SlideShare uma empresa Scribd logo

Openstack Networking and ML2

Szlovencsak Attila
Szlovencsak Attila

Networking with Neutron is one of the most complex subsystems in Openstack. In this talk we shed light on the key components of Neutron networking and the specialities of the relatively new ML2 core plugin.

Tecnologia
1 de 15
Baixar para ler offline
2015 - Component Soft Ltd 1 Openstack Networking and ML2 Attila Szlovencsák Component Soft Ltd. attila@componentsoft.eu Openstack Hungary Meetup Group 26 February , 2015
2015 - Component Soft Ltd 2 OpenStack Networking Concepts ● Network: – an isolated L2 segment dedicated for tenant (or shared between tenants) – subnet: a block of ipv4/6 addresses. More than one allowed for a network – external flag (neutron only): “public net” ● Port: – A connection point for attaching a single device (NIC of a virtual server) to a virtual network. Port has ● a fixed address (via DHCP or injected) ● has an associated security group ● may have an associated floating address ● Security group: – Group of L4 filter rules (no access granted with the “default” group) ● Floating address: – an IP address from one 'external' network, associated with a port(fixed address) – could be moved between VMs ● Router (neutron only): – L3 device that connects the 'external' and the tenant networks.
2015 - Component Soft Ltd 3 Nova-network types (pre-grizzly) br0 br0 br0 VM1 VM2 VM3 VM4 fixed network (10.0.0.0/8) nova-compute nova-computenova-network dnsmasq controller compute1 compute2 ● Flat mode: – Fixed addresses are injected into the image on launch – All instances are attached to the same bridge ● Flat DHCP mode (same a flat, plus) – nova-network service runs a DHCP server(dnsmasq) – fixed addresses are assigned via DHCP ● Both cases floating IPs are plumbed on eth0, and NAT'ed to the private address public net flat_interface=eth1 public interface=eth0
2015 - Component Soft Ltd 4 Nova-network types (pre-grizzly) ● VLAN network mode (default) – As separate VLAN and bridge is created for each project – Each project has a private IP range, IP assigned via DHCP – Access to nodes are provided via NAT or CloudPipe on the nova-network node br1 br1 br1 VM1 VM2 VM3 VM4 nova-compute nova-compute nova-network dnsmasq controller compute1 compute2 br2 br2br2 dnsmasq eth1.1 eth1.2 eth1.1eth1.1 eth1.2 eth1.2 public net 10.1.0.0/16 10.2.0.0/16 router* vlan_interface=eth1 public_interface=eth0
2015 - Component Soft Ltd 5 Why neutron? (quantum) ● problems ● out of VLAN IDs (12 bit,~4096) – double VLAN might help ● for VLAN Compute nodes need to be on the same L2 segment – use VLAN trunking with multiple switches ● Two tenants cannot use the same address space for private net – NAT, routing might be complicated ● solution – have a separate node (network node), that acts as ● DHCP server, router for all tenant networks ● host for floating IPs ● host for security groups – allows ● Other tenant segregations (GRE, VxVLAN (with ML2plugin)) ● Complex tenant networks (SDN, overlapping networks) ● Backward compatibility (with LinuxBridge plugin)
2015 - Component Soft Ltd 6 Networking with Neutron Compute nodes Network node private network external network other openstack services (keystone,glance,cinder) neutron-*-plugin-agent neutron-*-plugin-agent neutron-l3-agent neutron-dhcp-agent VM1 VM2ns_r1ns_r2 service/management network neutron-server REST API calls $> neutron agent-list tenant network implemented as tunnels/vlans RPCRPC
2015 - Component Soft Ltd 7 OVSNeutronPlugin – Example topology
2015 - Component Soft Ltd 8 OVSNeutronPlugin – Physical layout goo.gl/cFx11rmX
