Upgrading OpenStack Without Breaking Everything (Including Neutron?)
XaaS/OpenStack - Cisco...(SWIFT) Openstack Image Service (GLANCE) Openstack Network Service...
36
Transcript of XaaS/OpenStack - Cisco...(SWIFT) Openstack Image Service (GLANCE) Openstack Network Service...
XaaS/OpenStack
Jiri Chaloupka – Systems Engineer CCIE# 39800
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
At a more detailed level, there are many resources inside the cloud
Applications
Runtimes
Databases
Servers
Security
Virtualization Storage
Networking
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Private Cloud
What resources you manage inside the cloud defines the following…
Infrastructure as a Service
(IAAS)
Platform as a Service (PAAS)
Software as a Service (SAAS)
How do these differ from one another?
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Applications Runtimes
Databases
Servers Security
Virtualization
Storage Networking
Private Cloud
Infrastructure as a Service
(IAAS)
Platform as a Service (PAAS)
Software as a Service (SAAS)
Applications Runtimes
Databases
Servers Security
Virtualization
Storage Networking
Applications Runtimes
Databases
Servers Security
Virtualization
Storage Networking
Applications Runtimes
Databases
Servers Security
Virtualization
Storage Networking
Managed by You Managed by Vendor
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
You start with a Physical Switch
Network
Physical Devices and Physical Connections
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Then you add an overlay
Overlay provides base for logical
network
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Logical “switch” devices overlay the
physical network
Underlying physical network carries data
traffic for overlay network
They define their own topology
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Multiple “overlay” networks can co-exist
at the same time
Overlays provides logical network constructs for
different tenants (customers)
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Overlay Taxonomy
Overlay Control Plane
Encapsulation Service = Virtual Network (VN) Identifier = VN Identifier (VNI)
Underlay Control Plane
Underlay Network Hosts
(end-points)
Edge Devices Edge Device
10
§ VXLAN
§ FabricPath
§ MPLS(vPE)
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Main Benefit of Overlays?
Overlay Network can be created and torn down without changing underlying physical network
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
What about Openstack? Where does that fit in?
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Openstack is an IAAS (Infrastructure As A Service) cloud computing project
It is also referred to as a Cloud Operating System
“…provides a means to control (administer) compute, storage, network and virtualization technologies…”
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Applications
With IAAS, compute, storage, networking and virtualization resources are managed by the Vendor
(this defines them as an IAAS provider)
Runtimes
Databases
Servers
Security
Virtualization Storage
Networking
Managed by You Managed by Vendor
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Openstack lets the provider manage these resources
Servers
Virtualization Storage
Networking
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Openstack provides web based front end to manage those cloud resources…
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Openstack consists of a number of components
Openstack Compute (NOVA)
Openstack Object Store
(SWIFT)
Openstack Image Service
(GLANCE)
Openstack Network Service
(NEUTRON)
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Openstack Compute (NOVA)
Openstack Compute (NOVA)
Openstack Object Store
(SWIFT)
Openstack Image Service
(GLANCE)
Openstack Network Service
(NEUTRON)
Allows the administrator to create and manage Virtual Machines (VM’s) using various (stored) machine images
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Object Store (SWIFT)
Openstack Compute (NOVA)
Openstack Object Store
(SWIFT)
Openstack Image Service
(GLANCE)
Openstack Network Service
(NEUTRON)
Provides the ability to store objects – basically it is the component that is responsible for managing storage and reading/writing objects to that storage
