Transcript OpenStack Quantum - Tucker

Quantum:
What it is and Where it’s
going
Lew Tucker
VP/CTO Cloud Computing
Cisco Systems, Inc.
@lewtucker
+ Quantum
• OpenStack: open source software for
building highly scalable public and private
clouds
• Designed as a set of services forming the
basis of a cloud platform
• Evolving through community process in
which all members may contribute
• Quantum is a community project to build a
“Network Service” for advanced networking
capabilities
Open Source Is Where “Standard” Cloud Infrastructure Will Be
Defined
Open standards [require] multiple
providers, access to code and data, and
interoperability of services.
The obvious solution is an open
source reference model as the
standard.
Potential examples of such would be the
OpenStack effort.
-Simon Wardley, CSC
From “A Question of Standards”
http://blog.gardeviance.org/2011/04/question-of-standards.html
Current Cloud Computing model is great for application development, selfservice, and automation, but is missing the potential programmability of the
infrastructure
I’m a Cloud.
I don’t need
you!
But I can help
(sigh)
• Applications and infrastructure could
interact with each other to provide the best
performance, experience and reliability
• What is missing is the right mechanism to
expose networking infrastructure
capabilities without bringing all the
complexity into the application layer
Network Technologies in the Data Center and
Internet
Application
Virtual
Storage
Software
VSwitch
Machine
and SAN
Compute
Access
Aggregation
Core
Peering
IP NGN
Backbone
App
App
App
OS
OS
Virtual Device
Contexts
OS
App
App
App
OS
OS
OS
App
App
App
Let’s abstract all this
Fabric-Hosted
Storage
Virtualization
Firewall Services
Storage Media
Encryption
OS
Internet
Virtual Device
Contexts
Secure Domain
Routing
OS
OS
IP NGN
Service Profiles
Virtual Machine
Optimization
Port Profiles and
VN-Link
Global Site
Selection
Fibre Channel
Forwarding
Port Profiles and
VN-Link
App
App
Application
Control (SLB+)
OS
OS
OS
Service Control
App
App
App
Virtual Contexts
for FW and SLB
OS
OS
OS
Applications
VMWare
Xen
Hyper-V
Nexus 1000v
MDS 9000 +
Consolidated
Storage Arrays
(EMC, etc.)
UCS, MCS 7800
(or Generic
Rack or
Blade Servers)
Nexus 5000
w/ Nexus 2000
Fabric Extender
Partners
Intrusion
Detection
Fabric Extension
App
Line-Rate
NetFlow
Nexus 7000
(w/ Cat 6500
as Services
Chassis)
Nexus 7000
10G Ethernet
10G FCoE
4G FC
1G Ethernet
VM to vSwitch
vSwitch to HW
App to HW / VM
CRS-1
CRS-1
7600
ASR 9000
6500
ASR 1000
7600
 Compute service (EC2): virtual machines
- Specify vCPU, Memory, Disk
- Launch instance (image, mem_size, disk)
- Suspend, clone, migrate
App Svr
OS
VM
 Storage service (S3, EBS): virtual disks
- Specify storage amount, access rights
- Store object
- Create/attach block
• What to do about networks?
Networking
Nova and Swift API
Nova
Compute
Service
Swift
Storage
Service
Virtual
Machines
Object Store
Servers
Disks
Basic Network Connectivity
Networking is embedded
inside of Nova compute, and
un-accessible to application
developers
Details and differences
associated with network
provisioning complicates a
simple compute service
Difficult to track changes in
networking as Softwaredefined Networking (SDN)
comes into play
Nova, Swift, and Quantum API
Nova
Compute
Service
Quantum
Service
Virtual
Machines
Virtual
Networks
Servers
Swift
Storage
Service
Object Store
Networks
Basic Network Connectivity
Disks
Nova becomes simpler, easier to
maintain and extend
Developers have ability to create
multiple networks for their own
purposes (multi-tier apps)
May support provisioning of both
virtual and physical networks –
differences captured through
plugin’s
 Servers are virtualized through partitioning
Storage through aggregation
Networks through slicing/tunnels/tagging…
 Networks are a shared resource carrying traffic for
all tenants across shared links
 Network overlays and virtualization create private
networks through tagging, routing, encapsulation
(tunneling), and separation of control (openflow,
etc.)