2015 - Component Soft Ltd 9 OVSPlugin configuration - compute-node ifcfg-br-eth1 DEVICE=br-eth1 IPADDR=10.20.20.53 NETMASK=255.255.255.0 ONBOOT=yes DEVICETYPE=ovs TYPE="OVSBridge" ifcfg-eth1 DEVICE=eth1 ONBOOT=yes OVS_BRIDGE=br-eth1 DEVICETYPE=ovs TYPE="OVSPort" /etc/neutron/neutron.conf core_plugin=neutron.plugins.openvswitch .ovs_neutron_plugin.OVSNeutronPluginV2 service_plugins= eth2 eth1 br-tun br-eth1 br-intVM br-eth1 br-tun qrouter br-ex br-int eth1 /etc/neutron/plugin.ini local_ip=10.20.20.53 integration_bridge=br-int tunnel_bridge=br-tun bridge_mappings=vlan_if:br-eth1
2015 - Component Soft Ltd 10 OVS configuration – network node ifcfg-br-ex DEVICE=br-ex IPADDR=192.168.100.52 NETMASK=255.255.255.0 ONBOOT=yes DEVICETYPE=ovs TYPE="OVSBridge" ifcfg-eth2 DEVICE=eth2 ONBOOT=yes OVS_BRIDGE=br-ex DEVICETYPE=ovs TYPE="OVSPort" eth2 eth1 br-tun br-eth1 br-intVM br-eth1 br-tun qrouter br-ex br-int eth1 /etc/neutron/plugin.ini local_ip=10.20.20.52 integration_bridge=br-int tunnel_bridge=br-tun bridge_mappings=vlan_if:br-eth1 ifcfg-br-eth1 DEVICE=br-eth1 IPADDR=10.20.20.52 NETMASK=255.255.255.0 ONBOOT=yes DEVICETYPE=ovs TYPE="OVSBridge" ifcfg-eth1 DEVICE=eth1 ONBOOT=yes OVS_BRIDGE=br-eth1 DEVICETYPE=ovs TYPE="OVSPort" /etc/neutron/l3_agent.ini external_network_bridge = br-ex *address for br-ex is optional
2015 - Component Soft Ltd 11 The ML2plugin Why? ● Replace the monolithic plugins – Eliminate redundant code when developing a new plugin ● Drivers per functionality – type drivers: the “network separtion” type ● Flat, GRE,VLAN, VXLAN – mechanism drivers:The way to manage your networks ● reuse existing plugins: OVSPlugin, LinuxBridgePlugin – going to deprecate -> Modular Agent: combine OVS and LinuxBridge functionality ● optional features – L2Population: avoids broadcast flooding via APR responder ● support for heterogenous deployments (use OVS for a set of compute nodes, LinuxBridge for others) ● l3router : moved to a service plugin ( such as other *aaS plugins)
2015 - Component Soft Ltd 12 Configuration – OVS+ ML2 (Icehouse) /etc/neutron/neutron.conf core_plugin =neutron.plugins.ml2.plugin.Ml2Plugin service_plugins =neutron.services.l3_router.l3_router_plugin.L3RouterPlugin /etc/neutron//etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini [ovs] enable_tunneling=True local_ip=10.20.20.53 integration_bridge=br-int tunnel_bridge=br-tun bridge_mappings=vlan_if:br-eth1 [agent] tunnel_type=gre l2_population=True /etc/neutron/plugins/ml2/ml2_conf.ini [ml2] type_drivers = gre,vlan,vxlan tenant_network_types = gre,vlan,vxlan mechanism_drivers =openvswitch [ml2_type_flat] #flat_networks = physnet1,physnet2 [ml2_type_vlan] network_vlan_ranges =vlan_if:100:200 [ml2_type_gre] tunnel_id_ranges =100:200 [ml2_type_vxlan] # vni_ranges = [securitygroup] enable_security_group = True
2015 - Component Soft Ltd 13 ML2 feautes – L2 population (Icehouse) ● Network overhead with broadcast/multicast – GRE sends unicasts on each tunnel – VxVLAN sends to a common multicast group ● avoid ARP broadcasts – IP/MAC associations known from neutron db – setup a local ARP proxy on each node ● LinuxBrigde ip neighbour add ... permanent bridge fdb add ● OVS ebtables -t nat ... -j arpreply ComputeCompute NetworkNetworkComputeCompute VMVM ARP proxy
2015 - Component Soft Ltd 14 ML2 features – L3 HA (Juno) qrouter-X qrouter-X qdhcp-A qdhcp-A br-int VLAN2 tap-B qr-X-p1 VLAN2 br-int Network node 1 Network node 2 ha-Y2keepalived (+conntrackd) VRRP qr-X-p1 goo.gl/z4flP3 tenant network tenant HA network ha-Y1 VM3VM3 eth0 VLAN2 VLAN2 Compute node br-int Floating IPs + Router IP hosted on active router only
2015 - Component Soft Ltd 15 L3 HA facts ● Keepalived – processes talk VRRP on a separte network work ● assigned to a virtual tenant – VRRP election process ● hello packet go on multicast 224.0.0.18 ● One byte for VRID in VRRP headers – only 255 virtual routers per tenant ● on 3 missed hellos an election process is started – the lower router_id wins – failback is done if the original active comes back ● new active instance, and sends a gratuitous ARP request – switches learn the new port for MAC/IP ● Other *aaS ● HA for FWaas, LBaaS scheduled to be implemented in Kilo version

