SlideShare une entreprise Scribd logo

SDN in CloudStack

Hugo Trippaers
Hugo Trippaers

I presented this at the CloudStack collaboration conference 2013 in Santa Clara.

Technologie
1  sur  34
Télécharger pour lire hors ligne
SDN in CloudStack
About me » Hugo Trippaers – Email: htrippaers@schubergphilis.com – Twitter: @Spark404 – Freenode: Spark404 – http://www.schubergphilis.com »
CloudStack networking - the five minute version » CloudStack networking – Basic, isolation using security groups (L3) – Advanced, isolation using network isolation (L2) » SDN was introduced to create isolated networks in Advanced zones » By now it can do much more... (Routing, Firewall, NAT) 3
Isolation with VLAN 4 CloudStack takes care off the configuration of hypervisor switches. Whotakescareofthenetworkinggear?
Isolation with VLAN 5 CloudStack takes care off the configuration of hypervisor switches. Whotakescareofthenetworkinggear? He does...
Isolation with Software Defined Networking 6 Whotakescareofthenetworkinggear? CloudStack takes care off the configuration of hypervisor switches and L2 networking.
Isolation with Software Defined Networking 7 Whotakescareofthenetworkinggear? CloudStack takes care off the configuration of hypervisor switches and L2 networking.
Software defined networking - core concepts » Decouples the control plane (what data is going where) from the data plane (how to get data there) » Makes network management easier by abstracting low-level functionality into virtual services. – Independent of hardware and/or vendor » Provides a Northbound API – Allows administrators to use automated tooling to provision services » Scale? 8
Software Defined Networking - advanced » Where can we go if we have a software based network infrastructure. – Distributed routing? – Integrated security framework? – Application controlled networking? » Endless possibilities, it’s all software anyway 9
SDN in CloudStack » Whereisit? 10
SDN in CloudStack » Whereisit? 11 Implemented in the core of CloudStack. “Movable parts”configured per plugin. Controlled by existing offering model.
SDN implementations 12 Isolation DHCP Firewall NAT Security Groups VPC GRE isolation Pre ACS - - - - -
SDN implementations - GRE isolation » Uses the existing implementation of OpenVSwitch in XenServer and XCP – Uses the OpenVSwitch GRE tunnels to“link”OpenVSwitch bridges between hypervisors – Entirely controlled by CloudStack » Pros – Doesn’t require external components » Cons – Bandwidth is limited due to lack of offloading – Large deployments require a lot of tunnels – Limited set of hypervisors supported (XenServer) 13
SDN implementations 14 Isolation DHCP Firewall NAT Security Groups VPC GRE isolation Pre ACS - - - - - Nicira NVP >= 4.0 - - - - -
SDN implementations - Nicira NVP » A commercial SDN solution developed by Nicira. Uses both OpenVSwitch and OpenFlow to build overlay tunnels on an existing network. » Pros – STT tunnel protocol is optimized for high-bandwidth – Includes a gateway to link existing L3 or L2 networks to the virtual switch » Cons – Requires custom OpenVSwitch on hypervisors. 15
SDN Implementations 16 Isolation DHCP Firewall NAT Security Groups VPC GRE isolation Pre ACS - - - - - Nicira NVP >= 4.0 - >= 4.1 >= 4.1 - >= 4.1 Big Switch VNS >= 4.1 - - - - -
SDN implementations - Nicira NVP (>= ACS 4.1) » Nicira NVP plugin is updated to support L3 functionality. With this functionality the existing VRouter can be replaced with a SDN based construct. » Several changes have been made to the VPC setup to support SDN based networks in VPCs. 17
