OVN: Scaleable Virtual Networking for Open vSwitch

M
mestery
OVN: Scaleable Virtual Networking for Open vSwitch Kyle Mestery (@mestery) Justin Pettit (@Justin_D_Pettit)
The Case for Network Virtualization • Network provisioning needs to be self-service. • Virtual networking needs to be abstracted from physical. • Virtual networking needs same features as physical. Legacy Physical Network HV1 HV2 Cloud Physical Network
What is OVN? • ✓ ✓ ✓ ✓ ✓ ✓ ✓ • ✓ ✓ ✓ • ✓ ✓ ✓
• • • • The Particulars
Goals
How is OVN Different?
…
Architecture • Configuration coordinated through databases • Logical flows, don’t worry about physical topology • Local controller converts logical flow state into physical flow state • Desired state clearly separated from run-time state • Based on the architecture we wanted from seeing a number of others using OVS
Data Plane Scale
Common Approach to Security Groups • OpenFlow • Not truly stateful • Possibly bad performance • OpenStack • Required extra linux bridge and veth pair per VM • Uses iptables
OVN Security Groups Design ● Uses kernel conntrack module directly from OVS ● Design benefits ○ No complicated pipeline ○ Faster* -- Fewer hops and veth ports OVS bridge VM VM eth eth tap tap * http://blog.russellbryant.net/2015/10/22/openstack-security-groups-using-ovn-acls/
Security Group Throughput
Common Approach to L3 • Agent-based • Use the Linux IP stack and iptables • Forwarding • NAT • Overlapping IP address support using namespaces
Example OpenStack L3
OVN L3 Design • Native support for IPv4 and IPv6 • Distributed • ARP/ND suppression • Flow caching improves performance • Without OVN: multiple per-packet routing layers • With OVN: cache sets dest mac, decrements TTL • No CMS-specific L3 agent
Control Plane Scale
Scale Test Framework • • • • • • • • ☺ • … …
Current Scale (Pure OVN) • • • • • • •
Scale Improvements - Ongoing • • • • • • •
Deployment
Deployment made easy ● No additional daemons to install on hypervisors beyond what comes with OVS ● Minimal host-level configuration ● Rolling upgrades
• OVSDB schema is versioned • Changes to schema will be carefully managed to be backwards compatible • Allows rolling upgrades • Update databases first • Roll through upgrades to ovn-controller • Same strategy OVS itself has been using Rolling Upgrades
Continuously Delivering OVN
Why Continuous Delivery of OVN? ● 90+ active developers working on OVS/OVN ● Hundreds to thousands of lines of code added daily - travis-ci jobs running to test this ● At large scale, automated testing is a given ● Delivering upstream fast means developers can work upstream, reducing technical debt
Continuous Delivery of OVS/OVN
What About Delivering Releases?
One Way To Continuously Deliver ● Align with OpenStack CI/CD ○ Same tools upstream ■ Zuul (Pipeline management) ■ Nodepool (resource management) ■ Gerrit (code review) ○ Build our own packages ● Ability to carry local patches ○ Needed for security patches ○ Also for bugs and features not landed upstream yet
Status
Neutron Integration Status • •
OVN vs. OVS Python Agents
OpenStack Deployment Options ● Full devstack support ● Puppet OpenStack now supports OVN ● TripleO support posted for review ● Kolla support being planned
• Non-experimental for next OpenStack release (Newton) • Recently landed features: • L3 gateway with NAT and load-balancing support • IPv6 logical routing • Native DHCP service • Address Set for ACL/Security group • Kubernetes support Upcoming Release The “Microwave” Release
Future Work ● Better database clustering and HA ● Avoid complete recalculations with incremental computation ● Native DNS support ● Live migration support for ACLs ● Hitless upgrades
Resources • Architecture described in detail in ovn-architecture (5) • Available in the “master” and “branch-2.6” branches of the main OVS repo: – https://github.com/openvswitch/ovs – http://openvswitch.org/support/dist-docs/ • Neutron plugin: – https://git.openstack.org/openstack/networking-ovn.git • Neutron integration docs, including devstack instructions: – http://docs.openstack.org/developer/networking-ovn/ • Kubernetes plugin and documentation: – https://github.com/openvswitch/ovn-kubernetes • OVN scale test harness – https://github.com/openvswitch/ovn-scale-test.git
How you can help • Try it! Test it! Scale it! Report bugs! Write Code! • Core OVN is being developed on ovs-dev mailing list: – http://openvswitch.org/pipermail/dev/ – #openvswitch on Freenode • Neutron plugin for OVN is being developed here: – http://git.openstack.org/openstack/networking-ovn.git – openstack-dev mailing list – #openstack-neutron-ovn on Freenode
Thank you! Questions? Justin Pettit (@Justin_D_Pettit) Kyle Mestery (@mestery)
OVN: Scaleable Virtual Networking for Open vSwitch
1 sur 37

