Shared Networks to Support VNF

High Availability Across OpenStack

Multi Region Deployment
Speakers
Chaoyi Huang
OpenStack Tricircle PTL:
https://wiki.openstack.org/wiki/Tricircle
OPNFV Multisite PTL:
https://wiki.opnfv.org/display/multisite/
Multisite
Valentin Boucher Vikram Dham
OPNFV OVN4NFV PTL:
OPNFV Functest committer:
https://wiki.opnfv.org/display/PROJ/Ov
https://wiki.opnfv.org/display/functest
n4nfv
OPNFV Multisite committer:
OPNFV Multisite Committer:
https://wiki.opnfv.org/display/multisite
https://wiki.opnfv.org/display/multisite/
Multisite
Agenda
Lab introduction

Video Conference in multisite

vIMS in multisite

How Tricricle help the networking

Lab introduction

Laptop Laptop

BeiJing Huawei Cloud Open Lab

LangFang

DongGuang
 Lab introduction ( Chaoyi )

JITSI vIMS Tricircle

OpenStack
HOST5
RegionOne
BeiJing
JITSI vIMS
LangFang
OpenStack
HOST1
RegionThree

JITSI vIMS

OpenStack
Host3
RegionTwo
Mixed release environment
Tricricle + Neutron Server: Pike release
Three OpenStack clouds: Newton release
Multiparty Video Conference VNF
Multiparty Video Conference architecture
Jitsi Demo - Architecture
Why TriCircle for Jitsi?

Secure logical L2 private network between Jitsi Controller and Jitsi Video Bridges
Multisite Jitsi Deployment using TriCircle
vIMS - Software Architecture

MetaSwitch Clearwater
IMS architecture before
May 2017
vIMS - Demo Architecture
vIMS - Network Architecture
+-----------------------+ +-----------------------+ +----------------------+
| ext-net1 | | ext-net2 | | ext-net3 |
| +-------+ | | +-------+ | | +--+---+ |
|RegionOne | | |RegionTwo | | | RegionThree | |
| +---+---+ | | +---+---+ | | +----+--+ |
| | R1 | | | | R2 | | | | R3 | |
| +--+----+ | | +--+----+ | | +--+----+ |
| | net1 | | | net2 | | net3 | |
| +---+--+---+-+ | | +---+--+---+-+ | | ++-----+--+---+ |
| | | | | | | | | | | |
| +---------+-+ | | | +---------+-+ | | | | +--+--------+ |
| |vIMS(non-HA| | | | | vIMS(HA) | | | | | | vIMS(HA) | |
| +-----------+ | | | +-----------+ | | | | +-----------+ |
| +----+--+ | | +----+--+ | | +-+-----+ |
| | R4(1) | | | | R4(2) | | | | R4(3) | |
| +-----+-+ | | +---+---+ | | +----+--+ |
| | | | | | | | |
+-----------------------+ +-----------------------+ +----------------------+
| bridge-net | |
+------------------------+------------------+
 vIMS - Limitation & Evolution

Limitation :

VNF support only 2 sites for the moment

No HA for MANO component in the demo (but cloudify 4.0 support HA)

Possible next steps :

Support multisite into Functest/cloudify_ims test-case

Support multisite/tricircle in ONAP

How Tricricle help the networking

Create cross Neutron logical network

1 topology through central Neutron

Neutron Server
Tricircle Central
Neutron Plugin

Tricircle

Nova Cinder Neutron Server Neutron Server Cinder Nova

Tricircle Local Tricircle Local
Neutron Plugin Neutron Plugin
Real Core Plugin Real Core Plugin
OpenStack(Region One) OpenStack(Region Two)
 How Tricricle help the networking

Create cross Neutron logical network

1 topology through central Neutron

Neutron Server
Tricircle Central
Neutron Plugin

Tricircle
Boot VM
Boot VM 2
2 in Nova
in Nova

Nova Cinder Neutron Server Neutron Server Cinder Nova

Tricircle Local Tricircle Local
Neutron Plugin Neutron Plugin
Real Core Plugin Real Core Plugin
OpenStack(Region One) OpenStack(Region Two)
 How Tricricle help the networking

Neutron Server
Tricircle Central
Neutron Plugin

Tricircle
3 Attach network Attach network 3
Boot VM
Boot VM 2
2 in Nova
in Nova

Nova Cinder Neutron Server Neutron Server Cinder Nova

Tricircle Local Tricircle Local
Neutron Plugin Neutron Plugin
Real Core Plugin Real Core Plugin
OpenStack(Region One) OpenStack(Region Two)
How Tricricle help the networking