SDN implementations - BigSwitch VNS » The Big Switch Networks plugin is a CloudStack SDN plugin using the BigSwitch VNS platform. While BigSwitch VNS is a commercial solution, it is completely based on open standards like OpenFlow » Pros – Uses open standards » Cons – Requires hypervisors and switches to support OpenFlow 18
SDN Implementations 19 Isolation DHCP Firewall NAT Security Groups VPC GRE isolation Pre ACS - - - - - Nicira NVP >= 4.0 - >= 4.1 >= 4.1 - >= 4.1 Big Switch VNS >= 4.1 - - - - - Midokura Midonet master master master master - master Stratosphere SSP review - - - - - VXLAN announced
SDN implementations - Midokura Midonet » Midokura Midonet is implemented as a CloudStack plugin. It offers a complete set of advanced features like DHCP, L3 Routing and various NAT options. » Pros – Complete solution for building standard networks including L3 functions. » Cons – Can only be used with the KVM hypervisor. 20
SDN implementations - Stratosphere » Stratosphre SSP is an SDN controller that controls or brokers physical and or virtual network devices. Stratosphere SSP will build a vxlan backed overlay network. The plugin makes L2 connectivity service provided by SSP. » Not much information available yet. 21
SDN implementations - VXLAN » Today at CCC 2013 by Toshiaki Hatano. » Not much information available yet, be sure to catch the recording of the talk of this morning. 22
SDN Implementations 23 Isolation DHCP Firewall NAT Security Groups VPC GRE isolation Pre ACS - - - - - Nicira NVP >= 4.0 - >= 4.1 >= 4.1 - >= 4.1 Big Switch VNS >= 4.1 - - - - - Midokura Midonet master master master master - master Stratosphere SSP review - - - - - VXLAN announced
SDN implementations - next steps? » Support for VPC – Including private gateways » Common configuration and setup » Security » Configurable on-ramp/off-ramp » IPv6 24
SDN in CloudStack - how does it work » Preparing a SDN solution for use requires some configuration work up front 25
Preparation - Configure physical network » The physical network defines the type of L2 isolation used. 26
Preparation - Setup Providers » The provider is the place to configure the SDN controller » Not used by the GRE tunnels, that is configured using configuration parameters. 27
Preparation - Setup network offerings » Connectivity is key » Services define where and how SDN is used in the offering 28
SDN in CloudStack - how does it work » Preparing a SDN solution for use requires some configuration work up front » Using the SDN solution is as straight forward as any networking in CloudStack 29
Usage - Creating a new network » The role of Network Gurus – each guru supports a specific type of network – select based on a number of criteria, of which isolation type is only one » Selected guru is stored in the database for this particular network. 30
Usage - Creating a new network » The role of Network Elements – triggered when ever a new NIC is attached to a network – configure devices like firewall, routers, etc.. » Elements are selected based on the network offering used to create the network. 31
Usage - My first VM » Multiple actions happen at the same time – network elements – hypervisor resources » The NIC is the linking pin between a VM and the SDN implementation » The hypervisor sets flags to allow the VIF to be found » The network element tells the SDN solution what to look for » Not a generic way of doing things, depends on the SDN in use. 32
Usage - Ready 33
Thats all there is to it » http://apache.cloudstack.org » http://www.nicira.com » http://www.bigswitch.com » http://www.midokura.com » http://www.iij.ad.jp/en/ – Email: htrippaers@schubergphilis.com – Twitter: @Spark404 – IRC Freenode: Spark404 34