Recomendados

Scaling OpenStack Neutron in Heterogeneous Environments
Scaling OpenStack Neutron in Heterogeneous EnvironmentsScaling OpenStack Neutron in Heterogeneous Environments
Scaling OpenStack Neutron in Heterogeneous EnvironmentsMartin Klein
 
OpenStack Networking
OpenStack NetworkingOpenStack Networking
OpenStack NetworkingIlya Shakhat
 
OpenStack Neutron new developers on boarding
OpenStack Neutron new developers on boardingOpenStack Neutron new developers on boarding
OpenStack Neutron new developers on boardingMiguel Lavalle
 
Modular Layer 2 In OpenStack Neutron
Modular Layer 2 In OpenStack NeutronModular Layer 2 In OpenStack Neutron
Modular Layer 2 In OpenStack Neutronmestery
 
Whats new in neutron for open stack havana
Whats new in neutron for open stack havanaWhats new in neutron for open stack havana
Whats new in neutron for open stack havanaKamesh Pemmaraju
 
OpenStack Neutron 201 1hr
OpenStack Neutron 201 1hr OpenStack Neutron 201 1hr
OpenStack Neutron 201 1hr David Lenwell
 
OpenStack sdn
OpenStack sdnOpenStack sdn
OpenStack sdnAdrián Norte Fernández
 
OpenStack networking - Neutron deep dive with PLUMgrid
OpenStack networking - Neutron deep dive with PLUMgridOpenStack networking - Neutron deep dive with PLUMgrid
OpenStack networking - Neutron deep dive with PLUMgridKamesh Pemmaraju
 

Recomendados

Scaling OpenStack Neutron in Heterogeneous Environments
Scaling OpenStack Neutron in Heterogeneous EnvironmentsScaling OpenStack Neutron in Heterogeneous Environments
Scaling OpenStack Neutron in Heterogeneous EnvironmentsMartin Klein
 
OpenStack Networking
OpenStack NetworkingOpenStack Networking
OpenStack NetworkingIlya Shakhat
 
OpenStack Neutron new developers on boarding
OpenStack Neutron new developers on boardingOpenStack Neutron new developers on boarding
OpenStack Neutron new developers on boardingMiguel Lavalle
 
Modular Layer 2 In OpenStack Neutron
Modular Layer 2 In OpenStack NeutronModular Layer 2 In OpenStack Neutron
Modular Layer 2 In OpenStack Neutronmestery
 
Whats new in neutron for open stack havana
Whats new in neutron for open stack havanaWhats new in neutron for open stack havana
Whats new in neutron for open stack havanaKamesh Pemmaraju
 
OpenStack Neutron 201 1hr
OpenStack Neutron 201 1hr OpenStack Neutron 201 1hr
OpenStack Neutron 201 1hr David Lenwell
 
OpenStack sdn
OpenStack sdnOpenStack sdn
OpenStack sdnAdrián Norte Fernández
 
OpenStack networking - Neutron deep dive with PLUMgrid
OpenStack networking - Neutron deep dive with PLUMgridOpenStack networking - Neutron deep dive with PLUMgrid
OpenStack networking - Neutron deep dive with PLUMgridKamesh Pemmaraju
 
OpenStack Neutron Liberty Updates
OpenStack Neutron Liberty UpdatesOpenStack Neutron Liberty Updates
OpenStack Neutron Liberty Updatesmestery
 
How to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need toHow to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need tosalv_orlando
 
OpenStack Meetup - SDN
OpenStack Meetup - SDNOpenStack Meetup - SDN
OpenStack Meetup - SDNSzilvia Racz
 
OpenStack networking (Neutron)
OpenStack networking (Neutron) OpenStack networking (Neutron)
OpenStack networking (Neutron) CREATE-NET
 
OpenStack Neutron Advanced Services by Akanda
OpenStack Neutron Advanced Services by AkandaOpenStack Neutron Advanced Services by Akanda
OpenStack Neutron Advanced Services by AkandaSean Roberts
 
Open Source Backends for OpenStack Neutron
Open Source Backends for OpenStack NeutronOpen Source Backends for OpenStack Neutron
Open Source Backends for OpenStack Neutronmestery
 
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...Dave Neary
 
Openstack Neutron and SDN
Openstack Neutron and SDNOpenstack Neutron and SDN
Openstack Neutron and SDNinakipascual
 
Introduction to Software Defined Networking and OpenStack Neutron
Introduction to Software Defined Networking and OpenStack NeutronIntroduction to Software Defined Networking and OpenStack Neutron
Introduction to Software Defined Networking and OpenStack NeutronSana Khan
 
Inside neutron 2
Inside neutron 2Inside neutron 2
Inside neutron 2Robin Gong
 
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge MigrationJames Denton
 
SFBay OpenStack Meetup // Neutron and SDN in Production – Dec 3 2013
SFBay OpenStack Meetup // Neutron and SDN in Production – Dec 3 2013SFBay OpenStack Meetup // Neutron and SDN in Production – Dec 3 2013
SFBay OpenStack Meetup // Neutron and SDN in Production – Dec 3 2013Randy Bias
 
OpenStack Neutron behind the Scenes
OpenStack Neutron behind the ScenesOpenStack Neutron behind the Scenes
OpenStack Neutron behind the ScenesAnil Bidari ( CEO , Cloud Enabled)
 
Neutron behind the scenes
Neutron behind the scenesNeutron behind the scenes
Neutron behind the scenesinbroker
 
OpenStack Networking and Automation
OpenStack Networking and AutomationOpenStack Networking and Automation
OpenStack Networking and AutomationAdam Johnson
 
Navigating OpenStack Networking
Navigating OpenStack NetworkingNavigating OpenStack Networking
Navigating OpenStack NetworkingPLUMgrid
 
Quantum (OpenStack Meetup Feb 9th, 2012)
Quantum (OpenStack Meetup Feb 9th, 2012)Quantum (OpenStack Meetup Feb 9th, 2012)
Quantum (OpenStack Meetup Feb 9th, 2012)Dan Wendlandt
 