OVN: Scaleable Virtual Networking for Open vSwitch

Télécharger pour lire hors ligne
Technologie

A talk highlighting OVN, and how to continuously deploy OVN. Given by myself and Justin Pettit.

M
mestery

Recommandé

Ovn vancouver par
Ovn vancouverOvn vancouver
Ovn vancouverMason Mei
520 vues33 diapositives
Open Source Backends for OpenStack Neutron par
Open Source Backends for OpenStack NeutronOpen Source Backends for OpenStack Neutron
Open Source Backends for OpenStack Neutronmestery
6.1K vues26 diapositives
OpenStack Neutron: What's New In Kilo and a Look Toward Liberty par
OpenStack Neutron: What's New In Kilo and a Look Toward LibertyOpenStack Neutron: What's New In Kilo and a Look Toward Liberty
OpenStack Neutron: What's New In Kilo and a Look Toward Libertymestery
3.8K vues38 diapositives
The Open vSwitch and OVN Projects par
The Open vSwitch and OVN ProjectsThe Open vSwitch and OVN Projects
The Open vSwitch and OVN ProjectsLinuxCon ContainerCon CloudOpen China
768 vues23 diapositives
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ... par
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...Dave Neary
40.5K vues20 diapositives
Neutron behind the scenes par
Neutron behind the scenesNeutron behind the scenes
Neutron behind the scenesinbroker
1.3K vues20 diapositives

Contenu connexe

Tendances

OpenStack Tokyo Summit Keynote Slides par
OpenStack Tokyo Summit Keynote SlidesOpenStack Tokyo Summit Keynote Slides
OpenStack Tokyo Summit Keynote Slidesmestery
350 vues17 diapositives
Open daylight and Openstack par
Open daylight and OpenstackOpen daylight and Openstack
Open daylight and OpenstackDave Neary
4.3K vues47 diapositives
OpenDaylight OpenStack Integration par
OpenDaylight OpenStack IntegrationOpenDaylight OpenStack Integration
OpenDaylight OpenStack IntegrationLinuxCon ContainerCon CloudOpen China
1.4K vues18 diapositives
OpenStack Neutron Liberty Updates par
OpenStack Neutron Liberty UpdatesOpenStack Neutron Liberty Updates
OpenStack Neutron Liberty Updatesmestery
2.9K vues19 diapositives
Inside Architecture of Neutron par
Inside Architecture of NeutronInside Architecture of Neutron
Inside Architecture of Neutronmarkmcclain
27K vues40 diapositives
Quantum - Virtual networks for Openstack par
Quantum - Virtual networks for OpenstackQuantum - Virtual networks for Openstack
Quantum - Virtual networks for Openstacksalv_orlando
6K vues43 diapositives

Tendances(20)