Recommandé

SDN in CloudStack
SDN in CloudStackSDN in CloudStack
SDN in CloudStack
buildacloud
 
CloudStack NVP Integration - BACD
CloudStack NVP Integration - BACDCloudStack NVP Integration - BACD
CloudStack NVP Integration - BACD
Hugo Trippaers
 
Networking is the barrier to Cloud
Networking is the barrier to CloudNetworking is the barrier to Cloud
Networking is the barrier to Cloud
Somik Behera
 
Agile Networking with OpenStack
Agile Networking with OpenStack Agile Networking with OpenStack
Agile Networking with OpenStack
openstackcisco
 
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
OpenStack Korea Community
 
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions - Cisco Live! US ...
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions - Cisco Live! US ...BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions - Cisco Live! US ...
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions - Cisco Live! US ...
Rohit Agarwalla
 
Introduction to SDN
Introduction to SDNIntroduction to SDN
Introduction to SDN
Muhammad Moinur Rahman
 
[OpenStack Day in Korea 2015] Track 3-6 - Archiectural Overview of the Open S...
[OpenStack Day in Korea 2015] Track 3-6 - Archiectural Overview of the Open S...[OpenStack Day in Korea 2015] Track 3-6 - Archiectural Overview of the Open S...
[OpenStack Day in Korea 2015] Track 3-6 - Archiectural Overview of the Open S...
OpenStack Korea Community
 

Recommandé

SDN in CloudStack
SDN in CloudStackSDN in CloudStack
SDN in CloudStack
buildacloud
 
CloudStack NVP Integration - BACD
CloudStack NVP Integration - BACDCloudStack NVP Integration - BACD
CloudStack NVP Integration - BACD
Hugo Trippaers
 
Networking is the barrier to Cloud
Networking is the barrier to CloudNetworking is the barrier to Cloud
Networking is the barrier to Cloud
Somik Behera
 
Agile Networking with OpenStack
Agile Networking with OpenStack Agile Networking with OpenStack
Agile Networking with OpenStack
openstackcisco
 
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
OpenStack Korea Community
 
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions - Cisco Live! US ...
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions - Cisco Live! US ...BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions - Cisco Live! US ...
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions - Cisco Live! US ...
Rohit Agarwalla
 
Introduction to SDN
Introduction to SDNIntroduction to SDN
Introduction to SDN
Muhammad Moinur Rahman
 
[OpenStack Day in Korea 2015] Track 3-6 - Archiectural Overview of the Open S...
[OpenStack Day in Korea 2015] Track 3-6 - Archiectural Overview of the Open S...[OpenStack Day in Korea 2015] Track 3-6 - Archiectural Overview of the Open S...
[OpenStack Day in Korea 2015] Track 3-6 - Archiectural Overview of the Open S...
OpenStack Korea Community
 
[OpenStack Day in Korea 2015] Track 3-4 - Software Defined Storage (SDS) and ...
[OpenStack Day in Korea 2015] Track 3-4 - Software Defined Storage (SDS) and ...[OpenStack Day in Korea 2015] Track 3-4 - Software Defined Storage (SDS) and ...
[OpenStack Day in Korea 2015] Track 3-4 - Software Defined Storage (SDS) and ...
OpenStack Korea Community
 
5 cisco open_stack
5 cisco open_stack5 cisco open_stack
5 cisco open_stack
openstackindia
 
Understanding and deploying Network Virtualization
Understanding and deploying Network VirtualizationUnderstanding and deploying Network Virtualization
Understanding and deploying Network Virtualization
SDN Hub
 
Cloudstack networking2
Cloudstack networking2Cloudstack networking2
Cloudstack networking2
Hiroaki Kawai
 
PSOCLD-1006 Cisco Cloud Architectures on OpenStack - Cisco Live! US 2015 San ...
PSOCLD-1006 Cisco Cloud Architectures on OpenStack - Cisco Live! US 2015 San ...PSOCLD-1006 Cisco Cloud Architectures on OpenStack - Cisco Live! US 2015 San ...
PSOCLD-1006 Cisco Cloud Architectures on OpenStack - Cisco Live! US 2015 San ...
Rohit Agarwalla
 
Deploying OpenStack with Cisco Networking, Compute and Storage
Deploying OpenStack with Cisco Networking, Compute and StorageDeploying OpenStack with Cisco Networking, Compute and Storage
Deploying OpenStack with Cisco Networking, Compute and Storage
Lora O'Haver
 
BRKDCT-2445
BRKDCT-2445BRKDCT-2445
BRKDCT-2445
Rohit Agarwalla
 
Agile OpenStack Networking with Cisco Solutions
Agile OpenStack Networking with Cisco SolutionsAgile OpenStack Networking with Cisco Solutions
Agile OpenStack Networking with Cisco Solutions
Cisco DevNet
 
Network Virtualization Architectural & Technological aspects
Network Virtualization Architectural & Technological aspectsNetwork Virtualization Architectural & Technological aspects
Network Virtualization Architectural & Technological aspects
deshpandeamrut
 
