Openstack Neutron & Interconnections with BGP/MPLS VPNs

1. OPENSTACK NEUTRON & INTERCONNECTIONS WITH BGP/MPLS VPNS Paul Carver Tim Irnich Thomas Morin

2. NFV POPs A NEED TO INTERCONNECT OPENSTACK AND BGP/MPLS VPNS BGP/MPLS VPNs: • a key building block for backbone network engineering • the foundation for operators VPN services How to drive interconnections between Openstack and BGP/MPLS VPNs ? public cloud IP/MPLS backbones core & access NFV POPs internal cloud platforms & OSS business, mobile, residential customers existing BGP VPN deployments and new uses for NFV and inter-DC

3. ONCE UPON A TIME…  Back in 2012…  Some SDN controllers had support to create connectivity with BGP VPNs  each with its own API  not multi-tenant APIs  Between 2012 and 2014… some unsuccessful attempts at bringing the ability to interconnect BGPVPNs into Quantum/Neutron…  by NTT (Nati Ueno), Contrail (Pedro Marques), Orange  Neutron community not yet familiar enough with this “Telco stuff”  Neutron less modular technically and organizationally  hard to meet the “light reference implementation” criteria  This changed in 2015 !

4. NETWORKING-BGPVPN INCEPTION Early 2015  Neutron became more modular  Openstack ‘Big Tent’ and Neutrons Stadium  Growing awareness of Telco things in Neutron’s community June 2015  group of interested contributors, including…  Orange, Ericsson, AT&T, Cloudwatt  early API draft refined based on past attempts  an early API+driver implementation made opensource  networking-bgpvpn was created in Neutron “Stadium” Since…  Releases for Liberty, Mitaka, Newton  Backports for Juno and Kilo  Steadily improving and extending

5. CURRENT STATUS Newton release of networking-bgpvpn: October 13th 2016 base features: • BGPVPN definitions • L2 • L3 • Network associations, Router associations • Neutron CLI support includes drivers for: • Neutron ML2/OpenVSwitch (with bagpipe) • OpenDaylight • OpenContrail • Nuage Networks (out of tree) additional features: • full Heat binding • Horizon GUI • Tempest suite

6. NEUTRON BGP VPN INTERCONNECTIONS SERVICE PLUGIN OVERVIEW Neutron BGP Peers dataplane (vswitch/ vrouter) VMs… … Backend X (e.g. Neutron+Bagpipe, OpenDaylight, OpenContrail, Nuage, etc.)API BGPVPN Service Plugin   packets carried over MPLS to/from VPNs  BGP VPN routes   driver for X… ?

7. Neutron SDN Controller BGP Peers driver for backend X packets carried over MPLS to/fromVPNs API BGPVPN Service Plugin   REST BGP VPN routes   HOW IT WORKS WITH AN SDN CONTROLLER… E.G. OPENDAYLIGHT, OPENCONTRAIL, NUAGE NETWORKS, ETC. driver for SDN Controller X compute node VMs VMs compute node VMs VMs vswitch vswitch  NBI BGP SBI

8. HOW IT WORKS WITH NEUTRON OVS + BAGPIPE … Neutron compute node BGP Peers …VMs … API BGPVPN Service Plugin  OpenVSwitch br-int | br-tun | br-mpls packets carried over MPLS towards VPNs  Neutron OVS agent BGP VPN routes    bagpipe BGP bagpipe driver RabbitMQML2 as Core Plugin openvswitch mech driver bagpipe extension

9. NEW API RESOURCES (already existing API resources) Network X Router Ysome user in “Project Lambda” Openstack Admin Network Associationcreates associations to setup interconnections BGP VPN “default VPN” Type: L3 BGP Route-Target: 1234:42 Tenant: Project Lambda Router Association creates a BGPVPN and gives it to “Project Lambda”

