Quantum Ovirt Discussion
-
Upload
kollathodi -
Category
Documents
-
view
228 -
download
0
Transcript of Quantum Ovirt Discussion
-
8/3/2019 Quantum Ovirt Discussion
1/44
Openstack Quantum:Virtual Networks for OpenStack
Dan Wendlandt [email protected]
-
8/3/2019 Quantum Ovirt Discussion
2/44
OutlineWhat is Quantum?Why do we want Quantum?Architecture Basics
Current project statusRoadmap?
-
8/3/2019 Quantum Ovirt Discussion
3/44
What is Quantum?A standalone Openstack serviceProvides network connectivity between a set of network interfacesfrom other service (e.g., vNICs from compute service, interfaces on a
load-balancer service).Exposes API of logical abstractions for describing networkconnectivity + policy between interfaces.Uses a plug-in architecture, so multiple technologies can implementthe logical abstractions.Provides a building block for sophisticated cloud networktopologies.
-
8/3/2019 Quantum Ovirt Discussion
4/44
What is Quantum: Overview
Nova : virtual serverQuantum : virtualnetwork
Both:
- Expose a logical API for automated provisioning bycloud tenants.
- Manage physical devices in the data center toimplement the logical model.
- Provide a plugin architecture to leverage supportusing different back-end technologies.
-
8/3/2019 Quantum Ovirt Discussion
5/44
Why Quantum?
1) Rich Topologies: Cloud tenants deploying enterprise workloadsoften require flexibility to define sophisticated network topologies
2) Cloud operators want to leverage Advanced Technology in theirnetwork infrastructure (i.e., more than L2 bridging + VLANs).
3) Integrate Advanced Services (LBaaS, FWaaS, etc.)
-
8/3/2019 Quantum Ovirt Discussion
6/44
Why Quantum?: Rich Topologies
Existing Nova-only Network Provisioning Model:Cloud operator statically determines a type of connectivity (flat,private) that will be statically applied to all VMs.
Tenant VMs get connectivity based on static model.
-
8/3/2019 Quantum Ovirt Discussion
7/44
Why Quantum?: Rich TopologiesNew Nova + Quantum Network Provisioning Model:
Tenant can dynamically create networks via API:
create-network dmz-net, web-net, db-net
When creating VMs, tenant can specify the # vNICs and thenetworks they connect to:
create-server image=fw-img nics=dmz-net,web-net
create-server image=web-img nics=web-net,db-net
create-server image=db-img nics=db-net
Try it yourself:http://wiki.openstack.org/QuantumOVSDemo
-
8/3/2019 Quantum Ovirt Discussion
8/44
Advanced Tech: QoS to meet SLAsCloud operators may want to be able to guarantee the a tenant VM orportion of the physical NIC capacity, just like they provide a portion ofCPU + Memory.
Such properties can be exposed as additional port attributes usingQuantum API extensions.
Cisco Quantum plugin enables leveraging properties of UCS hardwareto provide QoS guarantees.
-
8/3/2019 Quantum Ovirt Discussion
9/44
Advanced Tech: Avoid VLAN LimitsMany limitations when using VLANs for network isolation:
Limited # of VLANs supported, limited to single physical subnet,requires configuring physical switches, etc.
Open vSwitch Quantum plugin can support L2-in-L3 tunnelednetworks without needing to use VLANs.
At summit, Cisco, Red Hat, Citrix & Nicira discussed plans to addsupport for VXLAN tunneling proposal.
-
8/3/2019 Quantum Ovirt Discussion
10/44
Insert Additional ServicesOther services want to be on the same networks, share the sameaddress spaces with compute nodes.
FWaaS
LBaaS
VPNaaS
-
8/3/2019 Quantum Ovirt Discussion
11/44
What is Quantum: ScopeCurrent focus is on defining Layer-2 Ethernet topologies.
Already (partially) integrated with Nova.
Higher level network services can be added:as new APIs within Quantum (e.g., Layer-3 routing)
as stand-alone services (e.g., Atlas Load-balancing service)
-
8/3/2019 Quantum Ovirt Discussion
12/44
Virtual Network Abstractions (1)
Services (e.g., nova, atlas) expose interface-IDs via their own tenant APIs to representany device from that service that can be plugged into a virtual network.
Example: nova.foo.com//server//eth0
Tenants use Quantum API to create networks, get back UUID:Example: quantum.foo.com//network/
Tenants can create ports on a network, get a UUID, and associate config with those ports(APIs for advanced port config are TBD, initially ports give L2 connectivity):
Example: quantum.foo.com//network//port/
Tenants can plug an interface into a port by setting the attachment of a port to be theappropriate interface-id.
Example: set quantum.foo.com//network//port//attach to value nova.foo.com//server//eth0 .