An object could be a video file, a document, a picture, a database… basically anything that you would normally store on your computer
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Image Store (GLANCE)
Openstack Compute (NOVA)
Openstack Object Store
(SWIFT)
Openstack Image Service
(GLANCE)
Openstack Network Service
(NEUTRON)
This is the component responsible for managing the different operating system images (Windows, Linux, etc) that NOVA uses to create virtual
machine’s
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Network Service (QUANTUM) à NEUTRON
Openstack Compute (NOVA)
Openstack Object Store
(SWIFT)
Openstack Image Service
(GLANCE)
Openstack Network Service
(NEUTRON)
Allows the administrator to create and manage virtual networks
This is the piece that has relevance to our SDN story
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
NEUTRON (ex Quantum) is used to help manage the overlay (virtual) networks
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
NEUTRON Quick DeepDive
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
A simple OpenStack Deployment
Control Node
Mysql
RabbitMQ
Nova-api
Nova-scheduler
Keystone
Neutron Server
Network Node
Neutron-plugin-agent
Neutron-L3-agent
Neutron-dhcp-agent
Compute Nodes Compute Nodes Compute Nodes
Nova-compute
Neutron-plugin-agent
Data Network
External Network IPMI Network
Management Network
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
ML2 Architecture Diagram - IceHouse Neutron Server
ML2 Plugin
Type Manager Mechanism Manager
API Extensions
GR
E TypeD
river
Arista
VLA
N TypeD
river
VX
LAN
TypeD
river
Cisco N
exus
Hyper-V
L2 Population
Linuxbridge
Open vS
witch
Tail-F NC
S
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
ML2 With Current Agents
Neutron Server ML2 Plugin
Host A
Linuxbridge Agent
Host B
Hyper-V Agent
Host C
Open vSwitch Agent
Host D
Open vSwitch Agent
API Network
● ML2 Plugin works with existing agents
● Separate agents for Linuxbridge, Open vSwitch, and Hyper-V
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Cisco Nexus Plugin Diagram
http://docwiki.cisco.com/wiki/OpenStack:Grizzly-Nexus-Plugin
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Service Chaining with Nexus 1000V
API Network is typically routable to enable public access
Cloud Controller Node
nova-scheduler
mysql, rabbit...
nova-api
neutron-server
keystone
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Network Node
dhcp-agent
*-plugin-agent
l3-agent
Network Node
dhcp-agent
*-plugin-agent
l3-agent
Network Node
dhcp-agent
*-plugin-agent
l3-agent
Management Network
API Network
Data Network
External Network
Internet
N1000V
• Foundation of Virtual Services Architecture • vPath Service Insertion/Chaining • VXLAN Overlay Networking
VSM/N1000V
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Network Node
dhcp-agent
*-plugin-agent
CSR 1000V Routing
API Network is typically routable to enable public access
Cloud Controller Node
nova-scheduler
mysql, rabbit...
nova-api
quantum-server
keystone
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Management Network
API Network
Data Network
External Network
Internet
N1000V
CSR 1000V
Network or Compute node(s) hosts CSR
VSM/N1000V
CSR Provides per tenant isolation and full IOS capabilities including VPN, BGP, OSFP, MPLS, etc.
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Networking Diagram – Open vSwitch (OVS)
30 Source: www.openstack.org
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
br-ex
External Network
br-int
br-tun GRE
Host B
patch-tun
patch-int
Host A
VM 1
App_Network 10.0.2.0/24
External_Network 172.18.0.0/24
DB_Network 10.0.3.0/23
Neutron/Quantum Internals
Router
VM 2 VM 2
VM 1
VM 3 DB_Network
Alternatively, tunnel to Host B could be external VLAN
VXLAN Tunnels Possible as well
172.18.0.3 Floating IP
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public Source: www.canonical.com
Canonical/Ubuntu – Openstack releases
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Cisco and Openstack?
http://www.openstack.org/user-stories/cisco-webex/
Cisco/Openstack Blueprints Nova Scheduler Neutron VPNaaS (Cisco CSR1000v) RaaS – CSR1000v UCS Manager ML2 IPv6 …..
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
The OpenStack Challenge
80% of all Openstack Installation fail due to Implementation and Integration Issues
Prosíme, ohodnoťte tuto přednášku
• Děkujeme
