Ryu: Network Operating System

Kazutaka  Morita  (NTT)  Isaku  Yamahata  (VA  Linux)      16  April,  2012    EtherPad  URL:  http://etherpad.openstack.org/ryu  

What is Ryu?

²  Open-­‐sourced  network  operating  system  ³  Network  operating  system  

®  Programmatic  network  control  interface  ®  Logically  centralized  controller  for  thousands  of  switches  (OVS,  openRlow  switch)  

³  Open  source  software  (Apache  v2)  ®  Fully  written  in  Python  ®  Project  site:  http://www.osrg.net/ryu/  

²  Ryu  plugin  was  merged  into  Quantum  Essex  ²  Ryu  stands  for  

³  流 -­‐  Means  “Rlow”  in  Japanese  ³  龍      -­‐  Means  “Japanese  dragon”,  one  of  water  gods  

2 �

Overview

Administrator app app app

ovs

ovs

OpenRlow  switch

OpenRlow  switch

Programmatic  network  control  interface  

・ We  can  create  applications  to  control  network  on  Ryu  

RESTful  management  API

Logically  centralized  controller  

・  Decouples  virtual  networks  from  the  physical  network  

・Supports  OpenFlow  1.0  (including  Nicira  Extension)  

Ryu  network  controllers

3 �

Goals

²  De  facto  OSS  network  operating  system  ²  High  quality  enough  for  use  in  large  production  environment  ³  Code  quality  ³  Functionality  ³  Usability  

²  Become  the  standard  network  controller  of  OpenStack  (default  plugin  of  Quantum)

4 �

What does Ryu bring to OpenStack?

²  Flat  L2  networks  regardless  of  the  underlying  physical  network  

²  Scalable  multi-­‐tenant  isolations  ³  Ryu  provides  tunneling  based  isolations  ³  VLAN  doesn’t  scale  larger  than  4096  ³ We  don’t  need  high-­‐end  switches  

5 �

TODO items

²  Integration  with  Quantum  IPAM  ²  Firewall  ²  Virtual  network  to  physical  network,  and  vice  versa  ³  Convert  among  GRE  key,  VLAN  tag,  MPLS  label,  …  

²  Distributed  controllers  ³  No  single  point  of  failure  ³  Datacenter-­‐wide  scalability

6 �

Demos

7 �

L2 isolation by using GRE tunnel

ComputeNoderyu-comp-1

ComputeNoderyu-comp-2

Compute/network

OVS

OVS

Tenant demoVM

Tenant modeVM

Tenant demoVM

Tenant modeVM

Tenant demoVM

Tenant modeVM

Tenant => GRE key

GRE tunnel

OpenFlow

ryu-allTenant demoGRE key = 3

Tenant modeGRE key = 4

L2 over L3 with GRE tunnel- Able to span over network segments (l2 segment can over multi data centers)- can coexists withConventional networktechnology

Set GRE keyDeliver packets based on GRE key

switch

En/de-cupsel packetInto/from GRE packet

Ryunw-gw

nw-gw OVS

Linux(phyisical machine)

Linux

Novacompute

Quantumagent

bridge(virbr0)

KVM

Linux

Novacompute

Quantumagent

KVM

Linux

Novacompute

Quantumagent

Ryu

Quantumserver

Novanetwork Openstack

Servers...

KVM

Ryu demo setting up

OVS OVSOVS

Qemu/KVM

ping

Linux

Qemu/KVM

ping

Linux

Qemu/KVM

ping

Linux

Qemu/KVM

ping

Linux

Qemu/KVM

ping

Linux

Qemu/KVM

ping

Linux

tapxxx

vnetNNN