-
8/3/2019 Quantum Ovirt Discussion
13/44
What is Quantum: Example Scenario:
Physical Server #1
Nova i-2610.0.0.26
DataCenter
Network
PrivateNet #1
PrivateNet #2
ovideView
Tena
nt
View
Nova i-2310.0.0.23
Nova i-2610.0.0.26
Nova i-22
10.0.0.22
Nova i-2410.0.0.24
Nova i-2410.0.0.24
Physical Server #2
Nova i-2610.0.0.26
Nova i-2410.0.0.24
-
8/3/2019 Quantum Ovirt Discussion
14/44
What is Quantum: Example ArchitectureDashboard /Automation
Tools
Nova Service
XenServer #1
QuantumPlugin
nova-api
Hypervisor
vswitch
nova-scheduler
nova-compute
TenantAPI TenantAPI
Internal PluginCommunication
Internal novaCommunicatio
n
Quantum APIQuantumService
Two PluginsAvailable:- Open vSwitch- CiscoUCS/Nexus
-
8/3/2019 Quantum Ovirt Discussion
15/44
-
8/3/2019 Quantum Ovirt Discussion
16/44
What is Quantum: Screenshot
-
8/3/2019 Quantum Ovirt Discussion
17/44
What is Quantum: Screenshot
-
8/3/2019 Quantum Ovirt Discussion
18/44
Click to edit Master text stylesSecond level
Third levelFourth level
Fifth level
-
8/3/2019 Quantum Ovirt Discussion
19/44
Project Status: Diablo ReleaseStarted at Diablo summit6 months of dev resulted in Diablo release:
v1.0 of the Quantum L2 API
API extensibility framework
API client library and CLI
Nova Integration via the QuantumManager
OpenStack Dashboard Integration
Plugin framework & two publicly available plugins:
Open vSwitch Plugin
Cisco UCS/Nexus Plugin
Available at: http://launchpad.net/quantumDocs at: http://docs.openstack.org/incubation/
-
8/3/2019 Quantum Ovirt Discussion
20/44
Project Status: Who should use Quantum?
Early adopters are already putting Quantum into their OpenStacktrial deployments.Caution: deployments are by people who understand the limitations
of Quantum and are looking to improve the platform byrunning/testing it.Some aspects of the traditional Nova networking model are not yetintegrated with Quantum (e.g., floating IPs, DHCP)This will improve significantly over the Essex time frame, watch forupdates on the OpenStack list + IRC meetings.
-
8/3/2019 Quantum Ovirt Discussion
21/44
Quantum Essex RoadmapTop Priority: production quality + usability:
Automated functional, integration & scale testing
Parity/integration with all existing Nova network capabilities.
Dashboard + client enhancements for ease of use.
API auth with Keystone (mostly done)
Packaging & distribution
Essex is target for production quality.Some will deploy pre-production using Essex milestones.Strategic Directions:
Implementing L3 service for virtual routersAdvanced RBAC for API
VXLAN/NVGRE, and much, much more
-
8/3/2019 Quantum Ovirt Discussion
22/44
Questions / Comments?
Thanks!
Come join us:
http://wiki.openstack.org/Quantum
-
8/3/2019 Quantum Ovirt Discussion
23/44
Openstack Quantum:Virtual Networks for OpenStack
Dan Wendlandt [email protected]
-
8/3/2019 Quantum Ovirt Discussion
24/44
OutlineWhat is Quantum?
Why do we want Quantum?Architecture BasicsCurrent project statusRoadmap?
-
8/3/2019 Quantum Ovirt Discussion
25/44
What is Quantum?A standalone Openstack service
Provides network connectivity between a set of network interfacesfrom other service (e.g., vNICs from compute service, interfaces on aload-balancer service).Exposes API of logical abstractions for describing networkconnectivity + policy between interfaces.Uses a plug-in architecture, so multiple technologies can implementthe logical abstractions.Provides a building block for sophisticated cloud networktopologies.
-
8/3/2019 Quantum Ovirt Discussion
26/44
-
8/3/2019 Quantum Ovirt Discussion
27/44
Why Quantum?
1) Rich Topologies: Cloud tenants deploying enterprise workloadsoften require flexibility to define sophisticated network topologies
2) Cloud operators want to leverage Advanced Technology in theirnetwork infrastructure (i.e., more than L2 bridging + VLANs).
3) Integrate Advanced Services (LBaaS, FWaaS, etc.)
-
8/3/2019 Quantum Ovirt Discussion
28/44
Why Quantum?: Rich Topologies
Existing Nova-only Network Provisioning Model:Cloud operator statically determines a type of connectivity (flat,private) that will be statically applied to all VMs.
Tenant VMs get connectivity based on static model.
-
8/3/2019 Quantum Ovirt Discussion
29/44
Why Quantum?: Rich TopologiesNew Nova + Quantum Network Provisioning Model:
Tenant can dynamically create networks via API:
create-network dmz-net, web-net, db-net
When creating VMs, tenant can specify the # vNICs and thenetworks they connect to:
create-server image=fw-img nics=dmz-net,web-net
create-server image=web-img nics=web-net,db-net
create-server image=db-img nics=db-net
Try it yourself:http://wiki.openstack.org/QuantumOVSDemo
-
8/3/2019 Quantum Ovirt Discussion
30/44
Advanced Tech: QoS to meet SLAsCloud operators may want to be able to guarantee the a tenant VM or
portion of the physical NIC capacity, just like they provide a portion ofCPU + Memory.