From Nova-Network to Neutron and Beyond: A Look at OpenStack Networking
From Nova-Network to Neutron and Beyond: A Look at OpenStack NetworkingFrom Nova-Network to Neutron and Beyond: A Look at OpenStack Networking
From Nova-Network to Neutron and Beyond: A Look at OpenStack Networking
Cynthia Thomas
 
NSX, API, Automation and Unicorns
NSX, API, Automation and UnicornsNSX, API, Automation and Unicorns
NSX, API, Automation and Unicorns
Romain DECKER
 
Multisite OpenStack for NFV: Bridging the Gap
Multisite OpenStack for NFV: Bridging the GapMultisite OpenStack for NFV: Bridging the Gap
Multisite OpenStack for NFV: Bridging the Gap
Dimitri Mazmanov
 
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions-Cisco Live! US 20...
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions-Cisco Live! US 20...BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions-Cisco Live! US 20...
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions-Cisco Live! US 20...
Rohit Agarwalla
 
MidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a BoostMidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a Boost
OpenStack_Online
 
Mastering OpenStack - Episode 15 - Network Design
Mastering OpenStack - Episode 15 - Network DesignMastering OpenStack - Episode 15 - Network Design
Mastering OpenStack - Episode 15 - Network Design
Roozbeh Shafiee
 
[OpenStack 하반기 스터디] HA using DVR
[OpenStack 하반기 스터디] HA using DVR[OpenStack 하반기 스터디] HA using DVR
[OpenStack 하반기 스터디] HA using DVR
OpenStack Korea Community
 
OpenStack Ottawa Meetup - October 2018
OpenStack Ottawa Meetup - October 2018OpenStack Ottawa Meetup - October 2018
OpenStack Ottawa Meetup - October 2018
Stacy Véronneau
 
Contrail Basics
Contrail BasicsContrail Basics
Contrail Basics
Kimberly Macias
 
BRKSDN-2115
BRKSDN-2115 BRKSDN-2115
BRKSDN-2115
Rohit Agarwalla
 
SDN, Network Virtualization and the Software Defined Data Center – Brad Hedlund
SDN, Network Virtualization and the Software Defined Data Center – Brad HedlundSDN, Network Virtualization and the Software Defined Data Center – Brad Hedlund
SDN, Network Virtualization and the Software Defined Data Center – Brad Hedlund
Chef Software, Inc.
 
Open stack networking_101_update_2014
Open stack networking_101_update_2014Open stack networking_101_update_2014
Open stack networking_101_update_2014
yfauser
 
Open stack networking_101_update_2014-os-meetups
Open stack networking_101_update_2014-os-meetupsOpen stack networking_101_update_2014-os-meetups
Open stack networking_101_update_2014-os-meetups
yfauser
 

Contenu connexe

Tendances

Cloudstack networking2
Cloudstack networking2Cloudstack networking2
Cloudstack networking2
Hiroaki Kawai
 
PSOCLD-1006 Cisco Cloud Architectures on OpenStack - Cisco Live! US 2015 San ...
PSOCLD-1006 Cisco Cloud Architectures on OpenStack - Cisco Live! US 2015 San ...PSOCLD-1006 Cisco Cloud Architectures on OpenStack - Cisco Live! US 2015 San ...
PSOCLD-1006 Cisco Cloud Architectures on OpenStack - Cisco Live! US 2015 San ...
Rohit Agarwalla
 
BRKDCT-2445
BRKDCT-2445BRKDCT-2445
BRKDCT-2445
Rohit Agarwalla
 
Agile OpenStack Networking with Cisco Solutions
Agile OpenStack Networking with Cisco SolutionsAgile OpenStack Networking with Cisco Solutions
Agile OpenStack Networking with Cisco Solutions
Cisco DevNet
 
Multisite OpenStack for NFV: Bridging the Gap
Multisite OpenStack for NFV: Bridging the GapMultisite OpenStack for NFV: Bridging the Gap
Multisite OpenStack for NFV: Bridging the Gap
Dimitri Mazmanov
 