OpenStack Tokyo Summit Keynote Slides par mestery
OpenStack Tokyo Summit Keynote SlidesOpenStack Tokyo Summit Keynote Slides
OpenStack Tokyo Summit Keynote Slides
mestery350 vues
Open daylight and Openstack par Dave Neary
Open daylight and OpenstackOpen daylight and Openstack
Open daylight and Openstack
Dave Neary4.3K vues
OpenDaylight OpenStack Integration par LinuxCon ContainerCon CloudOpen China
OpenDaylight OpenStack IntegrationOpenDaylight OpenStack Integration
OpenDaylight OpenStack Integration
LinuxCon ContainerCon CloudOpen China1.4K vues
OpenStack Neutron Liberty Updates par mestery
OpenStack Neutron Liberty UpdatesOpenStack Neutron Liberty Updates
OpenStack Neutron Liberty Updates
mestery2.9K vues
Inside Architecture of Neutron par markmcclain
Inside Architecture of NeutronInside Architecture of Neutron
Inside Architecture of Neutron
markmcclain27K vues
Quantum - Virtual networks for Openstack par salv_orlando
Quantum - Virtual networks for OpenstackQuantum - Virtual networks for Openstack
Quantum - Virtual networks for Openstack
salv_orlando6K vues
Meetup 23 - 02 - OVN - The future of networking in OpenStack par Vietnam Open Infrastructure User Group
Meetup 23 - 02 - OVN - The future of networking in OpenStackMeetup 23 - 02 - OVN - The future of networking in OpenStack
Meetup 23 - 02 - OVN - The future of networking in OpenStack
Vietnam Open Infrastructure User Group1.8K vues
Openstack Basic with Neutron par KwonSun Bae
Openstack Basic with NeutronOpenstack Basic with Neutron
Openstack Basic with Neutron
KwonSun Bae10.6K vues
OpenStack Neutron 201 1hr par David Lenwell
OpenStack Neutron 201 1hr OpenStack Neutron 201 1hr
OpenStack Neutron 201 1hr
David Lenwell1.1K vues
OpenStack networking (Neutron) par CREATE-NET
OpenStack networking (Neutron) OpenStack networking (Neutron)
OpenStack networking (Neutron)
CREATE-NET2.3K vues
Introduction to Openstack Network par salv_orlando
Introduction to Openstack NetworkIntroduction to Openstack Network
Introduction to Openstack Network
salv_orlando2.1K vues
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration par James Denton
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
James Denton7.9K vues
OpenStack Neutron Advanced Services by Akanda par Sean Roberts
OpenStack Neutron Advanced Services by AkandaOpenStack Neutron Advanced Services by Akanda
OpenStack Neutron Advanced Services by Akanda
Sean Roberts614 vues
Improving Network Application Performance using Load Aware Libeventdev par Michelle Holley
Improving Network Application Performance using Load Aware LibeventdevImproving Network Application Performance using Load Aware Libeventdev
Improving Network Application Performance using Load Aware Libeventdev
Michelle Holley1.1K vues
OpenStack Neutron behind the Scenes par Anil Bidari ( CEO , Cloud Enabled)
OpenStack Neutron behind the ScenesOpenStack Neutron behind the Scenes
OpenStack Neutron behind the Scenes
Anil Bidari ( CEO , Cloud Enabled)1.6K vues
Open stack networking_101_update_2014 par yfauser
Open stack networking_101_update_2014Open stack networking_101_update_2014
Open stack networking_101_update_2014
yfauser5.2K vues
Linux Tag 2014 OpenStack Networking par yfauser
Linux Tag 2014 OpenStack NetworkingLinux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack Networking
yfauser2.1K vues
How to write a Neutron Plugin - if you really need to par salv_orlando
How to write a Neutron Plugin - if you really need toHow to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need to
salv_orlando32.1K vues
Neutron high availability open stack architecture openstack israel event 2015 par Arthur Berezin
Neutron high availability open stack architecture openstack israel event 2015Neutron high availability open stack architecture openstack israel event 2015
Neutron high availability open stack architecture openstack israel event 2015
Arthur Berezin7.7K vues
Whats new in neutron for open stack havana par Kamesh Pemmaraju
Whats new in neutron for open stack havanaWhats new in neutron for open stack havana
Whats new in neutron for open stack havana
Kamesh Pemmaraju7.8K vues

