Transcript A 5 minutes intro to Openstack (and a few more minutes on

A 5 minutes intro to Openstack
(and a few more minutes on Openstack Networking)
Salvatore Orlando
3rd OSUG Italy Meetup
Rome, May 9th 2013
Openstack is the code
Releated/Unofficial Projects
Integrated
Projects
For more info: https://wiki.openstack.org/wiki/Projects
Ecosystem
Incubating Projects
Openstack is even more code!
Gating
Infrastructure
(tempest,
devstack, …)
Documentation
(api, admin, …)
Client
libraries
Openstack is the community
• May 8th 2013: 9,342 people from 87 countries
• Interact via:
– Mailing lists: general, development, documentation,
operators …
– Ask Openstack (ask.openstack.org)
– Launchpad
• Home to all openstack integrated projects
– IRC (#openstack-101, #openstack, #openstack-dev, …)
– Local User Groups (like today!)
– Summit & Conference (twice a year)
See Openstack evolving,
everyday
• http://status.openstack.org
– Release status
– Active Reviews
• https://github.com/openstack
– Grab the code
(Virtual) Networking in Openstack
•
Nova-network
– L2/L3 networking with IP address management
– Security Groups
– Floating Ips and external gateway (SNAT)
– Network redundancy with ‘multi-host’
– 3 Network Managers:
•
•
•
Flat, FlatDHCP: L3 isolation via security groups
VLAN Manager: L2 isolation
The project formerly known as Quantum*
– L2 networking with choice of segmentation/virtualization techniques
– Shared L2 networks
– “Provider mappings” for L2 networks
– IPAM with overlapping IPs and built-in, scalable DHCP
– Security Groups
– L3 east-west traffic (inter-subnet routing)
– Static route configuration
– Floating Ips and external gateway (SNAT)
– Load Balancing
– Nova metadata integration
– Wide choice of pluggable backends
Openstack Network quick intro
Quantum is an Openstack project to provide
“networking as a service” between interface
devices (e.g., vNICs) managed by other
Openstack services (e.g., nova)
• Manages network virtualization
– just like compute (nova) manages server virtualisation
• Advocates multi-tenancy
• Technology-agnostic
Openstack Network:
basic architecture
API Requests
• Simple technology agnostic API
• Plugin translates API request
Authentication
into concrete, technology
API Server
specific implementation
Plugin
• API guarantees isolation of
resources from management perspective
• Plugin ensures isolation at data plane
Plugin classification
• Built-in
– Solution (management, control, and data plane)
entirely contained in the Quantum source tree
• 3rd party
– Plugin proxies request to an external “controller”
– Can use one or more built-in components (e.g.:
DHCP Agent, L3 agent)
– 3rd party plugins can either be Open Source or
Commercial
Quick plugin reference
Built-in
Hyper-V
Linux Bridge
Open vSwitch
3rd party - Opensource
Big Switch
NEC
Ryu
3rd Party - Commercial
Big Switch (?)
Brocade
Cisco
Midonet
Nicira NVP
Plumgrid
Openstack Network Architecture
Open vSwitch plugin
Network Services Node
Load Balancing Agent
API Node
Quantum Server
L3 Agent
OVS Plugin
Metadata Agent
DHCP Agent
L2 Agent
AMPQ
Compute Node
L2 Agent
Compute Node
L2 Agent
Compute Node
L2 Agent
Logical View
External Network
External
Gateway
External
Gateway
Rtr-A
Rtr-B
Internal
Gateway
Internal
Gateway
Net-A2
Net-A1
DHCP
A1
1
Internal
Gateway
A1
2
DHCP
Tenant “A”
A2
1
Net-B1
DHCP
B1
1
B1
2
Tenant “B”
Physical realization
OVS Plugin – GRE Overlays
DHCP
Br-ex
Br-int
Br-tun
A2
1
Br-int
A1
1
Network Node
Br-tun
Compute Node C1
L3
Compute Node C2
Br-int
Br-tun
Br-int
B1
1
Br-tun
Local VLAN tags
converted into GRE keys
(and vice versa)
B1
2
A1
2
Compute Node C3
NS-Net-A2
Dnsmasq
10.0.0.0/24
NS-Net-A1
Dnsmasq
10.0.1.0/24
NS-Rtr-B
Iptables
SNAT/DNAT
L3
Fwd
NS-Rtr-A
Iptables
SNAT/DNAT
L3
L3
Fwd
Br-ex
Dnsmasq
10.0.0.0/24
Br-int
NS-Net-B1
DHCP
Br-tun
Network node - Details