10. OPENSTACK NET’-BGPVPN AND OPNFV SDNVPN  OPNFV: a midstream integration project providing automated install of all required components for a given use case, as well as E2E testing of the said use case • BGPVPN is such a use case • gives upstream projects additional visibility if their changes break something at system level (i.e. when multiple components interplay)  The OPNFV SDNVPN project aims at integrating a complete stack for BGPVPNs, focusing on cases where an SDN Controller is used • however a Neutron/BaGPipe scenario is planned as well

11. COMPONENTS AND INTERFACES On top of baseline ODL-based OPNFV deployment  Deploy BGPVPN API extension, service plugin and Heat extensions  Activate relevant VPN features in Open Daylight  Configure the stack Supported OPNFV installers  Fuel  Apex / TripleO Deployment scenarios and options  HA and non-HA (=redundant OpenStack controller)  Can be deployed nested/bare-metal DPNDPN Neutron Ext. APIsCore Neutron API BGPVPN API extension BGPVPN Service Generic Plugin ODL driver Other backend specific plugins ML2 Plugin ODL MD OpenDaylight Neutron NB BGPVPN Yang ext. ML2 Yang Netvirt L2 E-LAN Service L3-VPN ServiceOF PluginOVSDB DPN Driver B Driver C

12. OPNFV DEPLOYMENT SCENARIOS  OPNFV deployment scenario = essentially a specific stack plus configuration that  OPNFV installers can auto-deploy and  That gets automatically tested in OPNFV CI  Baseline scenarios maintained by installers  “NoSDN” = just OpenStack with OVS & Neutron agent  ODL_L2 = L2 networking done by ODL (ML2 plugin)  ODL_L3 = ODL L3Router replaces L3Router, so L2/L3 networking handled by ODL  SDNVPN scenario: derived from ODL_L3

13. DEMO: HOW TO DEPLOY OPNFV BGPVPN At the example of Fuel installer  If you’re interested in doing the same with Apex, come see us after the show Prerequisites:  Fuel already deployed in a VM (using OPNFV Colorado 1.0 iso)  VMs for compute nodes running & detected by Fuel  Linux bridges for infra networks deployed Step 1: Check plugins Step 2: Create environment Step 3: Activate feature plugins Step 4: hit deploy & get some popcorn Step 5: test the system (manually or by running OPNFV test suites)

14. WRAP UP  One API to allow tenants to control interconnections with their BGP VPNs • Public/operator cloud <-> business customers of MPLS VPN offers • inter-DC, distributed cloud, edge cloud • NFV multi-POP deployments  Drivers for multiple SDN controllers and a Neutron implementation  CLI interface, Horizon GUI, and Heat bindings  Now / Soon / On the radar: • complete E-VPN part of API • remaining work to match Neutron Stadium requirements (more functional testing!) • API evolution for finer-grained control of routing (static routes, preferences, route leaking) • consider supporting multiple drivers/backends simultaneously • see MPLS/GRE support land in OpenVSwitch (next MPLS/UDP!) • expectations of improved feature parity among drivers  Neutron’s Stadium project working hand in hand with its OPNFV counterpart OpenStack / OPNFV contributors around BGP VPN… Antoine Eiche Bruno Fernando Édouard Thuleau Cédric Savignan Daniel Radez Darek Smiegel Henry Gessau Jean-Philipe Braun Mathieu Rohon Michal Skalski Nikolas Hermanns Nishant Kumar Paul Carver Peter V. Saveliev Pierre Crégut R. R. Palleti Suresh K. Tim Irnich Tim Rozet Thomas Monguillon Thomas Morin Vishal Thapar Wim De Clercq Yannick Thomas

Openstack Neutron & Interconnections with BGP/MPLS VPNs

Vous êtes en train de lire un aperçu.

Consultez-les par la suite

Openstack Neutron & Interconnections with BGP/MPLS VPNs

Plus De Contenu Connexe

Diaporamas pour vous (20)

Les utilisateurs ont également aimé (20)

Similaire à Openstack Neutron & Interconnections with BGP/MPLS VPNs (20)

Plus récents (20)