Post on 12-May-2015
description
A 5 minutes intro to Openstack(and a few more minutes on Openstack Networking)
Salvatore Orlando3rd OSUG Italy Meetup
Rome, May 9th 2013
EcosystemReleated/Unofficial Projects
Incubating Projects
Openstack is the code
For more info: https://wiki.openstack.org/wiki/Projects
Integrated Projects
Openstack is even more code!
Client librariesDocumentation
(api, admin, …)
InfrastructureGating(tempest,
devstack, …)
Openstack is the community
• May 8th 2013: 9,342 people from 87 countries• Interact via:– Mailing lists: general, development, documentation,
operators …– Ask Openstack (ask.openstack.org)– Launchpad
• Home to all openstack integrated projects
– IRC (#openstack-101, #openstack, #openstack-dev, …)– Local User Groups (like today!)– Summit & Conference (twice a year)
See Openstack evolving, everyday
• http://status.openstack.org– Release status– Active Reviews
• https://github.com/openstack– Grab the code
(Virtual) Networking in Openstack• Nova-network
– L2/L3 networking with IP address management– Security Groups– Floating Ips and external gateway (SNAT)– Network redundancy with ‘multi-host’– 3 Network Managers:
• Flat, FlatDHCP: L3 isolation via security groups• VLAN Manager: L2 isolation
• The project formerly known as Quantum*– L2 networking with choice of segmentation/virtualization techniques– Shared L2 networks– “Provider mappings” for L2 networks– IPAM with overlapping IPs and built-in, scalable DHCP– Security Groups– L3 east-west traffic (inter-subnet routing)– Static route configuration– Floating Ips and external gateway (SNAT)– Load Balancing– Nova metadata integration– Wide choice of pluggable backends
Openstack Network quick intro
Quantum is an Openstack project to provide “networking as a service” between interface
devices (e.g., vNICs) managed by other Openstack services (e.g., nova)
• Manages network virtualization – just like compute (nova) manages server virtualisation
• Advocates multi-tenancy• Technology-agnostic
Openstack Network:basic architecture
• Simple technology agnostic API• Plugin translates API request
into concrete, technologyspecific implementation
• API guarantees isolation ofresources from management perspective
• Plugin ensures isolation at data plane
API Server
Plugin
Authentication
API Requests
Plugin classification
• Built-in– Solution (management, control, and data plane)
entirely contained in the Quantum source tree• 3rd party– Plugin proxies request to an external “controller”– Can use one or more built-in components (e.g.:
DHCP Agent, L3 agent)– 3rd party plugins can either be Open Source or
Commercial
Quick plugin referenceBuilt-in Hyper-V
Linux Bridge
Open vSwitch
3rd party - Opensource Big Switch
NEC
Ryu
3rd Party - Commercial Big Switch (?)
Brocade
Cisco
Midonet
Nicira NVP
Plumgrid
Openstack Network ArchitectureOpen vSwitch plugin
Quantum Server
OVS Plugin
DHCP Agent
L3 Agent
Metadata Agent
L2 Agent
L2 Agent L2 Agent L2 Agent
AMPQ
Load Balancing AgentAPI Node
Network Services Node
Compute Node Compute Node Compute Node
Logical View
Net-A1 Net-A2 Net-B1
Rtr-A Rtr-B
External Network
Tenant “A” Tenant “B”
DHCP DHCP DHCPA11
A12
A21
B11
B12
InternalGateway
InternalGateway
InternalGateway
ExternalGateway
ExternalGateway
Physical realizationOVS Plugin – GRE Overlays
Compute Node C2 Compute Node C3
Network NodeCompute Node C1
Br-tun
Br-int
Br-t
un
Br-in
t
Br-t
un
Br-in
tBr-tun
Br-int
A12
B11
B12
A21
A11
Local VLAN tags converted into GRE keys
(and vice versa)
DHCP
L3
Br-e
x
Network node - DetailsBr
-tun
Br-in
t
DH
CPL3 Br
-ex
NS-Net-A1
NS-Net-A2
NS-Net-B1 Dnsmasq10.0.0.0/24
Dnsmasq10.0.0.0/24
Dnsmasq10.0.1.0/24
NS-Rtr-B
NS-Rtr-A
IptablesSNAT/DNAT
IptablesSNAT/DNAT
L3Fwd
L3Fwd