os networking vs plumgrid v3files.meetup.com/2979972/os_networking_plumgrid_ons.pdf• virtual...

2011-2014 © PLUMgrid - Confidential Information

January 2015

OpenStack Networking & PLUMgrid Open Networking Suite for OpenStack


Infrastructure Transformation

Enable rapid service delivery models

Mobile & Self Service Instant & On-demand Simple & Social

While avoiding rigid infrastructure & lock-in


Rapid OpenStack Adoption

Broad and growing ecosystem

Vendors & Community

•  Web Services •  QA/Test environment •  Databases •  Big Data/Hadoop •  CDN/Video Streaming

•  MetaCloud •  Eucalyptus •  CloudScaling •  Contrail •  SoftLayer

•  High venture capital investment •  High number of start ups •  High private investments by vendors •  High number of enterprise participation

•  17K contributors •  140+ countries •  430+ companies •  US, Japan, Britain

•  700+ deployments •  Retail, Media, Financials, •  Healthcare, Transport, Research •  Service providers

$Billions announced in initiatives New and old applications moving to OpenStack

Applications Use Cases

Large Scale build outs planned

Deployed Customers

Double & Triple Digit Growth YoY

Adoption Growth

OpenStack DNA & Business

Talent & Technology Acquisitions

Investment & Initiatives


At the junction of any Cloud

ISOLATION

CONNECTIVITY

COMPUTE

STORAGE

Network


Choose the Right Architecture from the Start

5

•  Distributed or Centralized •  HW Offload PERFORMANCE

•  Single or Multi-rack •  Multi-cell SCALE

•  CP and DP resiliency •  Interaction with CMS/Compute HA

•  Services portfolio growth •  Competitive edge EXTENSIBILITY


OpenStack Architecture

6"

2011-2014 © PLUMgrid - Confidential Information 7"

Conceptual communication among services

2011-2014 © PLUMgrid - Confidential Information 8"

Internal Communication for services


Common Terminology

9"


Inside a Compute Node

10

Compute Node

Kernel

Eth mgmt

KVM

Tenant VMs

VM VM VM User

Vif


Tenant & External Networks (and their IP spaces)

•  Tenant Network: •  Isolated (not true for flat). Provides private IP space

(potentially overlapping) •  Comprises of networks, subnets and ports. Additionally

routers (and advanced features)

•  Can be tagged or untagged

•  Can be built using overlay networks

•  External Network: •  Used to connect to existing legacy network infrastructure •  Can be shared or dedicated

•  Can be tagged or untagged

11


Physical & Virtual Network Infrastructure

PHYS

ICAL

IN

FRAS

TRU

CTU

RE

VI

EW

VIR

TUAL

IN

FRAS

TRU

CTU

RE

VI

EW

•  QoS, Bandwidth •  Latency •  Multicast •  Capacity •  Connectivity

•  On-Demand •  Multi Tenant •  Automated •  Self Service •  Secure •  Distributed

Overlay Network

TENANT NETWORKS


OpenStack Networking (Neutron)

13"


Why Neutron?

•  Started with the Folsom release

•  Provide Network as a Service

•  Provide Operator & Tenants ability to create and offer rich network topologies and configure advanced policies

•  Offer a technology agnostic layer while enabling vendor extensions

•  Support for advanced services


What is Neutron?

§  Provides REST APIs to manage network connections for the resources managed by other OpenStack Services (e.g. Nova)

§  Technology Agnostic (framework based on “plug-ins”) §  Multi-tenancy: Isolation, Abstraction, full control over virtual

networks §  Modular Design: API specifies service, vendor provides its

implementation. Extensions for vendor-specific features. §  Exposes vendor-specific network virtualization and SDN

technologies

15


What Neutron is NOT

•  Neutron is the actual front-end to the component that does create and implement the rich network functionalities

•  A.k.a. when integrated with an SDN solution it will “pass through” OpenStack Networking API calls to the SDN Controller

•  It can be very THIN or very THICK depending on functionalities available in the underlying solution

16


Neutron Architecture

17

Neutron API

Neutron Service

Neutron Plug-in API

API Extensions

Service API (VPN, FW & LBaaS)

VNI & PNI Virtual & Physical Networking Infrastructure

Plug-In Extensions Plug-In Implementation


Neutron Plugin

•  Written in Python – only one active at a given time

•  Extensions add resources to the REST API (automatically discovered)