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions-Cisco Live! US 20...
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions-Cisco Live! US 20...BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions-Cisco Live! US 20...
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions-Cisco Live! US 20...
Rohit Agarwalla
 
BRKSDN-2115
BRKSDN-2115 BRKSDN-2115
BRKSDN-2115
Rohit Agarwalla
 
SDN, Network Virtualization and the Software Defined Data Center – Brad Hedlund
SDN, Network Virtualization and the Software Defined Data Center – Brad HedlundSDN, Network Virtualization and the Software Defined Data Center – Brad Hedlund
SDN, Network Virtualization and the Software Defined Data Center – Brad Hedlund
Chef Software, Inc.
 

Tendances (20)

[OpenStack Day in Korea 2015] Track 3-4 - Software Defined Storage (SDS) and ...
[OpenStack Day in Korea 2015] Track 3-4 - Software Defined Storage (SDS) and ...[OpenStack Day in Korea 2015] Track 3-4 - Software Defined Storage (SDS) and ...
[OpenStack Day in Korea 2015] Track 3-4 - Software Defined Storage (SDS) and ...
 
5 cisco open_stack
5 cisco open_stack5 cisco open_stack
5 cisco open_stack
 
Understanding and deploying Network Virtualization
Understanding and deploying Network VirtualizationUnderstanding and deploying Network Virtualization
Understanding and deploying Network Virtualization
 
Cloudstack networking2
Cloudstack networking2Cloudstack networking2
Cloudstack networking2
 
PSOCLD-1006 Cisco Cloud Architectures on OpenStack - Cisco Live! US 2015 San ...
PSOCLD-1006 Cisco Cloud Architectures on OpenStack - Cisco Live! US 2015 San ...PSOCLD-1006 Cisco Cloud Architectures on OpenStack - Cisco Live! US 2015 San ...
PSOCLD-1006 Cisco Cloud Architectures on OpenStack - Cisco Live! US 2015 San ...
 
Deploying OpenStack with Cisco Networking, Compute and Storage
Deploying OpenStack with Cisco Networking, Compute and StorageDeploying OpenStack with Cisco Networking, Compute and Storage
Deploying OpenStack with Cisco Networking, Compute and Storage
 
BRKDCT-2445
BRKDCT-2445BRKDCT-2445
BRKDCT-2445
 
Agile OpenStack Networking with Cisco Solutions
Agile OpenStack Networking with Cisco SolutionsAgile OpenStack Networking with Cisco Solutions
Agile OpenStack Networking with Cisco Solutions
 
Network Virtualization Architectural & Technological aspects
Network Virtualization Architectural & Technological aspectsNetwork Virtualization Architectural & Technological aspects
Network Virtualization Architectural & Technological aspects
 
From Nova-Network to Neutron and Beyond: A Look at OpenStack Networking
From Nova-Network to Neutron and Beyond: A Look at OpenStack NetworkingFrom Nova-Network to Neutron and Beyond: A Look at OpenStack Networking
From Nova-Network to Neutron and Beyond: A Look at OpenStack Networking
 
NSX, API, Automation and Unicorns
NSX, API, Automation and UnicornsNSX, API, Automation and Unicorns
NSX, API, Automation and Unicorns
 
Multisite OpenStack for NFV: Bridging the Gap
Multisite OpenStack for NFV: Bridging the GapMultisite OpenStack for NFV: Bridging the Gap
Multisite OpenStack for NFV: Bridging the Gap
 
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions-Cisco Live! US 20...
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions-Cisco Live! US 20...BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions-Cisco Live! US 20...
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions-Cisco Live! US 20...
 
MidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a BoostMidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a Boost
 
Mastering OpenStack - Episode 15 - Network Design
Mastering OpenStack - Episode 15 - Network DesignMastering OpenStack - Episode 15 - Network Design
Mastering OpenStack - Episode 15 - Network Design
 
[OpenStack 하반기 스터디] HA using DVR
[OpenStack 하반기 스터디] HA using DVR[OpenStack 하반기 스터디] HA using DVR
[OpenStack 하반기 스터디] HA using DVR
 
OpenStack Ottawa Meetup - October 2018
OpenStack Ottawa Meetup - October 2018OpenStack Ottawa Meetup - October 2018
OpenStack Ottawa Meetup - October 2018
 
Contrail Basics
Contrail BasicsContrail Basics
Contrail Basics
 
BRKSDN-2115
BRKSDN-2115 BRKSDN-2115
BRKSDN-2115
 
SDN, Network Virtualization and the Software Defined Data Center – Brad Hedlund
SDN, Network Virtualization and the Software Defined Data Center – Brad HedlundSDN, Network Virtualization and the Software Defined Data Center – Brad Hedlund
SDN, Network Virtualization and the Software Defined Data Center – Brad Hedlund
 

Similaire à SDN in CloudStack

Network Virtualization for Cloud Services Infrastructure
Network Virtualization for Cloud Services InfrastructureNetwork Virtualization for Cloud Services Infrastructure
Network Virtualization for Cloud Services Infrastructure
Shahryar Ali
 
VIO30 Technical Overview
VIO30 Technical OverviewVIO30 Technical Overview
VIO30 Technical Overview
Julienne Pham
 
PLNOG 13: Nicolai van der Smagt: SDN
PLNOG 13: Nicolai van der Smagt: SDNPLNOG 13: Nicolai van der Smagt: SDN
PLNOG 13: Nicolai van der Smagt: SDN
PROIDEA
 

Similaire à SDN in CloudStack (20)

Open stack networking_101_update_2014
Open stack networking_101_update_2014Open stack networking_101_update_2014
Open stack networking_101_update_2014
 
Open stack networking_101_update_2014-os-meetups
Open stack networking_101_update_2014-os-meetupsOpen stack networking_101_update_2014-os-meetups
Open stack networking_101_update_2014-os-meetups
 
Nova net-or-neutron-atlanta2014.pptx
Nova net-or-neutron-atlanta2014.pptxNova net-or-neutron-atlanta2014.pptx
Nova net-or-neutron-atlanta2014.pptx
 
DevOops - Lessons Learned from an OpenStack Network Architect
DevOops - Lessons Learned from an OpenStack Network ArchitectDevOops - Lessons Learned from an OpenStack Network Architect
DevOops - Lessons Learned from an OpenStack Network Architect
 
Network Virtualization for Cloud Services Infrastructure
Network Virtualization for Cloud Services InfrastructureNetwork Virtualization for Cloud Services Infrastructure
Network Virtualization for Cloud Services Infrastructure
 
Network Virtualization
Network VirtualizationNetwork Virtualization
Network Virtualization
 
Navigating OpenStack Networking
Navigating OpenStack NetworkingNavigating OpenStack Networking
Navigating OpenStack Networking
 
VMWare: Nova and NVP Support - Gary Kotton and Dimitri Desmidt
VMWare: Nova and NVP Support - Gary Kotton and Dimitri DesmidtVMWare: Nova and NVP Support - Gary Kotton and Dimitri Desmidt
VMWare: Nova and NVP Support - Gary Kotton and Dimitri Desmidt
 
Quantum - Virtual networks for Openstack
Quantum - Virtual networks for OpenstackQuantum - Virtual networks for Openstack
Quantum - Virtual networks for Openstack
 
VIO30 Technical Overview
VIO30 Technical OverviewVIO30 Technical Overview
VIO30 Technical Overview
 
Neutron DVR
Neutron DVRNeutron DVR
Neutron DVR
 
Open Networking for Your OpenStack
Open Networking for Your OpenStackOpen Networking for Your OpenStack
Open Networking for Your OpenStack
 
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack NetworkingONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
 
IaaS with Software Defined Networking
IaaS with Software Defined NetworkingIaaS with Software Defined Networking
IaaS with Software Defined Networking
 
Private cloud networking_cloudstack_days_austin
Private cloud networking_cloudstack_days_austinPrivate cloud networking_cloudstack_days_austin
Private cloud networking_cloudstack_days_austin
 