Next Generation Network Developer Skills
Next Generation Network Developer SkillsNext Generation Network Developer Skills
Next Generation Network Developer Skillsmestery
 
Networking in Openstack - Neutron 101
Networking in Openstack - Neutron 101Networking in Openstack - Neutron 101
Networking in Openstack - Neutron 101Mochamad Taufik Romdony
 
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/NeutronOverview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/Neutronvivekkonnect
 
Bluetooth
BluetoothBluetooth
BluetoothSachin Bali
 
Openstack neutron 原理详解
Openstack neutron 原理详解Openstack neutron 原理详解
Openstack neutron 原理详解Yong Luo
 

Mais conteúdo relacionado

Mais procurados

OpenStack Neutron Liberty Updates
OpenStack Neutron Liberty UpdatesOpenStack Neutron Liberty Updates
OpenStack Neutron Liberty Updatesmestery
 
How to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need toHow to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need tosalv_orlando
 
OpenStack Meetup - SDN
OpenStack Meetup - SDNOpenStack Meetup - SDN
OpenStack Meetup - SDNSzilvia Racz
 
OpenStack networking (Neutron)
OpenStack networking (Neutron) OpenStack networking (Neutron)
OpenStack networking (Neutron) CREATE-NET
 
OpenStack Neutron Advanced Services by Akanda
OpenStack Neutron Advanced Services by AkandaOpenStack Neutron Advanced Services by Akanda
OpenStack Neutron Advanced Services by AkandaSean Roberts
 
Open Source Backends for OpenStack Neutron
Open Source Backends for OpenStack NeutronOpen Source Backends for OpenStack Neutron
Open Source Backends for OpenStack Neutronmestery
 
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...Dave Neary
 
Openstack Neutron and SDN
Openstack Neutron and SDNOpenstack Neutron and SDN
Openstack Neutron and SDNinakipascual
 
Introduction to Software Defined Networking and OpenStack Neutron
Introduction to Software Defined Networking and OpenStack NeutronIntroduction to Software Defined Networking and OpenStack Neutron
Introduction to Software Defined Networking and OpenStack NeutronSana Khan
 
Inside neutron 2
Inside neutron 2Inside neutron 2
Inside neutron 2Robin Gong
 
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge MigrationJames Denton
 
SFBay OpenStack Meetup // Neutron and SDN in Production – Dec 3 2013
SFBay OpenStack Meetup // Neutron and SDN in Production – Dec 3 2013SFBay OpenStack Meetup // Neutron and SDN in Production – Dec 3 2013
SFBay OpenStack Meetup // Neutron and SDN in Production – Dec 3 2013Randy Bias
 
Neutron behind the scenes
Neutron behind the scenesNeutron behind the scenes
Neutron behind the scenesinbroker
 
OpenStack Networking and Automation
OpenStack Networking and AutomationOpenStack Networking and Automation
OpenStack Networking and AutomationAdam Johnson
 
Navigating OpenStack Networking
Navigating OpenStack NetworkingNavigating OpenStack Networking
Navigating OpenStack NetworkingPLUMgrid
 
Quantum (OpenStack Meetup Feb 9th, 2012)
Quantum (OpenStack Meetup Feb 9th, 2012)Quantum (OpenStack Meetup Feb 9th, 2012)
Quantum (OpenStack Meetup Feb 9th, 2012)Dan Wendlandt
 
Next Generation Network Developer Skills
Next Generation Network Developer SkillsNext Generation Network Developer Skills
Next Generation Network Developer Skillsmestery
 
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/NeutronOverview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/Neutronvivekkonnect
 

Mais procurados (20)

OpenStack Neutron Liberty Updates
OpenStack Neutron Liberty UpdatesOpenStack Neutron Liberty Updates
OpenStack Neutron Liberty Updates
 
How to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need toHow to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need to
 
OpenStack Meetup - SDN
OpenStack Meetup - SDNOpenStack Meetup - SDN
OpenStack Meetup - SDN
 
OpenStack networking (Neutron)
OpenStack networking (Neutron) OpenStack networking (Neutron)
OpenStack networking (Neutron)
 
OpenStack Neutron Advanced Services by Akanda
OpenStack Neutron Advanced Services by AkandaOpenStack Neutron Advanced Services by Akanda
OpenStack Neutron Advanced Services by Akanda
 
Open Source Backends for OpenStack Neutron
Open Source Backends for OpenStack NeutronOpen Source Backends for OpenStack Neutron
Open Source Backends for OpenStack Neutron
 
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...
 
