OpenStack Quantum Network Service
-
date post
21-Oct-2014 -
Category
Technology
-
view
6.250 -
download
0
description
Transcript of OpenStack Quantum Network Service
![Page 1: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/1.jpg)
Quantum:What it is and Where it’s
going
Lew TuckerVP/CTO Cloud Computing
Cisco Systems, Inc.@lewtucker
![Page 2: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/2.jpg)
• OpenStack: open source software for building highly scalable public and private clouds
• Designed as a set of services forming the basis of a cloud platform
• Evolving through community process in which all members may contribute
• Quantum is a community project to build a “Network Service” for advanced networking capabilities
+ Quantum
![Page 3: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/3.jpg)
Open Source Is Where “Standard” Cloud Infrastructure Will Be Defined
Open standards [require] multiple providers, access to code and data, and interoperability of services.
The obvious solution is an open source reference model as the standard.
Potential examples of such would be the OpenStack effort.
-Simon Wardley, CSCFrom “A Question of Standards”
http://blog.gardeviance.org/2011/04/question-of-standards.html
![Page 4: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/4.jpg)
Cloud Computing ParadoxCurrent Cloud Computing model is great for application development, self-service, and automation, but is missing the potential programmability of the infrastructure
• Applications and infrastructure could interact with each other to provide the best performance, experience and reliability
• What is missing is the right mechanism to expose networking infrastructure capabilities without bringing all the complexity into the application layer
But I can help (sigh)
I’m a Cloud. I don’t need
you!
![Page 5: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/5.jpg)
Network Technologies in the Data Center and Internet
Internet
Partners
CRS-176006500
Nexus 7000Nexus 7000(w/ Cat 6500as Services
Chassis)
Nexus 5000w/ Nexus 2000Fabric Extender
UCS, MCS 7800 (or Generic
Rack or Blade Servers)
Nexus 1000v MDS 9000 +Consolidated
Storage Arrays (EMC, etc.)
ApplicationSoftware
VirtualMachine VSwitch Access Aggregation Core Peering IP NGN
Backbone
VMWareXen
Hyper-V
CRS-1ASR 9000ASR 1000
7600
Storage and SAN Compute
Applications
IP NGN
Application Control (SLB+)
Service Control
Global Site Selection
Intrusion Detection
Firewall Services
Virtual Device Contexts
Fibre Channel Forwarding
Fabric Extension
Fabric-Hosted Storage
Virtualization
Virtual Contexts for FW and SLB
Port Profiles and VN-Link
Port Profiles and VN-Link
Line-Rate NetFlow
Virtual Device Contexts
Secure Domain Routing
Service Profiles
Virtual Machine Optimization
10G Ethernet10G FCoE4G FC1G EthernetVM to vSwitchvSwitch to HWApp to HW / VM
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
Storage Media Encryption
Let’s abstract all this
![Page 6: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/6.jpg)
OpenStack Design Summit April 2011 Compute service (EC2): virtual machines
- Specify vCPU, Memory, Disk- Launch instance (image, mem_size, disk)- Suspend, clone, migrate
Storage service (S3, EBS): virtual disks- Specify storage amount, access rights- Store object- Create/attach block
• What to do about networks?
App Svr
OS
VM
??Networking
![Page 7: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/7.jpg)
OpenStack Today: Nova Compute – Swift Storage
Nova ComputeService
Virtual Machines
SwiftStorageService
Object Store
Basic Network Connectivity
Nova and Swift API
Servers Disks
Networking is embedded inside of Nova compute, and un-accessible to application developers
Details and differences associated with network provisioning complicates a simple compute service
Difficult to track changes in networking as Software-defined Networking (SDN) comes into play
![Page 8: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/8.jpg)
With Quantum - Networking becomes a Service
Nova ComputeService
Virtual Machines
SwiftStorageService
Object Store
Basic Network Connectivity
Nova, Swift, and Quantum API
Servers Disks
Nova becomes simpler, easier to maintain and extend
Developers have ability to create multiple networks for their own purposes (multi-tier apps)
May support provisioning of both virtual and physical networks – differences captured through plugin’s
QuantumService
Virtual Networks
Networks
![Page 9: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/9.jpg)
Virtualization in a multi-tenant environment
Servers are virtualized through partitioning
Storage through aggregation
Networks through slicing/tunnels/tagging…
Networks are a shared resource carrying traffic for all tenants across shared links
Network overlays and virtualization create private networks through tagging, routing, encapsulation (tunneling), and separation of control (openflow, etc.)- VLANS, NVGRE, VXLAN, STT, LISP
Quantum is designed to support private networks
![Page 10: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/10.jpg)
But wait…..
Don’t security groups, and firewalls provide isolation?
![Page 11: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/11.jpg)
Yes
But that’s a topic for another time…..
