openstack basic with neutron
DESCRIPTION
TRANSCRIPT
2014.07.12 - KwonSun Bae
OpenStack - NetworkingWe are Networker ~
Agenda• OpenStack Overview
Architecture Services Example Architecture
• Basic Services Controller Compute Network
• Process Flows
• Networking –Neutron Neutron Modular Layer 2 (ML2) Plug-
in ML2 Overview ML2 Drivers
OpenvSwitch Plug-in OVS Linux Bridge OVS Internals OVS Traffic Flows OVS Configure
• QnA
OpenStack Over-view• Cloud Software
ArchitectureDocs - http://docs.openstack.org/icehouse/install-guide/install/apt/content/ch_overview.html#architecture_conceptual-architecture
Services• Basic Services
• Dashboard – Horizon• Compute – Nova• Networking – Neutron• Identity – Keystone• Image - Glance
• Optional Services• Storage
• Swift (Object)• Cinder (Block)
• Database – Trove• Orchestration – Heat• Telemetry – Ceilometer
• Supporting Services• Database – MySQL• Message Broker - RabbitMQ
Services• Basic Services
• Dashboard – Horizon• Compute – Nova• Networking – Neutron• Identity – Keystone• Image - Glance
• Optional Services• Storage
• Swift (Object)• Cinder (Block)
• Database – Trove• Orchestration – Heat• Telemetry – Ceilometer
• Supporting Services• Database – MySQL• Message Broker - RabbitMQ
Example Archi-tectureThree Nodes Architecture with Neu-tron.
Example Archi-tectureThree Nodes Architecture with Neutron.• Management network. Used for internal
communication between OpenStack Components.
• Internal network. Used for VM data communication within the cloud de-ployment.
• External network. Used to provide VMs with Internet access.
• Controller Node: Controller node con-tains all OpenStack API services.
• Network Node: Network node contains DHCP server and virtual routing.
• Compute Node: Network node contains compute service and neutron plugin
Basic Services• Openstack operation 을 위한 필수 Services
Supporting Services• Database
• MySQL• 각 Service 들의 구성정보 저장
• Message Broker• RabbitMQ• 각 Service 간의
Message 전달 , 처리• http://
docs.openstack.org/training-guides/content/module001-ch008-queues-messaging.html
KeystoneFor Identity Service.
GlanceFor Image Provision, Store 등
NovaVirtual Machine Management
NovaThe core components of Nova include the fol-lowing:• The nova-api accepts and responds to
end-user compute API calls. It also initi-ates most of the orchestration activities (such as running an instance) as well as enforcing some policies.
• The nova-compute process is primarily a worker daemon that creates and termi-nates virtual machine instances via hy-pervisor APIs (XenAPI for XenServer/XCP, libvirt for KVM or QEMU, VMwareAPI for vSphere, etc.).
• The nova-scheduler process is conceptu-ally the simplest piece of code in Open-Stack Nova: it take a virtual machine in-stance request from the queue and de-termines where it should run (specifically, which compute node it should run on).
Neutron• plugin agent (quantum-*-
agent):Runs on each hypervisor to perform local vswitch configuration. Agent to be run depends on which plugin you are using, as some plug-ins do not require an agent.
• dhcp agent (quantum-dhcp-agent):Provides DHCP services to tenant networks. This agent is the same across all plugins.
• l3 agent (quantum-l3-agent):Provides L3/NAT forwarding to provide external network access for VMs on tenant networks. This agent is the same across all plug-ins.
NeutronUse Case: Per-tenant Routers with Private Networks
A more advanced router scenario in which each tenant gets at least one router, and potentially has access to the OpenStack Networking API to create additional routers. The tenant can create their own networks, potentially uplinking those networks to a router. This model enables tenant-defined multi-tier applications, with each tier being a separate network behind the router. Since there are multiple routers, tenant subnets can be overlapping without con-flicting, since access to external networks all happens via SNAT or Floating IPs. Each router uplink and floating IP is allocated from the external network subnet.
Process Flows
AMQPAMQP is the messaging technology chosen by the OpenStack cloud. The AMQP broker, either Rab-bitMQ or Qpid, sits between any two Nova compo-nents and allows them to communicate in a loosely coupled fashion. More precisely, Nova components (the compute fabric of OpenStack) use Remote Procedure Calls (RPC hereinafter) to communicate to one another; however such a par-adigm is built atop the publish/subscribe paradigm so that the following benefits can be achieved:• Decoupling between client and servant (such
as the client does not need to know where the servant reference is).
• Full a-synchronism between client and servant (such as the client does not need the servant to run at the same time of the remote call).
• Random balancing of remote calls (such as if more servants are up and running, one-way calls are transparently dispatched to the first available servant).
Networking- Neutron
NeutronModularLayer 2 Plug-in (ML2)http://docs.openstack.org/trunk/config-reference/content/networking-options-plugins-ml2.html
DRAFT - Document for Juno
Original Goal• The Modular Layer 2 (ML2)
Plugin is a framework allowing OpenStack Networking to simul-taneously utilize the variety of layer 2 networking technologies found in complex real-world datacenters.
ML2 “Drivers”ML2 exposes two different types of driv-ers: “Type” and “Mechanism”
ML2 Type Drivers:• Maintain type-specific state
Provide tenant network allocationValidate provider networksCurrent TypeDrivers:
local, flat, VLAN, GRE, and VXLAN
ML2 Mechanism Drivers:• Responsible for taking information
supplied by TypeDrivers and ensuring it is properly applied given the specific networking mechanisms which have been enabledCurrent MechanismDrivers:
Arista, Cisco Nexus, Hyper-V, L2 Popula-tion, LinuxBridge, Open vSwitch, Tail-F NCS
Agenda• OpenStack Overview
Architecture Services Example Architecture
• Basic Services Controller Compute Network
• Process Flows
• Networking –Neutron Neutron Modular Layer 2 (ML2) Plug-
in ML2 Overview ML2 Drivers
OpenvSwitch Plug-in OVS Linux Bridge OVS Internals OVS Traffic Flows OVS Configure
• QnA
OpenvSwitchLinux Bridgehttp://www.slideshare.net/rajdeep/openvswitch-deep-dive
VM – OVS Connection
OVSInternals각각의 bridge 들은 bridge 별 ovs demon 을 소유
OVSTraffic FlowsCompute Node to Network Node
L3-agent• SNAT• Floating IP Create
DHCP-agent• Subnet based Dynamic IP
Lease• Each Subnet’s Gateway
Neutron- Demo
Lab OverviewOpenStack installed on vSphere
• 1 Hosts
3 Node Install• Controller• Network• Compute
향후 추가계획• 호스트 B 에 Compute node 추가• 다른 Plug-in Test• Nova – vSphere 연동
Bebe's Lab Topology
Lab Access and DemoDemo Scenario
• L3-Agent(Router) Create• Network Create• Network Subnet Create• L3-Agent connect with Inter-
faces• Gateway Network connect
• Instance attach• Floating IP Create• Floating IP Associate
• Ping Test
http://docs.openstack.org/admin-guide-cloud/content/l3_workflow.html
QnA