Openstack Neutron and SDN
Openstack Neutron and SDNOpenstack Neutron and SDN
Openstack Neutron and SDN
 
Introduction to Software Defined Networking and OpenStack Neutron
Introduction to Software Defined Networking and OpenStack NeutronIntroduction to Software Defined Networking and OpenStack Neutron
Introduction to Software Defined Networking and OpenStack Neutron
 
Inside neutron 2
Inside neutron 2Inside neutron 2
Inside neutron 2
 
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
 
SFBay OpenStack Meetup // Neutron and SDN in Production – Dec 3 2013
SFBay OpenStack Meetup // Neutron and SDN in Production – Dec 3 2013SFBay OpenStack Meetup // Neutron and SDN in Production – Dec 3 2013
SFBay OpenStack Meetup // Neutron and SDN in Production – Dec 3 2013
 
OpenStack Neutron behind the Scenes
OpenStack Neutron behind the ScenesOpenStack Neutron behind the Scenes
OpenStack Neutron behind the Scenes
 
Neutron behind the scenes
Neutron behind the scenesNeutron behind the scenes
Neutron behind the scenes
 
OpenStack Networking and Automation
OpenStack Networking and AutomationOpenStack Networking and Automation
OpenStack Networking and Automation
 
Navigating OpenStack Networking
Navigating OpenStack NetworkingNavigating OpenStack Networking
Navigating OpenStack Networking
 
Quantum (OpenStack Meetup Feb 9th, 2012)
Quantum (OpenStack Meetup Feb 9th, 2012)Quantum (OpenStack Meetup Feb 9th, 2012)
Quantum (OpenStack Meetup Feb 9th, 2012)
 
Next Generation Network Developer Skills
Next Generation Network Developer SkillsNext Generation Network Developer Skills
Next Generation Network Developer Skills
 
Networking in Openstack - Neutron 101
Networking in Openstack - Neutron 101Networking in Openstack - Neutron 101
Networking in Openstack - Neutron 101
 
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/NeutronOverview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
 

Destaque

Openstack neutron 原理详解
Openstack neutron 原理详解Openstack neutron 原理详解
Openstack neutron 原理详解Yong Luo
 
OpenStack Cinder Overview - Havana Release
OpenStack Cinder Overview - Havana ReleaseOpenStack Cinder Overview - Havana Release
OpenStack Cinder Overview - Havana ReleaseAvishay Traeger
 
Openstack Basic with Neutron
Openstack Basic with NeutronOpenstack Basic with Neutron
Openstack Basic with NeutronKwonSun Bae
 
What we do in ml2 p.p
What we do in ml2 p.pWhat we do in ml2 p.p
What we do in ml2 p.pMade4UInMl2
 
[OpenStack Days Korea 2016] Track1 - All flash CEPH 구성 및 최적화
[OpenStack Days Korea 2016] Track1 - All flash CEPH 구성 및 최적화[OpenStack Days Korea 2016] Track1 - All flash CEPH 구성 및 최적화
[OpenStack Days Korea 2016] Track1 - All flash CEPH 구성 및 최적화OpenStack Korea Community
 

Destaque (6)

Bluetooth
BluetoothBluetooth
Bluetooth
 
Openstack neutron 原理详解
Openstack neutron 原理详解Openstack neutron 原理详解
Openstack neutron 原理详解
 
OpenStack Cinder Overview - Havana Release
OpenStack Cinder Overview - Havana ReleaseOpenStack Cinder Overview - Havana Release
OpenStack Cinder Overview - Havana Release
 
Openstack Basic with Neutron
Openstack Basic with NeutronOpenstack Basic with Neutron
Openstack Basic with Neutron
 
What we do in ml2 p.p
What we do in ml2 p.pWhat we do in ml2 p.p
What we do in ml2 p.p
 
[OpenStack Days Korea 2016] Track1 - All flash CEPH 구성 및 최적화
[OpenStack Days Korea 2016] Track1 - All flash CEPH 구성 및 최적화[OpenStack Days Korea 2016] Track1 - All flash CEPH 구성 및 최적화
[OpenStack Days Korea 2016] Track1 - All flash CEPH 구성 및 최적화
 

Semelhante a Openstack Networking and ML2

Pushing Packets - How do the ML2 Mechanism Drivers Stack Up
Pushing Packets - How do the ML2 Mechanism Drivers Stack UpPushing Packets - How do the ML2 Mechanism Drivers Stack Up
Pushing Packets - How do the ML2 Mechanism Drivers Stack UpJames Denton
 
[OpenStack 하반기 스터디] Interoperability with ML2: LinuxBridge, OVS and SDN
[OpenStack 하반기 스터디] Interoperability with ML2: LinuxBridge, OVS and SDN[OpenStack 하반기 스터디] Interoperability with ML2: LinuxBridge, OVS and SDN
[OpenStack 하반기 스터디] Interoperability with ML2: LinuxBridge, OVS and SDNOpenStack Korea Community
 
20151222_Interoperability with ML2: LinuxBridge, OVS and SDN
20151222_Interoperability with ML2: LinuxBridge, OVS and SDN20151222_Interoperability with ML2: LinuxBridge, OVS and SDN
20151222_Interoperability with ML2: LinuxBridge, OVS and SDNSungman Jang
 
neutron_icehouse_update
neutron_icehouse_updateneutron_icehouse_update
neutron_icehouse_updateAkihiro Motoki
 
SDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingSDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingThomas Graf
 
Network Virtualization & Software-defined Networking
Network Virtualization & Software-defined NetworkingNetwork Virtualization & Software-defined Networking
Network Virtualization & Software-defined NetworkingDigicomp Academy AG
 