Similaire à OVN: Scaleable Virtual Networking for Open vSwitch

ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking par
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack NetworkingONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networkingmarkmcclain
1.2K vues69 diapositives
Kubernetes at NU.nl (Kubernetes meetup 2019-09-05) par
Kubernetes at NU.nl (Kubernetes meetup 2019-09-05)Kubernetes at NU.nl (Kubernetes meetup 2019-09-05)
Kubernetes at NU.nl (Kubernetes meetup 2019-09-05)Tibo Beijen
148 vues94 diapositives
Operators experience and perspective on SDN with VLANs and L3 Networks par
Operators experience and perspective on SDN with VLANs and L3 NetworksOperators experience and perspective on SDN with VLANs and L3 Networks
Operators experience and perspective on SDN with VLANs and L3 NetworksJakub Pavlik
732 vues27 diapositives
Open stack Architecture and Use Cases par
Open stack Architecture and Use CasesOpen stack Architecture and Use Cases
Open stack Architecture and Use CasesAhmad Tfaily
226 vues87 diapositives
OpenStack Architecture and Use Cases par
OpenStack Architecture and Use CasesOpenStack Architecture and Use Cases
OpenStack Architecture and Use CasesJalal Mostafa
7.3K vues87 diapositives
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107... par
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...Công TÔ
394 vues70 diapositives

Similaire à OVN: Scaleable Virtual Networking for Open vSwitch(20)

ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking par markmcclain
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack NetworkingONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
markmcclain1.2K vues
Kubernetes at NU.nl (Kubernetes meetup 2019-09-05) par Tibo Beijen
Kubernetes at NU.nl (Kubernetes meetup 2019-09-05)Kubernetes at NU.nl (Kubernetes meetup 2019-09-05)
Kubernetes at NU.nl (Kubernetes meetup 2019-09-05)
Tibo Beijen148 vues
Operators experience and perspective on SDN with VLANs and L3 Networks par Jakub Pavlik
Operators experience and perspective on SDN with VLANs and L3 NetworksOperators experience and perspective on SDN with VLANs and L3 Networks
Operators experience and perspective on SDN with VLANs and L3 Networks
Jakub Pavlik732 vues
Open stack Architecture and Use Cases par Ahmad Tfaily
Open stack Architecture and Use CasesOpen stack Architecture and Use Cases
Open stack Architecture and Use Cases
Ahmad Tfaily226 vues
OpenStack Architecture and Use Cases par Jalal Mostafa
OpenStack Architecture and Use CasesOpenStack Architecture and Use Cases
OpenStack Architecture and Use Cases
Jalal Mostafa7.3K vues
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107... par Công TÔ
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
Công TÔ394 vues
La apuesta de Telefónica por la cloud privada par LibreCon
La apuesta de Telefónica por la cloud privadaLa apuesta de Telefónica por la cloud privada
La apuesta de Telefónica por la cloud privada
LibreCon604 vues
Unveiling CERN Cloud Architecture - October, 2015 par Belmiro Moreira
Unveiling CERN Cloud Architecture - October, 2015Unveiling CERN Cloud Architecture - October, 2015
Unveiling CERN Cloud Architecture - October, 2015
Belmiro Moreira866 vues
Workday's Next Generation Private Cloud par Silvano Buback
Workday's Next Generation Private CloudWorkday's Next Generation Private Cloud
Workday's Next Generation Private Cloud
Silvano Buback273 vues
Navigating OpenStack Networking par PLUMgrid
Navigating OpenStack NetworkingNavigating OpenStack Networking
Navigating OpenStack Networking
PLUMgrid965 vues
Latest (storage IO) patterns for cloud-native applications par OpenEBS
Latest (storage IO) patterns for cloud-native applications Latest (storage IO) patterns for cloud-native applications
Latest (storage IO) patterns for cloud-native applications
OpenEBS166 vues
StarlingX - Project Onboarding par Shuquan Huang
StarlingX - Project OnboardingStarlingX - Project Onboarding
StarlingX - Project Onboarding
Shuquan Huang470 vues
Virt july-2013-meetup par nvirters
Virt july-2013-meetupVirt july-2013-meetup
Virt july-2013-meetup
nvirters3K vues
OpenStack and OpenDaylight Workshop: ONUG Spring 2014 par mestery
OpenStack and OpenDaylight Workshop: ONUG Spring 2014OpenStack and OpenDaylight Workshop: ONUG Spring 2014
OpenStack and OpenDaylight Workshop: ONUG Spring 2014
mestery13.6K vues
TripleO par Kiran Murari
TripleO TripleO
TripleO
Kiran Murari3.8K vues
Enable DPDK and SR-IOV for containerized virtual network functions with zun par heut2008
Enable DPDK and SR-IOV for containerized virtual network functions with zunEnable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zun
heut20082.5K vues
Nvp deep dive_session_cee-day par yfauser
Nvp deep dive_session_cee-dayNvp deep dive_session_cee-day
Nvp deep dive_session_cee-day
yfauser844 vues
Secure Your Containers: What Network Admins Should Know When Moving Into Prod... par Cynthia Thomas
Secure Your Containers: What Network Admins Should Know When Moving Into Prod...Secure Your Containers: What Network Admins Should Know When Moving Into Prod...
Secure Your Containers: What Network Admins Should Know When Moving Into Prod...
Cynthia Thomas1.6K vues
OpenStack - JobShop @Iași, 2016 par Alexandru Coman
OpenStack - JobShop @Iași, 2016OpenStack - JobShop @Iași, 2016
OpenStack - JobShop @Iași, 2016
Alexandru Coman329 vues
NaaS in OpenStack - CloudCamp Moscow par Ilya Alekseyev
NaaS in OpenStack - CloudCamp MoscowNaaS in OpenStack - CloudCamp Moscow
NaaS in OpenStack - CloudCamp Moscow
Ilya Alekseyev3.5K vues

