Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.
What's new in virtual
OpenStack networking
from eNovance import Neutron
Founded
2008

Sylvain Afchain

•  Senior Developer
•  Neutron contributor

Emilien Macchi

• ...
Neutron

“Pluggable, scalable, APIdriven network and IP
management”
New features in Havana
Before ML2...
Neutron server
with
Open-vSwitch
plugin

OR

Neutron server
with
Linux Bridge
plugin

OR...
ML2 (Modular Layer 2)

•  New reference plugin
•  Handles numerous of L2 technologies: Flat, VLAN,
• 
• 

VXLAN, GRE
Works...
Before L2 population...

Full mesh
With L2 population
Partial mesh
FWaaS
Without...
VM

Layer 2
Layer 3

VM

BR-INT
VROUTER
BR-EX

SECURITY
GROUPS
FWaaS
With...
VM

Layer 2
Layer 3

VM

VM

BR-INT

SECURITY
GROUPS

VM

BR-INT

VROUTER

VROUTER

BR-EX

BR-EX

SECURITY
G...
FWaaS (Firewall as a Service)

•  Service plugin + Agent + Drivers
•  Concept: IPtables rules on virtual routers
•  Driver...
VPNaaS (virtual private network)

•  Scope: Layer 3 Site-to-site (IPsec)
•  Experimental in Havana
•  Only preshared keys,...
VPNaaS
VM

VM

10.0.0.4

VM

10.0.0.5

10.1.0.5

10.1.0.1

10.0.0.1

Router

Router

172.24.1.21

172.24.1.22

VPN
172.24....
Metering

•  Service plugin + Agent + Drivers
•  Concept: IPtables rules on virtual routers
•  Drivers: IPtables
•  Collec...
Roadmap to Icehouse
L3 high availability

•  Bring high availability on virtual routers
•  Delete SPOF in L3 Agent
•  Allow routers to be sche...
L3 high availability
Without...
VM

L2 Agent
L3 Agent

VM

BR-INT
VROUTER
BR-EX

Internet

VM lost
connectivity
L3 high availability
With...

Without...
VM

L2 Agent
L3 Agent

VM

VM

BR-INT

BR-INT
VROUTER

VROUTER
BR-EX

Internet

V...
L3 on edge? (proposal)

•  Move floating IP on compute nodes
•  Improve North-South traffic
•  VMs without floating IP con...
Havana follow-up

•  VPNaaS: SSL support with OpenVPN driver
•  VPNaaS: Layer 2 private networks (L2TP, MPLS)
•  LBaaS: ne...
Icehouse: new puppies

•  L2 driver for OpenDaylight
•  Framework for Advanced Services in Virtual Machines
•  Neutron ser...
Questions ?
sylvain@enovance.com

emilien@enovance.com
@eNovance
OpenStack in Action 4! Emilien Macchi & Sylvain Afchain - What's new in neutron ?
OpenStack in Action 4! Emilien Macchi & Sylvain Afchain - What's new in neutron ?
Prochain SlideShare
Chargement dans…5
×

OpenStack in Action 4! Emilien Macchi & Sylvain Afchain - What's new in neutron ?

2 497 vues

Publié le

Paris, 5th December 2013 : OpenStack in Action 4! organized by eNovance, brings together members of the OpenStack community.

Publié dans : Technologie
  • DOWNLOAD THE BOOK INTO AVAILABLE FORMAT (New Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { https://urlzs.com/UABbn } ......................................................................................................................... Download Full EPUB Ebook here { https://urlzs.com/UABbn } ......................................................................................................................... Download Full doc Ebook here { https://urlzs.com/UABbn } ......................................................................................................................... Download PDF EBOOK here { https://urlzs.com/UABbn } ......................................................................................................................... Download EPUB Ebook here { https://urlzs.com/UABbn } ......................................................................................................................... Download doc Ebook here { https://urlzs.com/UABbn } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book THE can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer THE is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBOOK .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, CookBOOK, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, EBOOK, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story THE Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money THE the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths THE Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Répondre 
    Voulez-vous vraiment ?  Oui  Non
    Votre message apparaîtra ici

OpenStack in Action 4! Emilien Macchi & Sylvain Afchain - What's new in neutron ?