Openstack Networking Internals - first part
Openstack Networking Internals - first partOpenstack Networking Internals - first part
Openstack Networking Internals - first partlilliput12
 
Meetup docker using software defined networks
Meetup docker using software defined networksMeetup docker using software defined networks
Meetup docker using software defined networksOCTO Technology
 
Docker networking basics & coupling with Software Defined Networks
Docker networking basics & coupling with Software Defined NetworksDocker networking basics & coupling with Software Defined Networks
Docker networking basics & coupling with Software Defined NetworksAdrien Blind
 
PLNOG 13: Nicolai van der Smagt: SDN
PLNOG 13: Nicolai van der Smagt: SDNPLNOG 13: Nicolai van der Smagt: SDN
PLNOG 13: Nicolai van der Smagt: SDNPROIDEA
 
Open stack networking_101_update_2014
Open stack networking_101_update_2014Open stack networking_101_update_2014
Open stack networking_101_update_2014yfauser
 
Sdn dell lab report v2
Sdn dell lab report v2Sdn dell lab report v2
Sdn dell lab report v2Oded Rotter
 
Neutron-to-Neutron: interconnecting multiple OpenStack deployments
Neutron-to-Neutron: interconnecting multiple OpenStack deploymentsNeutron-to-Neutron: interconnecting multiple OpenStack deployments
Neutron-to-Neutron: interconnecting multiple OpenStack deploymentsThomas Morin
 
OpenNebula Networking - Rubén S. Montero
OpenNebula Networking - Rubén S. MonteroOpenNebula Networking - Rubén S. Montero
OpenNebula Networking - Rubén S. MonteroOpenNebula Project
 
Flexible NFV WAN interconnections with Neutron BGP VPN
Flexible NFV WAN interconnections with Neutron BGP VPN Flexible NFV WAN interconnections with Neutron BGP VPN
Flexible NFV WAN interconnections with Neutron BGP VPNThomas Morin
 
Cumulus Linux 2.5.5 What's New
Cumulus Linux 2.5.5 What's NewCumulus Linux 2.5.5 What's New
Cumulus Linux 2.5.5 What's NewCumulus Networks
 
Fun with Network Interfaces
Fun with Network InterfacesFun with Network Interfaces
Fun with Network InterfacesKernel TLV
 

Semelhante a Openstack Networking and ML2 (20)

Pushing Packets - How do the ML2 Mechanism Drivers Stack Up
Pushing Packets - How do the ML2 Mechanism Drivers Stack UpPushing Packets - How do the ML2 Mechanism Drivers Stack Up
Pushing Packets - How do the ML2 Mechanism Drivers Stack Up
 
[OpenStack 하반기 스터디] Interoperability with ML2: LinuxBridge, OVS and SDN
[OpenStack 하반기 스터디] Interoperability with ML2: LinuxBridge, OVS and SDN[OpenStack 하반기 스터디] Interoperability with ML2: LinuxBridge, OVS and SDN
[OpenStack 하반기 스터디] Interoperability with ML2: LinuxBridge, OVS and SDN
 
20151222_Interoperability with ML2: LinuxBridge, OVS and SDN
20151222_Interoperability with ML2: LinuxBridge, OVS and SDN20151222_Interoperability with ML2: LinuxBridge, OVS and SDN
20151222_Interoperability with ML2: LinuxBridge, OVS and SDN
 
neutron_icehouse_update
neutron_icehouse_updateneutron_icehouse_update
neutron_icehouse_update
 
SDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingSDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center Networking
 
Network Virtualization & Software-defined Networking
Network Virtualization & Software-defined NetworkingNetwork Virtualization & Software-defined Networking
Network Virtualization & Software-defined Networking
 
Openstack Networking Internals - first part
Openstack Networking Internals - first partOpenstack Networking Internals - first part
Openstack Networking Internals - first part
 
OpenStack SDN
OpenStack SDNOpenStack SDN
OpenStack SDN
 
Meetup docker using software defined networks
Meetup docker using software defined networksMeetup docker using software defined networks
Meetup docker using software defined networks
 
Docker networking basics & coupling with Software Defined Networks
Docker networking basics & coupling with Software Defined NetworksDocker networking basics & coupling with Software Defined Networks
Docker networking basics & coupling with Software Defined Networks
 
PLNOG 13: Nicolai van der Smagt: SDN
PLNOG 13: Nicolai van der Smagt: SDNPLNOG 13: Nicolai van der Smagt: SDN
PLNOG 13: Nicolai van der Smagt: SDN
 
Opencontrail network virtualization
Opencontrail network virtualizationOpencontrail network virtualization
Opencontrail network virtualization
 
Open stack networking_101_update_2014
Open stack networking_101_update_2014Open stack networking_101_update_2014
Open stack networking_101_update_2014
 
Sdn dell lab report v2
Sdn dell lab report v2Sdn dell lab report v2
Sdn dell lab report v2
 
Neutron-to-Neutron: interconnecting multiple OpenStack deployments
Neutron-to-Neutron: interconnecting multiple OpenStack deploymentsNeutron-to-Neutron: interconnecting multiple OpenStack deployments
Neutron-to-Neutron: interconnecting multiple OpenStack deployments
 