Rest assured, Nova with Quantum supports both
![Page 12: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/12.jpg)
2011 Design Summit - community-driven merger of proposals
NetworkServicePOCNTT/Midokura
NetworkContainersCisco
NetworkServiceCitrix/Rackspace/Nicira
NaaS Core DesignIntel
… and others
Quantum
![Page 13: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/13.jpg)
Abstractions and APIs Compute service (EC2): virtual machines
- Launch instance (image, mem_size, disk)- Suspend, clone, migrate
Storage service (S3, EBS): virtual storage- Store object- Create/attach block
Network service (Quantum): virtual networks- Create/delete private network- Create “ports” and attach VM’s- Assign IP address blocks (DHCP)
App SvrOS
VM
App SvrOS
VM
App Svr
OS
VM
![Page 14: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/14.jpg)
With a simple RESTful API
POST /v1.1/tenants/abc/networks.json
Request: { “network”:
{“name”:”my_db_network”
} }
Response: { “network”:
{“id”: “98bd8391-199f-4440-824d-8659e4906786”
} }
![Page 15: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/15.jpg)
Quantum in Horizon GUI
My Private Network
![Page 16: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/16.jpg)
What you can do with Quantum service Create multiple, virtual, isolated networks per tenant (FE-Net,
DB-Net)
Multiple network interfaces per VM (in-line services)
Create ports on networks (QoS, profiles) and attach VM’s
Have control over your own “private” IP addresses
Access through a user-friendly CLI and GUI (Horizon)
Invoke additional capabilities through extensions
Support different underlying networking implementations (VLANS, L2/L3 tunnels, etc.)
![Page 17: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/17.jpg)
Quantum is built using a plug-in architecture to support different networking technologies
Quantum API
Quantum Service• Network abstraction definition and management• Does NOT do any actual implementation of abstraction
Quantum Plug-in API
API Extensions:For controlled innovation
and experimentation
Vendor/User Plug-In• Maps abstraction to implementation on physical network• Can provide additional features through API extensions
![Page 18: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/18.jpg)
Quantum API interactions
Compute Service(Nova)
Network Service (Quantum)
Tenant API
Internal API Admin API SystemAdmin
Plug-In
User Application – CLI - Horizon Dashboard - Tools
Tenant API
Compute NodeHypervisor vSwitch
PhysicalNetwork Router/Switch
Clustered Network Controller
![Page 19: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/19.jpg)
Plug-in’s available today Open vSwitch
Linux bridge
Nicira NVP
Cisco (Nexus switches and UCS VM-FEX)- WIP: VXLAN
NTT Labs Ryu OpenFlow controller
NEC OpenFlow
Big Switch Floodlight
![Page 20: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/20.jpg)
What application developers want
Keep it simple - hide complexity while exposing capabilities
Provision their own, abstracted networking resources and topologies
Potential to create their own networking services
Isolation and non-interference
Ability to experiment while leveraging all that is provided by lower-level protocols
![Page 21: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/21.jpg)
Application Architecture on a Whiteboard
![Page 22: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/22.jpg)
Architecture grows as you scale-out, some components move to be closer to the internet, others move to the back-end
![Page 23: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/23.jpg)
Different tenants and applications have different needs
App
OS
VM
DataBase
OS
VM
App
OS
VM
Web Svr
OS
VM
Web Svr
OS
VM
Web Svr
OS
VM
App Svr
OS
VM
App Svr
OS
VM
MemCach
OS
VM
MemCach
OS
VM
DataBase
OS
VM
DataBase
OS
VM
Tenant “A” Tenant “B”
DataBase
OS
VM
App
OS
VM
Tenant “C”
Internet Access, Management Network and Multi-tenant ServicesInternet
GatewayVPN
ServiceService Provider Network
10.0.1.0/24
198.133.219.10
10.0.1.0/24
![Page 24: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/24.jpg)
Quantum today and in the near future Quantum 1.0 is available today for Essex as an incubation project
- Supports isolated L2 networks- Multiple plug-in’s available
Folsom release – moving into Core- Quantum V2 API (in development)
- Support tenant-created subnets
- Integrated with Horizon (dashboard) and Keystone (identity/token/policy)
- Includes “Melange” IPAM for IP address management
- Includes DHCP/Dnsmasq functionality
![Page 25: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/25.jpg)
Quantum V2:Introduces Subnets, IP addr mgmt, Gateways, DNS
POST /v2.0/subnets
Request:{ "network_id": "98bd8391-…", "cidr": "10.0.0.0/24",}
Response{ "id": "e76a23fe-…", "network_id": "98bd8391-..", "cidr": "10.0.0.0/24", "gateway_ip": "10.0.0.1", "dns_nameservers": ["8.8.8.8"], "reserved_ranges": [ { "start" : "10.0.0.1", "end": "10.0.0.1"}, { "start": "10.0.0.255", "end" : "10.0.0.255"}], "additional_host_routes": [],}
![Page 26: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/26.jpg)
Create and attach ports to VM interfaces
3
![Page 27: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/27.jpg)
Where we will take Quantum in the future?Purposely started simple with basic abstraction, but with many blueprints expect to see rapid innovation, while maintaining backward compatibility
More plug-in’s for other networking paradigms
Extensions for QoS, port profiles, etc.
Used in the development of new network services
Applied to create virtual data centers spanning multiple sites
New uses in network service provider networks, mobile networks, sensor networks, HPC networks
![Page 28: OpenStack Quantum Network Service](https://reader033.fdocuments.us/reader033/viewer/2022061106/5446ae92b1af9fe33a8b466a/html5/thumbnails/28.jpg)
For more information…
Quantum API- http://docs.openstack.org/api/openstack-network/1.0/content/
Quantum Admin Guide (Essex): - http://docs.openstack.org/trunk/openstack-network/admin/content/
Code on Github:- https://github.com/openstack/quantum
Quantum V2:- http://wiki.openstack.org/QuantumV2APIIntro
QuantumNetwork Service
Lew Tucker, Cisco Systems@lewtucker