Neutron Server
Tricircle Central
Neutron Plugin

Trigger networking Tricircle Trigger networking

automation 4 4 automation

Nova Cinder Neutron Server Neutron Server Cinder Nova

Tricircle Local Tricircle Local
Neutron Plugin Neutron Plugin
Real Core Plugin Real Core Plugin
OpenStack(Region One) OpenStack(Region Two)
How Tricricle help the networking
Create cross Neutron logical network
1 topology through central Neutron

Neutron Server
Tricircle Central
Neutron Plugin

Tricircle XJOB
Cross Neutron Cross Neutron
networking automation 5 5 networking automation

Nova Cinder Neutron Server Neutron Server Cinder Nova

Tricircle Local Tricircle Local
Neutron Plugin Neutron Plugin
Real Core Plugin Real Core Plugin
OpenStack(Region One) OpenStack(Region Two)

● Long duration networking automation job will be done by XJOB asynchronously

● Different SDN controller could be integrated as Neutron backend as ML2 driver or core plugin
L2 networking -
Shadow Port, Shadow Agent, ARP Proxy

Shadow Shadow
Port2 Port1 Port1
Port2

Shadow Host1 Shadow

Host2 Host2 Host1

Port1’s VTEP
Port2’s VTEP

Port2’s VTEP Port1’s VTEP

Shadow Port: a virtual object to represent a port in another cloud

Shadow Agent: a virtual object to represent VTEP of the shadow port, L2GW mode supported too.
ARP Proxy: configure L2 Population and ARP responder to enable APR proxy in compute node to
reduce MAC learning
Cross Neutron L2 Network: VxLAN, VLAN, Flat supported.
How Shadow Agent, Shadow Port go to another cloud

Neutron Server
Tricircle Central
Neutron Plugin

Tricircle

1.Port update, port1(host1)

Nova Cinder Neutron Server Neutron Server Cinder Nova

Tricircle Local Tricircle Local
Neutron Plugin Neutron Plugin
Real Core Plugin Real Core Plugin
OpenStack(Region One) OpenStack(Region Two)
How Shadow Agent, Shadow Port go to another cloud

Neutron Server
Tricircle Central
Neutron Plugin

Tricircle
2.Port update, port1(host1, VTEP)

Nova Cinder Neutron Server Neutron Server Cinder Nova

Tricircle Local Tricircle Local
Neutron Plugin Neutron Plugin
Real Core Plugin Real Core Plugin
OpenStack(Region One) OpenStack(Region Two)
How Shadow Agent, Shadow Port go to another cloud

Neutron Server
Tricircle Central
3.save shadow agent
4. Trigger async. job to setup Neutron Plugin
shadow port/agent
Tricircle XJOB

Nova Cinder Neutron Server Neutron Server Cinder Nova

Tricircle Local Tricircle Local
Neutron Plugin Neutron Plugin
Real Core Plugin Real Core Plugin
OpenStack(Region One) OpenStack(Region Two)
How Shadow Agent, Shadow Port go to another cloud

Neutron Server
Tricircle Central
Neutron Plugin

Tricircle XJOB
5. Create shadow port
with VTEP info in profile

OpenStack(Region Three)

Nova Cinder Neutron Server Neutron Server Cinder Nova

Tricircle Local Tricircle Local
Neutron Plugin Neutron Plugin
Real Core Plugin Real Core Plugin
OpenStack(Region One) OpenStack(Region Two)
How Shadow Agent, Shadow Port go to another cloud

Neutron Server
Tricircle Central
Neutron Plugin

Tricircle XJOB

OpenStack(Region Three)

Nova Cinder Neutron Server Neutron Server Cinder Nova

Tricircle Local 6. Create shadow Tricircle Local
Neutron Plugin agent/ port Neutron Plugin
Real Core Plugin Real Core Plugin
OpenStack(Region One) OpenStack(Region Two)
How Shadow Agent, Shadow Port go to another cloud

Neutron Server
Tricircle Central
Neutron Plugin

Tricircle XJOB
7. update shadow port to
up state

OpenStack(Region Three)