Such properties can be exposed as additional port attributes usingQuantum API extensions.
Cisco Quantum plugin enables leveraging properties of UCS hardwareto provide QoS guarantees.
-
8/3/2019 Quantum Ovirt Discussion
31/44
Advanced Tech: Avoid VLAN LimitsMany limitations when using VLANs for network isolation:
Limited # of VLANs supported, limited to single physical subnet,requires configuring physical switches, etc.
Open vSwitch Quantum plugin can support L2-in-L3 tunnelednetworks without needing to use VLANs.
At summit, Cisco, Red Hat, Citrix & Nicira discussed plans to addsupport for VXLAN tunneling proposal.
-
8/3/2019 Quantum Ovirt Discussion
32/44
Insert Additional ServicesOther services want to be on the same networks, share the same
address spaces with compute nodes.FWaaS
LBaaS
VPNaaS
-
8/3/2019 Quantum Ovirt Discussion
33/44
What is Quantum: ScopeCurrent focus is on defining Layer-2 Ethernet topologies.
Already (partially) integrated with Nova.
Higher level network services can be added:as new APIs within Quantum (e.g., Layer-3 routing)
as stand-alone services (e.g., Atlas Load-balancing service)
-
8/3/2019 Quantum Ovirt Discussion
34/44
Virtual Network Abstractions (1)
Services (e.g., nova, atlas) expose interface-IDs via their own tenant APIs to representany device from that service that can be plugged into a virtual network.
Example: nova.foo.com//server//eth0
Tenants use Quantum API to create networks, get back UUID:Example: quantum.foo.com//network/
Tenants can create ports on a network, get a UUID, and associate config with thoseports (APIs for advanced port config are TBD, initially ports give L2 connectivity):
Example: quantum.foo.com//network//port/
Tenants can plug an interface into a port by setting the attachment of a port to bethe appropriate interface-id.Example: set quantum.foo.com//network//port//attach to value nova.foo.com//server//eth0 .
-
8/3/2019 Quantum Ovirt Discussion
35/44
What is Quantum: Example Scenario:
Physical Server #1
Nova i-26
10.0.0.26
DataCenter
Network
PrivateNet #1
PrivateNet #2
Provider View
Tena
nt
View
Nova i-2310.0.0.23
Nova i-2610.0.0.26
Nova i-22
10.0.0.22
Nova i-24
10.0.0.24
Nova i-2410.0.0.24
Physical Server #2
Nova i-2610.0.0.26
Nova i-2410.0.0.24
-
8/3/2019 Quantum Ovirt Discussion
36/44
-
8/3/2019 Quantum Ovirt Discussion
37/44
-
8/3/2019 Quantum Ovirt Discussion
38/44
What is Quantum: Screenshot
-
8/3/2019 Quantum Ovirt Discussion
39/44
What is Quantum: Screenshot
-
8/3/2019 Quantum Ovirt Discussion
40/44
Click to edit Master text stylesSecond level
Third level
Fourth levelFifth level
-
8/3/2019 Quantum Ovirt Discussion
41/44
Project Status: Diablo ReleaseStarted at Diablo summit
6 months of dev resulted in Diablo release:v1.0 of the Quantum L2 API
API extensibility framework
API client library and CLI
Nova Integration via the QuantumManager
OpenStack Dashboard Integration
Plugin framework & two publicly available plugins:
Open vSwitch Plugin
Cisco UCS/Nexus Plugin
Available at: http://launchpad.net/quantumDocs at: http://docs.openstack.org/incubation/
-
8/3/2019 Quantum Ovirt Discussion
42/44
Project Status: Who should useQuantum?
Early adopters are already putting Quantum into their OpenStack
trial deployments.Caution: deployments are by people who understand the limitationsof Quantum and are looking to improve the platform byrunning/testing it.Some aspects of the traditional Nova networking model are not yetintegrated with Quantum (e.g., floating IPs, DHCP)
This will improve significantly over the Essex time frame, watch forupdates on the OpenStack list + IRC meetings.
-
8/3/2019 Quantum Ovirt Discussion
43/44
Quantum Essex RoadmapTop Priority: production quality + usability:
Automated functional, integration & scale testingParity/integration with all existing Nova network capabilities.
Dashboard + client enhancements for ease of use.
API auth with Keystone (mostly done)
Packaging & distribution
Essex is target for production quality.Some will deploy pre-production using Essex milestones.Strategic Directions:
Implementing L3 service for virtual routers
Advanced RBAC for API
VXLAN/NVGRE, and much, much more
-
8/3/2019 Quantum Ovirt Discussion
44/44
Questions / Comments?
Thanks!
Come join us:
http://wiki.openstack.org/Quantum