Plus de mestery

OpenStack Neutron Tutorial par
OpenStack Neutron TutorialOpenStack Neutron Tutorial
OpenStack Neutron Tutorialmestery
19K vues76 diapositives
Group Based Policy: Open Source Policy in OpenDaylight and OpenStack Neutron par
Group Based Policy: Open Source Policy in OpenDaylight and OpenStack NeutronGroup Based Policy: Open Source Policy in OpenDaylight and OpenStack Neutron
Group Based Policy: Open Source Policy in OpenDaylight and OpenStack Neutronmestery
4K vues34 diapositives
OpenDaylight Integration with OpenStack Neutron: A Tutorial par
OpenDaylight Integration with OpenStack Neutron: A TutorialOpenDaylight Integration with OpenStack Neutron: A Tutorial
OpenDaylight Integration with OpenStack Neutron: A Tutorialmestery
20.5K vues21 diapositives
Next Generation Network Developer Skills par
Next Generation Network Developer SkillsNext Generation Network Developer Skills
Next Generation Network Developer Skillsmestery
11K vues43 diapositives
Modular Layer 2 In OpenStack Neutron par
Modular Layer 2 In OpenStack NeutronModular Layer 2 In OpenStack Neutron
Modular Layer 2 In OpenStack Neutronmestery
18.4K vues31 diapositives
LISP and NSH in Open vSwitch par
LISP and NSH in Open vSwitchLISP and NSH in Open vSwitch
LISP and NSH in Open vSwitchmestery
6.8K vues28 diapositives

Plus de mestery(11)