Improving performance and efficiency with Network Virtualization Overlays
Improving performance and efficiency with Network Virtualization OverlaysImproving performance and efficiency with Network Virtualization Overlays
Improving performance and efficiency with Network Virtualization Overlays
 
NCS: NEtwork Control System Hands-on Labs
NCS: NEtwork Control System Hands-on Labs NCS: NEtwork Control System Hands-on Labs
NCS: NEtwork Control System Hands-on Labs
 
NSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
NSX: La Virtualizzazione di Rete e il Futuro della SicurezzaNSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
NSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
 
PLNOG 13: Nicolai van der Smagt: SDN
PLNOG 13: Nicolai van der Smagt: SDNPLNOG 13: Nicolai van der Smagt: SDN
PLNOG 13: Nicolai van der Smagt: SDN
 
Opencontrail network virtualization
Opencontrail network virtualizationOpencontrail network virtualization
Opencontrail network virtualization
 

Dernier

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Dernier (20)

Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 

SDN in CloudStack

  • 2. About me » Hugo Trippaers – Email: htrippaers@schubergphilis.com – Twitter: @Spark404 – Freenode: Spark404 – http://www.schubergphilis.com »
  • 3. CloudStack networking - the five minute version » CloudStack networking – Basic, isolation using security groups (L3) – Advanced, isolation using network isolation (L2) » SDN was introduced to create isolated networks in Advanced zones » By now it can do much more... (Routing, Firewall, NAT) 3
  • 4. Isolation with VLAN 4 CloudStack takes care off the configuration of hypervisor switches. Whotakescareofthenetworkinggear?
  • 5. Isolation with VLAN 5 CloudStack takes care off the configuration of hypervisor switches. Whotakescareofthenetworkinggear? He does...
  • 6. Isolation with Software Defined Networking 6 Whotakescareofthenetworkinggear? CloudStack takes care off the configuration of hypervisor switches and L2 networking.
  • 7. Isolation with Software Defined Networking 7 Whotakescareofthenetworkinggear? CloudStack takes care off the configuration of hypervisor switches and L2 networking.
  • 8. Software defined networking - core concepts » Decouples the control plane (what data is going where) from the data plane (how to get data there) » Makes network management easier by abstracting low-level functionality into virtual services. – Independent of hardware and/or vendor » Provides a Northbound API – Allows administrators to use automated tooling to provision services » Scale? 8
  • 9. Software Defined Networking - advanced » Where can we go if we have a software based network infrastructure. – Distributed routing? – Integrated security framework? – Application controlled networking? » Endless possibilities, it’s all software anyway 9
  • 10. SDN in CloudStack » Whereisit? 10
  • 11. SDN in CloudStack » Whereisit? 11 Implemented in the core of CloudStack. “Movable parts”configured per plugin. Controlled by existing offering model.
  • 12. SDN implementations 12 Isolation DHCP Firewall NAT Security Groups VPC GRE isolation Pre ACS - - - - -
  • 13. SDN implementations - GRE isolation » Uses the existing implementation of OpenVSwitch in XenServer and XCP – Uses the OpenVSwitch GRE tunnels to“link”OpenVSwitch bridges between hypervisors – Entirely controlled by CloudStack » Pros – Doesn’t require external components » Cons – Bandwidth is limited due to lack of offloading – Large deployments require a lot of tunnels – Limited set of hypervisors supported (XenServer) 13
  • 14. SDN implementations 14 Isolation DHCP Firewall NAT Security Groups VPC GRE isolation Pre ACS - - - - - Nicira NVP >= 4.0 - - - - -
  • 15. SDN implementations - Nicira NVP » A commercial SDN solution developed by Nicira. Uses both OpenVSwitch and OpenFlow to build overlay tunnels on an existing network. » Pros – STT tunnel protocol is optimized for high-bandwidth – Includes a gateway to link existing L3 or L2 networks to the virtual switch » Cons – Requires custom OpenVSwitch on hypervisors. 15
