CloudStack + SDN
•
55 gostaram•15,802 visualizações
CloudStack comes with a built-in SDN controller. One way of implementing SDN is to build overlay networks in the Data Center. This slideshow explains how CloudStack builds and maintains GRE tunnel overlays to provide scalable multi-tenant networking for cloud deployments
Recomendados
Recomendados
Mais conteúdo relacionado
Mais procurados
Mais procurados (20)
Destaque
Destaque (20)
Semelhante a CloudStack + SDN
Semelhante a CloudStack + SDN (20)
Mais de Chiradeep Vittal
Mais de Chiradeep Vittal (8)
Último
Último (20)
CloudStack + SDN
- 1. SDN & CloudStack Chiradeep Salvatore @Chiradeep @ taturiello April, 2012
- 2. Outline • CloudStack Cloud Architecture • VLAN Limitations • SDN & Overlay Networks ○ Deploy Virtual Machines ○ Create Overlay Layer-2 Network ○ Flow programming • Benefits
- 3. CloudStack Cloud Architecture Internet Hypervisor is the basic unit of scale. CloudStack Management Server Cluster consists of one ore more hosts of Zone 1 same hypervisor L3 core All hosts in cluster have access to shared (primary) storage Pod 1 Access Layer Pod N Pod is one or more clusters, usually with Secondary L2 switches. …. Storage Cluster N Availability Zone has one or more pods, has access to secondary storage. …. One or more zones represent cloud Cluster 1 Host 1 Primary Storage Host 2
- 4. VLAN Limitations • Multi-tenancy ○ Tenants are isolated by assigning separate VLANs ○ Tenant can own multiple VLANs. E.g., multi-tier application • Limitations ○ 4K VLANs maximum ○ VLANs span across the zone (datacenter) ○ All switches are configured with all VLANs ○ See multicast, broadcast traffic even if no associated VM ○ Traffic tromboning across the zone for east-west traffic Limit few hundred tenants per zone
- 5. Deploy Virtual Machines User requests for isolated layer- CS Management Server 2 network CS follows 'lazy create' model and stores the request in DB until VM deployment Create Network A Create DB Entry P I MySQL DB
- 6. Deploy Virtual Machines User requests for isolated layer- 2 network Deployment Planner CS follows 'lazy create' model Pass VM resource and stores the request in DB requirements until VM deployment Deploy VMs Determines hosts A (vm1, vm2, vm3) P to deploy VMs vm1 Host1 User deploys VMs with specific I vm2 Host2 resource requirements vm3 Host4 CS 'Deployment Planner' determines the ideal hosts to place the VMs based on the MySQL DB resource requirements
- 7. Deploy Virtual Machines User requests for isolated layer- 2 network CS follows 'lazy create' model Host 1 Host 3 and stores the request in DB until VM deployment VM 1 User deploys VMs with specific resource requirements CS 'Deployment Planner' determines the ideal hosts to Host 2 Host 4 place the VMs based on the VM VM resource requirements 2 3 VR Place VMs on appropriate hosts
- 8. Create Overlay L2 Networks Create Full Mesh of GRE tunnels CloudStack SDN (if they don't already exist) Controller between hosts on which VMs are deployed Host 1 (Pod 2) Host 3 (Pod 3) VM OVS CloudStack SDN controller 1 programs the Open vSwitch (OVS) on XenServer to configure GRE Tunnel GRE tunnels Host 2 (Pod 4) Host 4 (Pod 2) OVS OVS VM VM 2 3 VR GRE Tunnel GRE Tunnel
- 9. Create Overlay L2 Networks Create Full Mesh of GRE tunnels (if they don't already exist) Tenant1 between hosts on which VMs Tenant2 are deployed Host 1 Host 3 VM VM VM CloudStack SDN controller 1 1 3 VR programs the Open vSwitch (OVS) on XenServer to configure GRE Tunnel GRE tunnels Assign 'Tenant' key to the customer that allows traffic Host 2 Host 4 isolation from other tenants VM VM VM VR 2 2 3 New customers can share the established GRE tunnels with GRE Tunnel GRE Tunnel separate tenant keys
- 10. Overlay Networks Cross Layer-3 Boundary Datacenter1 / Zone1 Datacenter2 / Zone2 Host 3 Host 3 Host 1 Host 1 VM VM 4 1 Host 2 Host 4 Host 2 Host 4 VM VM VM 2 3 VR 5 GRE Tunnels (overlay L2 networks) can cross L3 (core) routers. This allows customers to seamlessly access resources across different datacenters
- 11. Flow Programming to Prevent Broadcast Storms CloudStack controller programs CS MS SDN OVS to prevent packet loops Controller and broadcast storms Host 1 Host 3 OVS OVS VM VM 1 4 Host 2 OVS OVS Host 4 VM VM 2 3 VR
- 12. Flow Programming to Prevent Broadcast Storms CloudStack controller programs OVS to prevent packet loops and broadcast storms Host 1 Host 3 VM sends a broadcast packet. VM VM It's sent out via all the GRE 1 4 tunnel interfaces Hypervisors receive the broadcast packets and transmit them to appropriate VMs. But, these packets are not Host 2 Host 4 transmitted back onto GRE tunnel interfaces VM VM 2 3 VR
- 13. CloudStack SDN Controller is Proactive Controller is complete topology aware and pre-programs all CloudStack flow rules SDN Controller No delay for new flows Program flow rules Highly scalable Host 1 New flow1 VM 1 OVS OVS is fully functional even in the event of failure
- 14. Overlay L2 Networks & Network Services NW Services • DNS & DHCP • NAT • LB • VPN Tenant2 Public Network Host 1 Host 3 VM VM VR 1 3 CloudStack Virtual Router supports variety of GRE Tunnel Network Services Host 2 Host 4 VM 2 GRE Tunnel GRE Tunnel
- 15. Benefits • 'Unlimited' Scalability ○ Only one GRE tunnel between any pair of hosts. 'Order N' scaling of GRE tunnels w.r.t hosts in the cloud ○ Tenant key is 32 bits. Can scale up to (2^32 - 1) tenants • Tunnels can extend to multiple datacenters across core (L3) routers ○ Seamless communication between resources across 'datacenters' in the cloud • Avoid traffic 'trombooning'
- 16. Future • Support for security groups • Optimize ARP & DHCP responses • Use Openflow to program OVS • Integrate with 3rd party SDN controllers • AWS VPC semantics 16