•  Plugin can be of two types •  Proxy

•  Direct Control

18


Neutron & Agents

19

Neutron Server Queue

L3-Agent (FW & NAT) L3-Agent

(FW & NAT) L3-Agent

L2 Agent

DHCP Agent DHCP Agent

Adv. Services DB


Architecture Challenges: Neutron & OVS

Neutron

ML2/OVS plugin

VM

Network Nodes

VM VM

VM

VM VM VM

VM VM

VM VM VM

VM VM

VM

VM VM VM

Nova

Glance

Swift

Cinder

L3 Agent

FWaaS Agent LBaaS Agent

Agent

Agent

Agent

Agent

Agent

Agent

DHCP Agent

Services Neutron

Framework

Placement of these components is critical; They are in data path

and become bottlenecks

Advanced Services run on dedicated nodes.

Limited HA.

Creation of new tenants requires careful sizing of components to maintain

performance level

VM traffic flow can be handled in kernel, in local user space or in

network nodes with different performance level


OpenStack Networking & PLUMgrid

22"


Last Mile to Agility: Virtual Networks

23

PHYSICAL INFRASTRUCTURE

VIRTUAL INFRASTRUCTURE

Virtual Compute

Compute Storage

Virtual Storage

CRM VDI ERP IaaS SaaS PaaS

Network

Virtual Networks

Self Service Portal/Catalog

Cloud Management Platform


PLUMgrid Open Networking Suite

24

PHYSICAL NETWORK INFRASTRUCTURE

VIRTUAL DOMAIN Tenant A

PLUMGRID NETWORK LIBRARY

Bridge

Router

LB

Security Policies

Bridge

Security Policies

Bridge

DHCP

FW

VIRTUAL DOMAIN Tenant B

Scalable Architecture Non-Stop Forwarding Service Insertion


PLUMgrid Open Networking Suite

25

ü  No single point of failure ü  Highly resilient & self-healing ü  Terabits of distributed scale out performance

Internet

PLUMgrid IO Visor Edge

PLUMgrid Directors

PLUMgrid IO Visor Gateway

Virtual Domain A Virtual Domain B

Overlay Network


Understanding Virtual Domains

PHYS

ICAL

IN

FRAS

TRU

CTU

RE

VI

EW

VIR

TUAL

IN

FRAS

TRU

CTU

RE

VI

EW

Custom or Template based Virtual Network Domains per Tenant

Tenant 1 Tenant 2 Tenant 3

VM VM VM VM

Internet

VM VM

VM

VM PLUMgrid Zone


Neutron & PLUMgrid

27

Neutron Server Queue

L3-Agent (FW & NAT) L3-Agent

(FW & NAT) L3-Agent

L2 Agent

DHCP Agent DHCP Agent

Adv. Services DB

PLUMgrid Director


Architecture Solution: Neutron & PLUMgrid

Neutron PLUMgrid

Plugin

VM

Virtual Domains Tenant Networks

iO Visor Kernel Module -- Distributed Data Plane

PLUMgrid Director

VM VM

VM

VM VM VM

VM VM

VM VM VM

VM VM

VM

VM VM VM

Nova

Glance

Swift

Cinder

3rd party Virtual Network Functions Control Plane

VM to VM optimized packet flow due to distributed VNFs –

Eliminating bottlenecks

Virtual Domains automatically scale out

as more servers are deployed

All VNF control planes are fully redundant

Director Cluster is deployed in

management rack

Virtual Domain A Virtual Domain B Virtual Domain C


Designed for Mission Critical Networks

30

OpenStack Nova Simple Networks

OpenStack Neutron Multi-tenant Networks Limited HA, Scale

PLUMgrid Neutron Plugin Rich, Mission Critical Networks High Performance, Scale, HA, Functions

•  Simple Topology •  VLAN based isolation •  Limited features

development •  Will be obsoleted

•  Designed to support multi-tenant Network Topologies

•  Modular Plugin Architecture •  Limited High Availability •  Performance Limitations due

to Network Node (NAT) and use of IP tables

•  Limited Scale

•  Designed for mission critical SDN & Distributed Systems from the ground up

•  Virtual Domains + Distributed Virtual Network Functions

•  Built-in HA of all VNFs •  Inherent performance due to all

VNFs being distributed in IO Visor

•  Designed to scale-out across racks (1000 nodes)

•  Extensible (IO Visor + PLUMgrid Platform)


Our Vision

34

THANK YOU!

Join us for upcoming events. More info at www.plumgrid.com/events

os networking vs plumgrid v3files.meetup.com/2979972/os_networking_plumgrid_ons.pdf• virtual...

Documents