  • 16. SDN Implementations 16 Isolation DHCP Firewall NAT Security Groups VPC GRE isolation Pre ACS - - - - - Nicira NVP >= 4.0 - >= 4.1 >= 4.1 - >= 4.1 Big Switch VNS >= 4.1 - - - - -
  • 17. SDN implementations - Nicira NVP (>= ACS 4.1) » Nicira NVP plugin is updated to support L3 functionality. With this functionality the existing VRouter can be replaced with a SDN based construct. » Several changes have been made to the VPC setup to support SDN based networks in VPCs. 17
  • 18. SDN implementations - BigSwitch VNS » The Big Switch Networks plugin is a CloudStack SDN plugin using the BigSwitch VNS platform. While BigSwitch VNS is a commercial solution, it is completely based on open standards like OpenFlow » Pros – Uses open standards » Cons – Requires hypervisors and switches to support OpenFlow 18
  • 19. SDN Implementations 19 Isolation DHCP Firewall NAT Security Groups VPC GRE isolation Pre ACS - - - - - Nicira NVP >= 4.0 - >= 4.1 >= 4.1 - >= 4.1 Big Switch VNS >= 4.1 - - - - - Midokura Midonet master master master master - master Stratosphere SSP review - - - - - VXLAN announced
  • 20. SDN implementations - Midokura Midonet » Midokura Midonet is implemented as a CloudStack plugin. It offers a complete set of advanced features like DHCP, L3 Routing and various NAT options. » Pros – Complete solution for building standard networks including L3 functions. » Cons – Can only be used with the KVM hypervisor. 20
  • 21. SDN implementations - Stratosphere » Stratosphre SSP is an SDN controller that controls or brokers physical and or virtual network devices. Stratosphere SSP will build a vxlan backed overlay network. The plugin makes L2 connectivity service provided by SSP. » Not much information available yet. 21
  • 22. SDN implementations - VXLAN » Today at CCC 2013 by Toshiaki Hatano. » Not much information available yet, be sure to catch the recording of the talk of this morning. 22
  • 23. SDN Implementations 23 Isolation DHCP Firewall NAT Security Groups VPC GRE isolation Pre ACS - - - - - Nicira NVP >= 4.0 - >= 4.1 >= 4.1 - >= 4.1 Big Switch VNS >= 4.1 - - - - - Midokura Midonet master master master master - master Stratosphere SSP review - - - - - VXLAN announced
  • 24. SDN implementations - next steps? » Support for VPC – Including private gateways » Common configuration and setup » Security » Configurable on-ramp/off-ramp » IPv6 24
  • 25. SDN in CloudStack - how does it work » Preparing a SDN solution for use requires some configuration work up front 25
  • 26. Preparation - Configure physical network » The physical network defines the type of L2 isolation used. 26
  • 27. Preparation - Setup Providers » The provider is the place to configure the SDN controller » Not used by the GRE tunnels, that is configured using configuration parameters. 27
  • 28. Preparation - Setup network offerings » Connectivity is key » Services define where and how SDN is used in the offering 28
  • 29. SDN in CloudStack - how does it work » Preparing a SDN solution for use requires some configuration work up front » Using the SDN solution is as straight forward as any networking in CloudStack 29
  • 30. Usage - Creating a new network » The role of Network Gurus – each guru supports a specific type of network – select based on a number of criteria, of which isolation type is only one » Selected guru is stored in the database for this particular network. 30
  • 31. Usage - Creating a new network » The role of Network Elements – triggered when ever a new NIC is attached to a network – configure devices like firewall, routers, etc.. » Elements are selected based on the network offering used to create the network. 31
  • 32. Usage - My first VM » Multiple actions happen at the same time – network elements – hypervisor resources » The NIC is the linking pin between a VM and the SDN implementation » The hypervisor sets flags to allow the VIF to be found » The network element tells the SDN solution what to look for » Not a generic way of doing things, depends on the SDN in use. 32
  • 34. Thats all there is to it » http://apache.cloudstack.org » http://www.nicira.com » http://www.bigswitch.com » http://www.midokura.com » http://www.iij.ad.jp/en/ – Email: htrippaers@schubergphilis.com – Twitter: @Spark404 – IRC Freenode: Spark404 34