- VLANS, NVGRE, VXLAN, STT, LISP
 Quantum is designed to support private networks
2011 Design Summit - community-driven merger of proposals
… and others
NetworkService
Citrix/Rackspace/Nicir
a
NetworkServicePOC
NTT/Midokura
NetworkContainers
Cisco
Quantum
NaaS Core Design
Intel
 Compute service (EC2): virtual machines
- Launch instance (image, mem_size, disk)
- Suspend, clone, migrate
App Svr
OS
VM
 Storage service (S3, EBS): virtual storage
- Store object
- Create/attach block
 Network service (Quantum): virtual networks
- Create/delete private network
- Create “ports” and attach VM’s
- Assign IP address blocks (DHCP)
App Svr
OS
App Svr
OS
VM
VM
POST /v1.1/tenants/abc/networks.json
Request:
{
“network”:
{
“name”:”my_db_network”
}
}
Response:
{
“network”:
{
“id”: “98bd8391-199f-4440-824d-8659e4906786”
}
}
My Private Network
 Create multiple, virtual, isolated networks per tenant (FE-Net, DBNet)
 Multiple network interfaces per VM (in-line services)
 Create ports on networks (QoS, profiles) and attach VM’s
 Have control over your own “private” IP addresses
 Access through a user-friendly CLI and GUI (Horizon)
 Invoke additional capabilities through extensions
 Support different underlying networking implementations (VLANS,
L2/L3 tunnels, etc.)
Quantum API
Quantum Service
• Network abstraction definition and management
• Does NOT do any actual implementation of abstraction
Quantum Plug-in API
Vendor/User Plug-In
• Maps abstraction to implementation on physical network
• Can provide additional features through API extensions
API Extensions:
For controlled innovation
and experimentation
User Application – CLI - Horizon Dashboard - Tools
Tenant API
Tenant API
Compute
Service
(Nova)
Internal API
Network Service
(Quantum)
Admin API
Plug-In
Compute Node
Hypervisor vSwitch
Physical
Network Router/Switch
Clustered Network
Controller
System
Admin
 Open vSwitch
 Linux bridge
 Nicira NVP
 Cisco (Nexus switches and UCS VM-FEX)
- WIP: VXLAN
 NTT Labs Ryu OpenFlow controller
 NEC OpenFlow
 Big Switch Floodlight
 Keep it simple - hide complexity while exposing capabilities
 Provision their own, abstracted networking resources and
topologies
 Potential to create their own networking services
 Isolation and non-interference
 Ability to experiment while leveraging all that is provided by
lower-level protocols
Different tenants and applications have different needs
Tenant “B”
Tenant “A”
App
App
Web Svr
Web Svr
Web Svr
OS
OS
OS
OS
OS
VM
VM
VM
VM
VM
10.0.1.0/24
DataBase
10.0.1.0/24
OS
VM
App Svr
App Svr
MemCach
MemCach
OS
OS
OS
OS
VM
VM
VM
VM
DataBase
DataBase
App
DataBase
OS
OS
OS
OS
VM
VM
VM
VM
Tenant “C”
198.133.219.10
Internet
Gateway
Internet Access, Management Network
and Multi-tenant Services
Service Provider Network
VPN
Service
 Quantum 1.0 is available today for Essex as an incubation project
- Supports isolated L2 networks
- Multiple plug-in’s available
 Folsom release – moving into Core
- Quantum V2 API (in development)
- Support tenant-created subnets
- Integrated with Horizon (dashboard) and Keystone (identity/token/policy)
- Includes “Melange” IPAM for IP address management
- Includes DHCP/Dnsmasq functionality
POST /v2.0/subnets
Request:
{
"network_id": "98bd8391-…",
"cidr": "10.0.0.0/24",
}
Response
{
"id": "e76a23fe-…",
"network_id": "98bd8391-..",
"cidr": "10.0.0.0/24",
"gateway_ip": "10.0.0.1",
"dns_nameservers": ["8.8.8.8"],
"reserved_ranges": [ { "start" : "10.0.0.1", "end": "10.0.0.1"},
{ "start": "10.0.0.255", "end" : "10.0.0.255"}],
"additional_host_routes": [],
}
3
Purposely started simple with basic abstraction, but with many
blueprints expect to see rapid innovation, while maintaining
backward compatibility
More plug-in’s for other networking paradigms
Extensions for QoS, port profiles, etc.
Used in the development of new network services
Applied to create virtual data centers spanning multiple sites
New uses in network service provider networks, mobile networks,
sensor networks, HPC networks
 Quantum API
Quantum
- http://docs.openstack.org/api/openstack-network/1.0/content/
Network Service
 Quantum Admin Guide (Essex):
- http://docs.openstack.org/trunk/openstack-network/admin/content/
 Code on Github:
- https://github.com/openstack/quantum
 Quantum V2:
- http://wiki.openstack.org/QuantumV2APIIntro
Lew Tucker, Cisco Systems
@lewtucker