Nova Cinder Neutron Server Neutron Server Cinder Nova

Tricircle Local Tricircle Local
Neutron Plugin Neutron Plugin
Real Core Plugin Real Core Plugin
OpenStack(Region One) OpenStack(Region Two)
How Shadow Agent, Shadow Port go to another cloud

Neutron Server
Tricircle Central
Neutron Plugin

Tricircle XJOB

OpenStack(Region Three)

8. Call real core plugin

Nova Cinder Neutron Server for shadow port up. If Neutron Server Cinder Nova
Tricircle Local L2-population is Tricircle Local
Neutron Plugin configured, L2pop Neutron Plugin
Real Core Plugin Real Core Plugin
OpenStack(Region One)
happened. OpenStack(Region Two)

SDN Controller can be supported if it’s configured to the real core plugin
L3 networking -
Shadow Port, Shadow Agent, ARP Proxy
Gateway Port2
Gateway Port1

Bridge Network

R R

Shadow Port2

Shadow Port1

Bridge Network: a network used to connect routers in different cloud.

VxLAN, VLAN, Flat supported
Security and Isolation between clouds

Tenant 1 Site to site VPN or dedicated line for security

R R

Tenant level isolated

L2/L3 networking

Tenant
 ● neutron net-create --availability-zone-hint RegionOne Net1
Tricricle: networking elements
● neutron net-create --availability-zone-hint RegionTwo Net2
Local network

A network will only reside ● neutron router-create --availability-zone-hint RegionOne R1

in one OpenStack
Neutron Server
cloud.
● neutron router-create --availability-zone-hint
Tricircle Central
RegionTwo R2
Network type could be Neutron Plugin
VLAN, VxLAN, Flat

Local router
Net1 Net2
A router will only reside in
one OpenStack cloud
R1 R2

Region One Region Two

 Tricricle: networking elements
● neutron net-create --availability-zone-hint RegionOne --
availability-zone-hint RegionTwo Net3
Cross Neutron L2 network

A network can be presented in more● neutron router-create --availability-zone-hint RegionOne --

than one OpenStack cloud. availability-zone-hint RegionTwo Neutron
R3 Server
Tricircle Central
Network type could be VLAN, Neutron Plugin
VxLAN, Flat

Non local router

Net3
A router can be presented in more
than one OpenStack cloud
Bridge-Net
Inter-connected via bridge network, R3 R3
could be VLAN, VxLAN or Flat.
R3
Region One Region Two
 Tricricle: typical networking topology
+-----------------+ +-----------------+
| RegionOne | | RegionTwo |
+-----------------+ +-----------------+ | ext_net1 | | ext_net2 |
|RegionOne | |RegionTwo | | +-----+-----+ | | +-----+-----+ |
| | | | | | | | | |
| phy_net1 | | phy_net2 | | +--+--+ | | +--+--+ |
| +--+---------+ | | +--+---------+ | | | R1 | | | | R2 | |
| | | | | | | +--+--+ | | +--+--+ |
| | | | | | | | | | | |
| +--+--------+ | | +--+--------+ | | +---+-+-+ | | +---+-+-+ |
| | | | | | | | | net1 | | | net2 | |
| | Instance1 | | | | Instance2 | | | +--------+--+ | | +--------+--+ |
| +------+----+ | | +------+----+ | | | Instance1 | | | | Instance2 | |
| | | | | | | +-----------+ | | +-----------+ |
| | net1 | | | | | | net3 | |
| +------+--------------------+---+ | | +------+---------------------+----+ |
| | | | | | L2|network |
Cross Neutron L2 network Cross Neutron
+-----------------+ +-----------------+ +-----------------+ +-----------------+
Direct Provider Networks Multiple North-South Gateways
Instances plugged into cross Neutron L2 network Instances plugged into cross Neutron L2 network
Tricricle: typical networking topology

Non local router

Non local router

Multi- North-South Gateways with East-

West L3 networking enabled Centralized North-South Traffic with East-
West L3 networking enabled
Tricircle - downtime risk?

If Tricircle and the central Neutron server are

down, the existing networking and applications
can still work, each OpenStack Neutron still run,
only new network topology provisioning and
topology change will be affected.
Learn, use and contribute

Document: https://docs.openstack.org/developer/tricircle/

Code navigate: https://wiki.openstack.org/wiki/TricircleHowToReadCode

Wiki: https://wiki.openstack.org/wiki/Tricircle

Code base: https://github.com/openstack/tricircle/

Thank You