OpenStack Neutron 201 1hr
-
Upload
david-lenwell -
Category
Technology
-
view
681 -
download
0
Transcript of OpenStack Neutron 201 1hr
![Page 1: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/1.jpg)
Neutron 201
![Page 2: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/2.jpg)
About Me
• Senior Developer at Akanda inc
• Former RefStack PTL
• Past Engineer at BlueBox, Piston, and HP
![Page 3: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/3.jpg)
Where are we headed today?
• OpenStack Neutron Networking Basics
• Advanced Services: LBaaS, VPNaaS, FWaaS
• Neutron: Liberty and Beyond
![Page 4: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/4.jpg)
OpenStack Neutron Networking Basics
![Page 5: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/5.jpg)
OSI Model
Physical Layer
Data Link Layer
Network Layer
Transport Layer
Session Layer
Presentation Layer
Application Layer
1
2
3
4
5
6
7
TCP, UDP
IPv4,IPv6, ICMP
HTTP, DNS, etc
ARP, Ethernet, VLAN
![Page 6: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/6.jpg)
OpenStack
![Page 7: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/7.jpg)
Neutron
![Page 8: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/8.jpg)
Reference Neutron
neutron-server
Database
L3 AgentL3 AgentL3 Agent
Advanced ServiceAdvanced
ServiceAdvanced Services
Message Queue
DHCP AgentDHCP AgentDHCP Agent
L2 AgentL2 AgentL2 AgentL2 AgentL2 Agents
![Page 9: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/9.jpg)
neutron-server
REST API SERVICE
RPC SERVICE
PLUGIN
![Page 10: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/10.jpg)
Plugin Extensions
• Add logical resources to the REST API
• Discovered by server at startup
• REST: /v2.0/extensions
• Common Extensions
• Binding, DHCP, L3, Provider, Quota, Security Group
![Page 11: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/11.jpg)
2 types of plugins..
MonolithicPlugin
Mech Mgr
Modular Plugin
Type Mgr
![Page 12: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/12.jpg)
Monolithic Plugin
Typical among sdn vendorsThey come in two varieties;
• Proxy
• Direct control
PLUGIN
![Page 13: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/13.jpg)
Modular Plugin
Delegates calls to proper drivers
• Two kinds of drivers
• Type Driver
• Mechanism Driver Mech Mgr
PLUGIN
Type Mgr
![Page 14: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/14.jpg)
Flat vs Not..
![Page 15: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/15.jpg)
IsolationVLAN
• 802.1Q
• limited
• underlay must support
GRE/VXLAN
• L2 encapsulated in L3
• routable
• overlay independence
![Page 16: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/16.jpg)
Tunneling
A
D
CB
![Page 17: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/17.jpg)
Neutron Advanced Services
![Page 18: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/18.jpg)
ReferenceImplementation
Load Balancer V2
HAProxyOctavia Projecthttp://octavia.io
![Page 19: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/19.jpg)
VPN as a Service
OpenSwan
Router
Metadata Proxy
VPN Driver
● Reference implementation uses OpenSwan
● Details can be found at: https://wiki.openstack.org/wiki/Neutron/VPNaaS
![Page 20: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/20.jpg)
Firewall as a Service
• Reference Implementation is Currently Experimental and not production ready
• Whats next?
L3 Agent
Router
Metadata Proxy
Firewall Driver
![Page 21: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/21.jpg)
Akanda
![Page 22: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/22.jpg)
What is Akanda● Akanda is a multi-process, multi-
threaded Neutron advanced services orchestration service
● It currently supports routers and in the future, load balancers, VPNs and firewalls
![Page 23: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/23.jpg)
Core Akanda Principles● Simple ● Compatible● Open Development (Apache v2)
![Page 24: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/24.jpg)
The Rug really tied the room together
![Page 25: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/25.jpg)
Reference Neutron
neutron-server
Database
L3 AgentL3 AgentL3 Agent
Advanced ServiceAdvanced
ServiceAdvanced Service
Message Queue
DHCP AgentDHCP AgentDHCP Agent
L2 AgentL2 AgentL2 AgentL2 AgentL2 Agents
![Page 26: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/26.jpg)
Neutron + the Rug
L2 AgentL2 AgentL2 AgentL2 AgentL2 Agent
Message Queue
L3 AgentL3 AgentService Instance
neutron-server
Database
Akanda (the rug)
![Page 27: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/27.jpg)
Router Instance Lifecycle● Router per tenant distributed throughout
the cluster
● The router controls the data flow at layer 3 level of the TCP/IP network stack
![Page 28: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/28.jpg)
Akanda Project Details● Get the source: https://github.
com/stackforge/akanda
● Project status and tarballs: https://launchpad.net/akanda
● Documentation: http://docs.akanda.io
● IRC - #akanda on freenode.net
![Page 29: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/29.jpg)
Neutron: Liberty and Beyond
![Page 30: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/30.jpg)
OpenStack’s Big Tent
• Open Design
• Open Development
• Open Community
• Open Source
![Page 31: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/31.jpg)
The Neutron Stadium
• Common Forum
• Improved Consistency
• Shared Governance
![Page 32: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/32.jpg)
Neutron: Liberty• IPAM
• BGP Speaker
• NFV Enhancements
• Service Function Chaining
• Enhanced Security Groups
• Paying Down Technical Debt Canadian2006 - Liberty, Saskatchewan (CC-by-sa-3.0)
commons.wikimedia.org/w/index.php?title=User:Canadian2006&action=edit&redlink=1
![Page 33: OpenStack Neutron 201 1hr](https://reader031.fdocuments.in/reader031/viewer/2022021814/58f1d78a1a28ab3c768b4581/html5/thumbnails/33.jpg)
Questions