Sunteți pe pagina 1din 26

OpenStack Neutron & Software Defined Networks (SDN)

OpenStack BCN MeetUp - March 2014 Iñaki Pascual – Software Engineer

Acknowledgments

I want to thank all the developers and members in OpenStack Community, OpenStack Foundation and Open Networking Foundation. Also to my colleges in PLUMgrid Inc.

Information presented here is sourced from my own experience as PLUMgrid employee and from:

OpenStack Foundation Documents & Community

Open Networking Foundation

Stanford Seminar 2013 - “Software-Defined Networking at the Crossroads” by Scott Shenker,

University of California, Berkeley http://www.youtube.com/watch?v=WabdXYzCAOU

OpenStack Summit Presentations

“OpenStack Neutron Modular Layer 2 Plugin Deep Dive"

By: Kyle Mestery,Robert Kukura in OpenStack

PLUMgrid Inc, http://plumgrid.com/resources/

Views and technical points expressed here are solely presenter’s and doesn’t reflect the

views/positions of PLUMgrid Inc in any way.

Neutron & SDN

OpenStack BCN MeetUp - March 2014

Agenda

Demo. Intro to Neutron (Havana release).

Dashboard and CLI overview.

Create networks, spawn VMs, test connectivity.

Floating IPs, create, assign. Test external connectivity.

Load Balancer create and test.

Test isolation of overlapping networks.

Slides. Neutron Overview

Network as a Service *(NaaS)

Components

Architecture

New plugin ML2.

Demo. Neutron.

REST API example with curl.

View components, network namespaces, soft switches.

Slides. SDN.

Definition, architecture.

Virtual Networks.

Software Edges.

Example: PLUMgrid.

Conclusions. Neutron and SDN.

Neutron & SDN

OpenStack BCN MeetUp - March 2014

Demo

Dashboard and CLI overview. Create Networks, spawn VMs, test connectivity. Create and assign floating IPs, test external access. Load balancer create and test. Overlapping IPs, test tenant isolation.

Neutron & SDN

OpenStack BCN MeetUp - March 2014

Neutron in Openstack

Neutron in Openstack Neutron & SDN OpenStack BCN MeetUp - March 2014

Neutron & SDN

OpenStack BCN MeetUp - March 2014

Neutron in Openstack

Neutron & SDN

Neutron in Openstack Neutron & SDN OpenStack BCN MeetUp - March 2014

OpenStack BCN MeetUp - March 2014

Network as a Service (NaaS)

Provides REST APIs to manage network connections for the resources managed by other OpenStack Services (e.g. Nova)

Technology Agnostic (framework based on “plug-ins”)

Multi-tenancy: Isolation, Abstraction, full control over virtual networks

Modular Design: API specifies service, vendor provides its implementation. Extensions for vendor-specific features.

Standalone Service : It is not exclusive to OpenStack. Neutron is an autonomous service

Exposes vendor-specific network virtualization and SDN technologies

Neutron & SDN

OpenStack BCN MeetUp - March 2014

Neutron Components

Neutron Components Neutron & SDN OpenStack BCN MeetUp - March 2014

Neutron & SDN

OpenStack BCN MeetUp - March 2014

Neutron Components

Neutron Server

Runs on Controller node.

Exposes API. Enforces network model.

Passes requests to Neutron plugin.

Neutron Plugin

Runs on Controller node.

Implements the API.

Interacts with neutron server, database and agents.

Queue

Enhance communication between each components of neutron

Database

Persistent network model

Plugin agent (*)

Run on each compute node

Connect instances to network port

DHCP Agent (*)

Start/stop dhcp server

Maintain dhcp configuration

L3 Agent (*)

To implement floating IPs and other L3 features, such as NAT

(*) These components may be overridden by the plug-in

Neutron & SDN

OpenStack BCN MeetUp - March 2014

Modular Layer 2 Plug-in (ML2)

New in Havana, deprecates the OpenVSwitch and LinuxBridge plug-ins (but not the agents).

Modularity through drivers:

TypeDrivers: flat, VLAN, GRE

Mechanism Drivers: OVS, LinuxBridge

One mechanism Driver may support several Type Drivers.

Vendors may implement a new plug-in or a mechanism driver.

Neutron & SDN

OpenStack BCN MeetUp - March 2014

Network Devices – Compute Node

Network Devices – Compute Node Neutron & SDN OpenStack BCN MeetUp - March 2014

Neutron & SDN

OpenStack BCN MeetUp - March 2014

Network Devices - Network Node.

Network Devices - Network Node. Neutron & SDN OpenStack BCN MeetUp - March 2014

Neutron & SDN

OpenStack BCN MeetUp - March 2014

Demo (II)

Neutron REST API, example with curl. Neutron Internals:

Network namespaces – DHCP, Router, LoadBalancer OVS Bridges - VLANs

Neutron & SDN

OpenStack BCN MeetUp - March 2014

Demo (II)

Neutron API example with cURL. How to update a network:

1.- get the token from keystone 2.- list existing networks to get id of network to update 3.- update network name After these, check in Dashboard that name has actually changed

$ export IP=<host_ip>

$ export PASS=<admin_password>

$ curl -d "{\"auth\":{\"tenantName\": \"admin\", \"passwordCredentials\":

{\"username\": \"admin\", \"password\": \"$PASS\"}}}" -H "Content-type: application/json"

http://$IP:35357/v2.0/tokens

$ export TOKEN=<token_id>

$ curl -H "X-Auth-Token: $TOKEN" http://$IP:9696/v2.0/networks

$ export NET=<network_id>

$ curl -H "X-Auth-Token: $TOKEN" -X PUT -d '{"network": {"name": "network_updated"}}'

APIs:

Neutron & SDN

OpenStack BCN MeetUp - March 2014

Demo (II)

Show soft bridges. We can see the vlan tags in integration bridge.