OpenNebula Networking - Rubén S. Montero
OpenNebula Networking - Rubén S. MonteroOpenNebula Networking - Rubén S. Montero
OpenNebula Networking - Rubén S. Montero
 
Flexible NFV WAN interconnections with Neutron BGP VPN
Flexible NFV WAN interconnections with Neutron BGP VPN Flexible NFV WAN interconnections with Neutron BGP VPN
Flexible NFV WAN interconnections with Neutron BGP VPN
 
Cumulus Linux 2.5.5 What's New
Cumulus Linux 2.5.5 What's NewCumulus Linux 2.5.5 What's New
Cumulus Linux 2.5.5 What's New
 
What's new in Neutron Juno
What's new in Neutron JunoWhat's new in Neutron Juno
What's new in Neutron Juno
 
Fun with Network Interfaces
Fun with Network InterfacesFun with Network Interfaces
Fun with Network Interfaces
 

Último

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 

Último (20)

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 

Openstack Networking and ML2

  • 1. 2015 - Component Soft Ltd 1 Openstack Networking and ML2 Attila Szlovencsák Component Soft Ltd. attila@componentsoft.eu Openstack Hungary Meetup Group 26 February , 2015
  • 2. 2015 - Component Soft Ltd 2 OpenStack Networking Concepts ● Network: – an isolated L2 segment dedicated for tenant (or shared between tenants) – subnet: a block of ipv4/6 addresses. More than one allowed for a network – external flag (neutron only): “public net” ● Port: – A connection point for attaching a single device (NIC of a virtual server) to a virtual network. Port has ● a fixed address (via DHCP or injected) ● has an associated security group ● may have an associated floating address ● Security group: – Group of L4 filter rules (no access granted with the “default” group) ● Floating address: – an IP address from one 'external' network, associated with a port(fixed address) – could be moved between VMs ● Router (neutron only): – L3 device that connects the 'external' and the tenant networks.
  • 3. 2015 - Component Soft Ltd 3 Nova-network types (pre-grizzly) br0 br0 br0 VM1 VM2 VM3 VM4 fixed network (10.0.0.0/8) nova-compute nova-computenova-network dnsmasq controller compute1 compute2 ● Flat mode: – Fixed addresses are injected into the image on launch – All instances are attached to the same bridge ● Flat DHCP mode (same a flat, plus) – nova-network service runs a DHCP server(dnsmasq) – fixed addresses are assigned via DHCP ● Both cases floating IPs are plumbed on eth0, and NAT'ed to the private address public net flat_interface=eth1 public interface=eth0
  • 4. 2015 - Component Soft Ltd 4 Nova-network types (pre-grizzly) ● VLAN network mode (default) – As separate VLAN and bridge is created for each project – Each project has a private IP range, IP assigned via DHCP – Access to nodes are provided via NAT or CloudPipe on the nova-network node br1 br1 br1 VM1 VM2 VM3 VM4 nova-compute nova-compute nova-network dnsmasq controller compute1 compute2 br2 br2br2 dnsmasq eth1.1 eth1.2 eth1.1eth1.1 eth1.2 eth1.2 public net 10.1.0.0/16 10.2.0.0/16 router* vlan_interface=eth1 public_interface=eth0
  • 5. 2015 - Component Soft Ltd 5 Why neutron? (quantum) ● problems ● out of VLAN IDs (12 bit,~4096) – double VLAN might help ● for VLAN Compute nodes need to be on the same L2 segment – use VLAN trunking with multiple switches ● Two tenants cannot use the same address space for private net – NAT, routing might be complicated ● solution – have a separate node (network node), that acts as ● DHCP server, router for all tenant networks ● host for floating IPs ● host for security groups – allows ● Other tenant segregations (GRE, VxVLAN (with ML2plugin)) ● Complex tenant networks (SDN, overlapping networks) ● Backward compatibility (with LinuxBridge plugin)
  • 6. 2015 - Component Soft Ltd 6 Networking with Neutron Compute nodes Network node private network external network other openstack services (keystone,glance,cinder) neutron-*-plugin-agent neutron-*-plugin-agent neutron-l3-agent neutron-dhcp-agent VM1 VM2ns_r1ns_r2 service/management network neutron-server REST API calls $> neutron agent-list tenant network implemented as tunnels/vlans RPCRPC
  • 7. 2015 - Component Soft Ltd 7 OVSNeutronPlugin – Example topology
  • 8. 2015 - Component Soft Ltd 8 OVSNeutronPlugin – Physical layout goo.gl/cFx11rmX
