-7c qvo689bd406-ed
Copyright Cloud Enabled Ltd, All rights Reserved.
PHONE : +91 9632711288
Queries
http://www.slideshare.net/AnilBidari1 Slides available @