OpenStack Meetup - SDN

of 14 /14
OpenStack and SDN OpenStack Hungary Meetup Group OpenStack's 5th Birthday Party Budapest

Transcript of OpenStack Meetup - SDN

Page 1: OpenStack Meetup - SDN

OpenStack and SDN

OpenStack Hungary Meetup Group

OpenStack's 5th Birthday Party Budapest

Page 2: OpenStack Meetup - SDN


What is SDN?

OpenFlow Inventor Martin Casado on SDN:

"I actually don't know what SDN means anymore, to be honest."

Page 3: OpenStack Meetup - SDN


SDN - Architectural Approaches

Overlay Model




Underlay Model

•Flow manipulation

•Decoupling the data plane from the control plane

•Centralized network controller

SDN via APIs

Group Based Policy and Service Chaining

Page 4: OpenStack Meetup - SDN


Open vSwitch Architecture

Page 5: OpenStack Meetup - SDN


Open vSwitch General Features

• OpenFlow 1.0/1.3 support

• OVSDB management (local or remote)

• Controller (in-band, openvswitch controller, remote controller)

• Flow matching capabilities(MAC, VLAN, IPv4/IPv6, TCP/UDP etc.)

• Supports overlay (VXLAN, GRE, STT)

• LACP and other bonding modes

• Flow export (sFlow, NetFlow, IPFIX)

Page 6: OpenStack Meetup - SDN


OpenStack Official Neutron Architecture

Page 7: OpenStack Meetup - SDN


Page 8: OpenStack Meetup - SDN


OpenDaylight networking-odl

Consolidates port security functionality into the OVS forwarding pipeline rather than the IP Tables Linux daemon.

ODL Neutron directly patches Nova host to Open vSwitch:

<interface type='bridge'> <mac address='fa:16:3e:26:80:38'/> <source bridge='br-int'/> <virtualport type='openvswitch'> <parameters interfaceid='2d9424db-07f4-4484-beab-16eff90ee008'/> </virtualport> <target dev='tap2d9424db-07'/> <model type='virtio'/> <driver name='qemu'/> <alias name='net0'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/></interface>

Page 9: OpenStack Meetup - SDN


OpenDaylight networking-odl

Tunnel ports and links created on br-int:

Compute-node# ovs-vsctl show4575bb26-b73b-4e0a-a62a-9b3ff06e19af

Manager "tcp:"is_connected: true

Bridge br-intController "tcp:"is_connected: truefail_mode: secure

Port br-intInterface br-int

Port "vxlan-"Interface "vxlan-"type: vxlanoptions: {key=flow,

local_ip="",remote_ip=""}Port "tap860039e7-9b"

Interface "tap860039e7-9b"ovs_version: "2.0.2"

Page 10: OpenStack Meetup - SDN


OpenDaylight OpenStack - Devstack

enable_plugin networking-odl[allinone,compute,externalodl,manual]

OpenDaylight L3

disable_service q-l3Q_L3_ENABLED=TrueODL_L3=True[[post-config|$NEUTRON_CONF]][DEFAULT]service_plugins = networking_odl.l3.l3_odl.OpenDaylightL3RouterPlugin

OpenDaylight LBaaS v2

enable_plugin neutron-lbaas q-lbaasv2NEUTRON_LBAAS_SERVICE_PROVIDERV2="LOADBALANCERV2:opendaylight:networking_odl.lbaas.driver_v2.OpenDaylightLbaasDriverV2:default"

Page 11: OpenStack Meetup - SDN


OpenDaylight OpenStack - Manually

ODL Server Pre-Requisites•Disable openvswitch controller•Make sure ODL ports are not used (8080 swift proxy or vnc server etc.)•Allow remote OVSDB administration (e.g. disable selinux, ufw)

Install OpenDaylight•feature:install odl-ovsdb-openstack (manual)•Ansible, Puppet

Clean up existing networks

Download networking-odl from gitub•Install requirements•Install ODL plug-in

Configure OpenStack•Reconfigure and restart openvswitch (update controller, manager)•Reconfigure nova firewall driver•Configure ml2_conf.ini•Disable neturon-openvswitch-agent•Restart services

Page 12: OpenStack Meetup - SDN


Neutron ofagent / Ryu Controller

DevStack Integration

enable_plugin networking-ofagent,l2population

Ryu Framework

•Fully Open-source•Python based•Uses Openflow 1.3•Reference libraries (LBaaS, FWaaS, QoS etc.)•GUI Application (e.g. topology viewer)

SDN Hub – Pre-built VMware images:

Page 13: OpenStack Meetup - SDN


OpenStack SDN integration challenges

• Neutron reference implementation split (targeted for liberty)

• Vendor integrations (physical switches, vendor plug-ins)

• Overlay approach seems to be leading

• SDN on containers

• IPv6 adoption

• SDN/NFV use cases

• Data Plane Development Kit (DPDK) accelerated NICs

Page 14: OpenStack Meetup - SDN