  • 9. 2015 - Component Soft Ltd 9 OVSPlugin configuration - compute-node ifcfg-br-eth1 DEVICE=br-eth1 IPADDR=10.20.20.53 NETMASK=255.255.255.0 ONBOOT=yes DEVICETYPE=ovs TYPE="OVSBridge" ifcfg-eth1 DEVICE=eth1 ONBOOT=yes OVS_BRIDGE=br-eth1 DEVICETYPE=ovs TYPE="OVSPort" /etc/neutron/neutron.conf core_plugin=neutron.plugins.openvswitch .ovs_neutron_plugin.OVSNeutronPluginV2 service_plugins= eth2 eth1 br-tun br-eth1 br-intVM br-eth1 br-tun qrouter br-ex br-int eth1 /etc/neutron/plugin.ini local_ip=10.20.20.53 integration_bridge=br-int tunnel_bridge=br-tun bridge_mappings=vlan_if:br-eth1
  • 10. 2015 - Component Soft Ltd 10 OVS configuration – network node ifcfg-br-ex DEVICE=br-ex IPADDR=192.168.100.52 NETMASK=255.255.255.0 ONBOOT=yes DEVICETYPE=ovs TYPE="OVSBridge" ifcfg-eth2 DEVICE=eth2 ONBOOT=yes OVS_BRIDGE=br-ex DEVICETYPE=ovs TYPE="OVSPort" eth2 eth1 br-tun br-eth1 br-intVM br-eth1 br-tun qrouter br-ex br-int eth1 /etc/neutron/plugin.ini local_ip=10.20.20.52 integration_bridge=br-int tunnel_bridge=br-tun bridge_mappings=vlan_if:br-eth1 ifcfg-br-eth1 DEVICE=br-eth1 IPADDR=10.20.20.52 NETMASK=255.255.255.0 ONBOOT=yes DEVICETYPE=ovs TYPE="OVSBridge" ifcfg-eth1 DEVICE=eth1 ONBOOT=yes OVS_BRIDGE=br-eth1 DEVICETYPE=ovs TYPE="OVSPort" /etc/neutron/l3_agent.ini external_network_bridge = br-ex *address for br-ex is optional
  • 11. 2015 - Component Soft Ltd 11 The ML2plugin Why? ● Replace the monolithic plugins – Eliminate redundant code when developing a new plugin ● Drivers per functionality – type drivers: the “network separtion” type ● Flat, GRE,VLAN, VXLAN – mechanism drivers:The way to manage your networks ● reuse existing plugins: OVSPlugin, LinuxBridgePlugin – going to deprecate -> Modular Agent: combine OVS and LinuxBridge functionality ● optional features – L2Population: avoids broadcast flooding via APR responder ● support for heterogenous deployments (use OVS for a set of compute nodes, LinuxBridge for others) ● l3router : moved to a service plugin ( such as other *aaS plugins)
  • 12. 2015 - Component Soft Ltd 12 Configuration – OVS+ ML2 (Icehouse) /etc/neutron/neutron.conf core_plugin =neutron.plugins.ml2.plugin.Ml2Plugin service_plugins =neutron.services.l3_router.l3_router_plugin.L3RouterPlugin /etc/neutron//etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini [ovs] enable_tunneling=True local_ip=10.20.20.53 integration_bridge=br-int tunnel_bridge=br-tun bridge_mappings=vlan_if:br-eth1 [agent] tunnel_type=gre l2_population=True /etc/neutron/plugins/ml2/ml2_conf.ini [ml2] type_drivers = gre,vlan,vxlan tenant_network_types = gre,vlan,vxlan mechanism_drivers =openvswitch [ml2_type_flat] #flat_networks = physnet1,physnet2 [ml2_type_vlan] network_vlan_ranges =vlan_if:100:200 [ml2_type_gre] tunnel_id_ranges =100:200 [ml2_type_vxlan] # vni_ranges = [securitygroup] enable_security_group = True
  • 13. 2015 - Component Soft Ltd 13 ML2 feautes – L2 population (Icehouse) ● Network overhead with broadcast/multicast – GRE sends unicasts on each tunnel – VxVLAN sends to a common multicast group ● avoid ARP broadcasts – IP/MAC associations known from neutron db – setup a local ARP proxy on each node ● LinuxBrigde ip neighbour add ... permanent bridge fdb add ● OVS ebtables -t nat ... -j arpreply ComputeCompute NetworkNetworkComputeCompute VMVM ARP proxy
  • 14. 2015 - Component Soft Ltd 14 ML2 features – L3 HA (Juno) qrouter-X qrouter-X qdhcp-A qdhcp-A br-int VLAN2 tap-B qr-X-p1 VLAN2 br-int Network node 1 Network node 2 ha-Y2keepalived (+conntrackd) VRRP qr-X-p1 goo.gl/z4flP3 tenant network tenant HA network ha-Y1 VM3VM3 eth0 VLAN2 VLAN2 Compute node br-int Floating IPs + Router IP hosted on active router only
  • 15. 2015 - Component Soft Ltd 15 L3 HA facts ● Keepalived – processes talk VRRP on a separte network work ● assigned to a virtual tenant – VRRP election process ● hello packet go on multicast 224.0.0.18 ● One byte for VRID in VRRP headers – only 255 virtual routers per tenant ● on 3 missed hellos an election process is started – the lower router_id wins – failback is done if the original active comes back ● new active instance, and sends a gratuitous ARP request – switches learn the new port for MAC/IP ● Other *aaS ● HA for FWaas, LBaaS scheduled to be implemented in Kilo version