  1. 1. What's new in virtual OpenStack networking
  2. 2. from eNovance import Neutron Founded 2008 Sylvain Afchain •  Senior Developer •  Neutron contributor Emilien Macchi •  OpenStack Engineer •  Automation, deployments Team 90+ Growth 200% Clients 200+
  3. 3. Neutron “Pluggable, scalable, APIdriven network and IP management”
  4. 4. New features in Havana
  5. 5. Before ML2... Neutron server with Open-vSwitch plugin OR Neutron server with Linux Bridge plugin OR...
  6. 6. ML2 (Modular Layer 2) •  New reference plugin •  Handles numerous of L2 technologies: Flat, VLAN, •  •  VXLAN, GRE Works with existing drivers: Linux Bridge, Open-vSwitch, Arista, Cisco, Hyper-V New mechanism: L2 population (partial-mesh and forwarding table population)
  7. 7. Before L2 population... Full mesh
  8. 8. With L2 population Partial mesh
  9. 9. FWaaS Without... VM Layer 2 Layer 3 VM BR-INT VROUTER BR-EX SECURITY GROUPS
  10. 10. FWaaS With... VM Layer 2 Layer 3 VM VM BR-INT SECURITY GROUPS VM BR-INT VROUTER VROUTER BR-EX BR-EX SECURITY GROUPS FIREWALL
  11. 11. FWaaS (Firewall as a Service) •  Service plugin + Agent + Drivers •  Concept: IPtables rules on virtual routers •  Drivers: IPtables or vArmour •  Complements Security Groups
  12. 12. VPNaaS (virtual private network) •  Scope: Layer 3 Site-to-site (IPsec) •  Experimental in Havana •  Only preshared keys, no certificates •  OpenSwan as default driver
  13. 13. VPNaaS VM VM 10.0.0.4 VM 10.0.0.5 10.1.0.5 10.1.0.1 10.0.0.1 Router Router 172.24.1.21 172.24.1.22 VPN 172.24.1.0/24
  14. 14. Metering •  Service plugin + Agent + Drivers •  Concept: IPtables rules on virtual routers •  Drivers: IPtables •  Collects traffic counters with labels and sends to Ceilometer •  Next steps: use metering for Layer 3 scheduling
  15. 15. Roadmap to Icehouse
  16. 16. L3 high availability •  Bring high availability on virtual routers •  Delete SPOF in L3 Agent •  Allow routers to be scheduled on two L3 Agents •  Master / Slave model •  VIP managed by Keepalived •  TCP sessions managed by conntrackd •  Add new L3 schedulers
  17. 17. L3 high availability Without... VM L2 Agent L3 Agent VM BR-INT VROUTER BR-EX Internet VM lost connectivity
  18. 18. L3 high availability With... Without... VM L2 Agent L3 Agent VM VM BR-INT BR-INT VROUTER VROUTER BR-EX Internet VM VM lost connectivity VROUTER BR-EX Internet 2 L3 Agents External connectivity is backuped
  19. 19. L3 on edge? (proposal) •  Move floating IP on compute nodes •  Improve North-South traffic •  VMs without floating IP continue to use L3 agent to •  reach external networks VMs with floating IP reach external network on the compute edge.
  20. 20. Havana follow-up •  VPNaaS: SSL support with OpenVPN driver •  VPNaaS: Layer 2 private networks (L2TP, MPLS) •  LBaaS: new drivers (vendors) •  Metering: improve API to get traffic counters
  21. 21. Icehouse: new puppies •  L2 driver for OpenDaylight •  Framework for Advanced Services in Virtual Machines •  Neutron server is multi-workers •  More Tempest coverage (QA) •  L3 scheduling improvements
  22. 22. Questions ? sylvain@enovance.com emilien@enovance.com @eNovance

×