My INSURER PTE LTD - Insurtech Innovation Award 2024
OpenStack Neutron Behind The Senes
1. Copyright Cloud Enabled Ltd, All rights Reserved.
OpenStack Neutron : Behind the Scenes
Speaker,
Anil Bidari
Founder and CEO, Cloud Enabled
What am doing these days : “Breathing OpenStack these Days”
Anil.bidari@thecloudenabled.com
Website : thecloudenabled.com
2. Disclaimer :The content published in this presentation is Intellectual property of Cloud
Enabled .This content may not be reproduced, downloaded, disseminated, published, or
transferred in any form or by any means, except with the prior written permission of Cloud
Enabled ,Bangalore. All product and company names,logos used in this presentation are
trademarks™ or registered® trademarks of their respective holders.
Copyright Cloud Enabled Ltd, All rights Reserved.
3. Learning Objectives
Software Defined networking - An overview
OpenStack Neutron Overview
Packet flow to external network
2
1
3
Agenda
Copyright Cloud Enabled Ltd, All rights Reserved.
4
Packet flow from VM to VM
OpenVswitch - Overview
Neutron-VXLAN-GRE-OVS : behind the scenes
5
6
5. Copyright Cloud Enabled Ltd, All rights Reserved.
Definition of SDN ?
SDN is a Separation of a control plane with data plane.
Where a single control plane can manage multiple
data planes ( both hardware based and software based)
--------Anil Bidari, Founder and CEO, Cloud Enabled
6. Copyright Cloud Enabled Ltd, All rights Reserved.
SDN Architecture
SDN Controller
Hardware based Openflow supported switch Software based switch (Ex : OpenvSwitch )
Note : Openflow is not the only protocol in SDN, it is mostly widely used. we will focus on SDN from openflow perspective for this deck
7. Copyright Cloud Enabled Ltd, All rights Reserved.
Characteristics of SDN ?
Unified/
centralized
network
services
management
SDN controller
runs on
commodity
hardware or
virtual
machine
No vendor
lock in
Less
Expensive
On demand
provisioning
8. Copyright Cloud Enabled Ltd, All rights Reserved.Copyright Cloud Enabled Ltd, All rights Reserved.
Why SDN ?
Emergence of Cloud services era :
Users expect on-demand networks in cloud and flexibility to create their own
• network ( create L2 software based networks )
• routes ( create l3 software based routers )
• ACL ( Allow/Deny rules as required on demand)
9. Copyright Cloud Enabled Ltd, All rights Reserved.
OpenFlow Switch –components
Copyright Cloud Enabled Ltd, All rights Reserved.
An OpenFlow switch can be broken into two components: the switch-agent and the data plane.
• The switch-agent speaks the OpenFlow protocol to one or more controllers.
• The switch-agent will translate commands from the controller to the data plane performs all packet
forwarding and manipulation.
• data plane of a switch is composed of only a few things: ports, flow tables, flows, classifiers, and
actions.
Data
plane
Switch-
agent
11. Neutron – Overview ( Networking Project of OpenStack foundation)
Physical Infrastructure
(Physical Server, Network Switches, Storage, SAN Fabric)
Virtual Infrastructure
(Hypervisor, VM’s, vLAN, vSAN , vSwitch)
Cloud Management Stack
(Self service Portal, Service catalogue ,Metering , Automation )
Network-aaS
ESXi
NATVPNaaS
Neutron
Neutron allows you to provide Network-As-A-Service (IaaS) for your consumers of private or
public cloud
Copyright Cloud Enabled 2014 , www.cloudenabled.in All product and company names are trademarks™ or registered® trademarks of their respective holders.
FWaaS Virtual Router LBaaS
12. Copyright Cloud Enabled Ltd, All rights Reserved.
Networking agents
These agents interact with the main neutron process through RabbitMQ or Qpid
Neutron
Agents
OVS-
agent
Dhcp-
agent
L3
agent
Helps neutron
to talk to
OpenvSwitch
Allocates IP
for user
created VM
facilitates
external
connectivity to
user created vm
15. Copyright Cloud Enabled Ltd, All rights Reserved.
Neutron node and compute
node : Peering & integration
16. 100.100.100.81 – Compute Node-02
OpenStack Multi Node How are they connected
br-int br-int
br-ex
100.100.100.61 : Neutron Node
100.100.100.71 : Compute Node-01
Port eth1Port phy-br-ex
Port int-br-ex
Port "gre-6464643d
Port patch-int
Port patch-tun
Port "gre-64646447"
Port "gre-64646451" Port "gre-64646447"
Port "gre-6464643d"
Port "gre-64646451"
Port patch-int
Port patch-tun
Port patch-int
Port patch-tun
Port br-intPort br-int
Port br-ex
Internet
Port br-int
18. 100.100.100.81 – Compute Node-02
VM internet access flow
br-int br-int
br-ex
100.100.100.61 : Neutron Node
100.100.100.71 : Compute Node-01
Port eth1Port phy-br-ex
Port int-br-ex
Port "gre-6464643d
Port patch-int
Port patch-tun
Port "gre-64646447"
Port "gre-64646451" Port "gre-64646447"
Port "gre-6464643d"
Port "gre-64646451"
Port patch-int
Port patch-tun
Port patch-int
Port patch-tun
Port br-intPort br-int
Port br-ex
Internet
Port br-intPort tap7c1593a0-ea
qvo689bd406-ed
"
Port "qg-24aa68e7-15
20. 100.100.100.81 – Compute Node-02
Intra vm communication across hosts
br-int br-int
br-ex
100.100.100.61 : Neutron Node
100.100.100.71 : Compute Node-01
Port eth1Port phy-br-ex
Port int-br-ex
Port "gre-6464643d
Port patch-int
Port patch-tun
Port "gre-64646447"
Port "gre-64646451" Port "gre-64646447"
Port "gre-6464643d"
Port "gre-64646451"
Port patch-int
Port patch-tun
Port patch-int
Port patch-tun
Port br-intPort br-int
Port br-ex
Internet
Port br-intPort tap7c1593a0-ea
qvoc6e94c39-7c
qvo689bd406-ed
21. Copyright Cloud Enabled Ltd, All rights Reserved.
Queries
anil.bidari@thecloudenabled.com
http://www.slideshare.net/AnilBidari1Slides available @