$ sudo ovs-vsctl show

e80f467f-bd33-452a-a495-e7c89736c552

Bridge br-int Port "tap0b53fd22-35" tag: 2 Interface "tap0b53fd22-35" Port "tapd7e7242f-64" tag: 3 Interface "tapd7e7242f-64" Port br-int Interface br-int type: internal Port "qr-63a50193-d2" tag: 2 Interface "qr-63a50193-d2" type: internal Port "qr-2ad51820-c7" tag: 1 Interface "qr-2ad51820-c7" type: internal Port "tap2f696f92-6c" tag: 2 Interface "tap2f696f92-6c" type: internal

Neutron & SDN

OpenStack BCN MeetUp - March 2014

Demo (II)

Show network namespaces

$ ip netns show

qlbaas-9035ea38-1916-4cf9-855f-06f1a41b1899

qdhcp-a389d59d-5275-4470-9edf-44bf7de6cb0f

qdhcp-f030bfa9-5209-477b-a260-e0bc552ebffd

qrouter-9de1459b-c453-485c-b89e-99cb09e82371

qrouter-91a3612b-835c-400b-b8db-6d11dade6b11

Neutron & SDN

OpenStack BCN MeetUp - March 2014

Demo (II)

Execute commands in network namespaces

$ sudo ip netns exec qdhcp-a389d59d-5275-4470-9edf-44bf7de6cb0f ifconfig

Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0

lo

RX bytes:0 (0.0 B)

TX bytes:0 (0.0 B)

tapae991773-bd Link encap:Ethernet HWaddr fa:16:3e:80:a8:0f inet addr:30.0.0.4 Bcast:30.0.0.255 Mask:255.255.255.0 inet6 addr: fe80::f816:3eff:fe80:a80f/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:40 errors:0 dropped:0 overruns:0 frame:0 TX packets:25 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:5048 (5.0 KB) TX bytes:3074 (3.0 KB)

inaki@precise:~/devstack$ sudo ip netns exec qdhcp-a389d59d-5275-4470-9edf-44bf7de6cb0f tcpdump -i tapae991773-bd tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on tapae991773-bd, link-type EN10MB (Ethernet), capture size 65535 bytes

Neutron & SDN

OpenStack BCN MeetUp - March 2014

SDN Introduction

Why SDN?:

Networks have a high operational cost.

Networks are difficult to evolve.

There is a need for NaaS

2008: The Open Networking Foundation (ONF) releases OpenFlow (Standford University) and NOX (Nicira).

There was previous efforts like Software Defined Radio, MPLS and other works in Universities and Companies' labs.

Neutron & SDN

OpenStack BCN MeetUp - March 2014

SDN Definition (by Open Networking Foundation)

SDN Definition (by Open Networking Foundation) Neutron & SDN OpenStack BCN MeetUp - March 2014

Neutron & SDN

OpenStack BCN MeetUp - March 2014

SDN Architecture

SDN Architecture Neutron & SDN OpenStack BCN MeetUp - March 2014

Neutron & SDN

OpenStack BCN MeetUp - March 2014

Network Virtualization

Network Virtualization Neutron & SDN ● In the original SDN 3-layer architecture, the control programs are

Neutron & SDN

In the original SDN 3-layer architecture, the control programs are aware of the underlying physical network.

New intermediate layer allows operator to express his needs in a higher level language, so decoupling from the physical infrastructure.

Network hypervisor will convert them into Network OS language.

Allows the creation of tenant isolated virtual networks.

OpenStack BCN MeetUp - March 2014

Core/Edge Nodes Differentiation

Core/Edge Nodes Differentiation Neutron & SDN ● Concept borrowed from MPLS. Two different kind of nodes:

Neutron & SDN

Concept borrowed from MPLS. Two different kind of nodes: core/edge.

Core: Transport packets among edge nodes.

Edges: nodes connected to hosts.

All functionalities can be moved to edges while core can focus on transport.

Edge nodes became Software Edges.

SDN Controller need to talk only to edge nodes.

Actually part of the SDN work can be done by the software edges.

OpenStack BCN MeetUp - March 2014

SDN Example: PLUMgrid.

SDN Example: PLUMgrid. Neutron & SDN http://plumgrid.com/resources/ OpenStack BCN MeetUp - March 2014

Neutron & SDN

OpenStack BCN MeetUp - March 2014

Neutron & SDN

Centralized control plane allows creating isolated tenant virtual networks. Compute nodes are the software edges. Neutron enforces SDN but actually delegates its implementation and functionalities to the plugin.

Neutron & SDN

OpenStack BCN MeetUp - March 2014

Neutron & SDN

Thank you!

OpenStack BCN MeetUp - March 2014

Neutron & SDN

?

OpenStack BCN MeetUp - March 2014