What's Coming In CloudStack 4.18
Le téléchargement de votre SlideShare est en cours.
×
Consultez-les par la suite
Suggestions
Plus De Contenu Connexe
Plus par ShapeBlue (20)
Plus récents (20)
New Networking Capabilities In ACS And How To Leverage Them For VNF Deployments
- 1. New networking capabilities in ACS – and how to leverage them for VNF deployments Alexandre Mattioli - Cloud Architect, ShapeBlue CloudStack Collaboration Conference 2022
- 2. Who’s talking? Alexandre Mattioli - Cloud Architect at Shapeblue • Brazilian, now based in Prague • 30 years experience in Technology • Worked in many fields of IT • Involved with CloudStack since 2012 • @ShapeBlue since 2020.
- 3. What will we talk about? • What are VNFs • Historical challenges with VNFs in CloudStack • Past enhancements • Current state of ACS’s networking (4.17) • The future in ACS networking (4.18+) • Q&A Related talks on CCC 2022: Wei-Zhou: VM Autoscaling With CloudStack VR (14:55) Abhishek Kumar: Edge Zones In CloudStack (15:50)
- 4. What are VNFs? Virtual Network Function
- 5. Journey to VNFs • Very expensive • Highly proprietary • ASIC based • Long development cycle • More affordable • Off the shelf • x86 based • Shorter development cycle • Scalable cost • Very easy to trial • Fast releases
- 6. NFV
- 7. ETSI Framework VNF -> ACS VR
- 8. • Templates with multiple disks • Deployment time settings • Specialized hypervisor features • L2 connectivity for service-chaining Challenges back then
- 9. Service Chaining
- 10. 4.9 -> 4.16
- 11. Routed Dual Stack VR
- 12. Statically Routed IPv6 • 4.17 IPv6 Implementation • VPCs and Isolated Networks • Statically Routed • Nat’ed IPv4
- 13. User driven VLAN selection
- 14. User-Shared Networks Previously not available for Shared Networks
- 15. User-Shared Networks Normal end-user (aka non-root admin) We have a new field
- 16. User-Shared Networks API response to listnetworks lists the associated networks Networks with which a given network can be associated with.
- 17. Use Case – User VNF Deployment
- 18. Use Case – User VNF Deployment Isolated Network Add Isolated Network ACS VR
- 19. Use Case – User VNF Deployment Deploy VNF Template VNF’s upstream interface on Isolated Network Isolated Network ACS VR SDWAN VNF
- 20. Use Case – User VNF Deployment 1:1 NAT ACS VR<->VNF Isolated Network ACS VR Acquire Public IP for StaticNAT SDWAN VNF
- 21. Use Case – User VNF Deployment Create Layer2 Network Attach to VNF’s downstream Interface Isolated Network ACS VR L2 Network SDWAN VNF
- 22. Use Case – User VNF Deployment Create UserShared Network Associate to L2 Link Network Isolated Network ACS VR L2 Network UserShared
- 23. Use Case – User VNF Deployment Isolated Network ACS VR UserShared (VLAN A) SDWAN VNF User VMs
- 24. Use Case – User VNF Deployment
- 25. Use Case – User VNF Chaining Create Isolated
- 26. Use Case – User VNF Chaining Deploy VNF VM
- 27. Use Case – User VNF Chaining Acquire Public IP and apply Static NAT
- 28. Use Case – User VNF Chaining Create Layer2 Network L2 Network
- 29. Use Case – User VNF Chaining Deploy another VNF
- 30. Use Case – User VNF Chaining Create Another Layer 2 Network
- 31. Use Case – User VNF Chaining Add user- shared with associated network
- 32. Use Case – User VNF Chaining
- 33. Use Case – User VNF Deployment IPv6 IPv6 all the way IPv6 IPv6
- 34. Use Case – User VNF Deployment IPv6 IPv4 NAT 6to4 VNF IPv6
- 35. User-Driven Private Gateways Operational Overhead
- 36. User-Driven Private Gateways Not scalable
- 37. User-Driven Private Gateways
- 38. User-Driven Private Gateways
- 39. User-Driven Private Gateways
- 40. User-Driven Private Gateways
- 41. User-Driven Private Gateways
- 42. User-Driven Private Gateways
- 43. User-Driven Private Gateways - VNF
- 44. Associated Networks • Available in 4.17 • Empowers end-user • Enables richer topologies • Reduces operational overhead
- 45. Fixing the Problems
- 46. Programmable MTU New fields for Isolated Networks Public Interface MTU Private Interface MTU Global and Zone level settings: vr.public.interface.max.mtu vr.private.interface.max.mtu
- 47. Programmable MTU Private – MTU 1500 Public – MTU 1440
- 48. Configurable protocol option in firewall rules Static NAT
- 49. Configurable protocol option in firewall rules Somewhat limited
- 50. Configurable protocol option in firewall rules
- 51. Configurable SourceNAT IP Can’t be changed Decommissioning an IP range assigned to a zone is extremely disruptive
- 52. Configurable SourceNAT IP Now it can be changed Make SourceNat Make SourceNat Make SourceNat New option
- 53. Enhancement Ideas
- 54. Policy Based Routing Routing decisions taken on: • Source subnet • Port number • Type of Traffic • Network protocol • Packet size • Access list • Etc..etc.. Source 10.10.1.0/24 via VPC’s default gateway Source 10.10.2.0/24 via VPC’s private gateway
- 55. Routed IPv4 • Proposal: • Similar implementation as IPv6 • Dual-stack fully routed • Challenges: • Presentation of IPv4 ranges to ACS • Wasteful subnetting
- 56. Dynamic Routing • We all want it • We all need it • Many ideas how to do it • Let’s talk…
- 57. Taking ACS to the Edge 15:50 New York City Hall
- 58. Questions?