OpenStack Neutron Tutorial par mestery
OpenStack Neutron TutorialOpenStack Neutron Tutorial
OpenStack Neutron Tutorial
mestery19K vues
Group Based Policy: Open Source Policy in OpenDaylight and OpenStack Neutron par mestery
Group Based Policy: Open Source Policy in OpenDaylight and OpenStack NeutronGroup Based Policy: Open Source Policy in OpenDaylight and OpenStack Neutron
Group Based Policy: Open Source Policy in OpenDaylight and OpenStack Neutron
mestery4K vues
OpenDaylight Integration with OpenStack Neutron: A Tutorial par mestery
OpenDaylight Integration with OpenStack Neutron: A TutorialOpenDaylight Integration with OpenStack Neutron: A Tutorial
OpenDaylight Integration with OpenStack Neutron: A Tutorial
mestery20.5K vues
Next Generation Network Developer Skills par mestery
Next Generation Network Developer SkillsNext Generation Network Developer Skills
Next Generation Network Developer Skills
mestery11K vues
Modular Layer 2 In OpenStack Neutron par mestery
Modular Layer 2 In OpenStack NeutronModular Layer 2 In OpenStack Neutron
Modular Layer 2 In OpenStack Neutron
mestery18.4K vues
LISP and NSH in Open vSwitch par mestery
LISP and NSH in Open vSwitchLISP and NSH in Open vSwitch
LISP and NSH in Open vSwitch
mestery6.8K vues
vBrownBag OpenStack Networking Talk par mestery
vBrownBag OpenStack Networking TalkvBrownBag OpenStack Networking Talk
vBrownBag OpenStack Networking Talk
mestery2K vues
OpenStack: Why Is It Gaining So Much Traction? par mestery
OpenStack: Why Is It Gaining So Much Traction?OpenStack: Why Is It Gaining So Much Traction?
OpenStack: Why Is It Gaining So Much Traction?
mestery8.6K vues
Triangle OpenStack Meetup par mestery
Triangle OpenStack MeetupTriangle OpenStack Meetup
Triangle OpenStack Meetup
mestery1K vues
OpenStack Development Using devstack par mestery
OpenStack Development Using devstackOpenStack Development Using devstack
OpenStack Development Using devstack
mestery13.1K vues
Open Source Cloud, Virtualization and Deployment Technologies par mestery
Open Source Cloud, Virtualization and Deployment TechnologiesOpen Source Cloud, Virtualization and Deployment Technologies
Open Source Cloud, Virtualization and Deployment Technologies
mestery2.1K vues

Dernier

Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ... par
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...ShapeBlue
146 vues15 diapositives
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue par
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlueVNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlueShapeBlue
163 vues54 diapositives
2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue par
2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue
2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlueShapeBlue
103 vues23 diapositives
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti... par
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...ShapeBlue
98 vues29 diapositives
20231123_Camunda Meetup Vienna.pdf par
20231123_Camunda Meetup Vienna.pdf20231123_Camunda Meetup Vienna.pdf
20231123_Camunda Meetup Vienna.pdfPhactum Softwareentwicklung GmbH
50 vues73 diapositives
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N... par
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...James Anderson
156 vues32 diapositives

Dernier(20)

Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ... par ShapeBlue
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...
ShapeBlue146 vues
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue par ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlueVNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
ShapeBlue163 vues
2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue par ShapeBlue
2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue
2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue
ShapeBlue103 vues
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti... par ShapeBlue
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...
ShapeBlue98 vues
20231123_Camunda Meetup Vienna.pdf par Phactum Softwareentwicklung GmbH
20231123_Camunda Meetup Vienna.pdf20231123_Camunda Meetup Vienna.pdf
20231123_Camunda Meetup Vienna.pdf
Phactum Softwareentwicklung GmbH50 vues
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N... par James Anderson
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...
James Anderson156 vues
Migrating VMware Infra to KVM Using CloudStack - Nicolas Vazquez - ShapeBlue par ShapeBlue
Migrating VMware Infra to KVM Using CloudStack - Nicolas Vazquez - ShapeBlueMigrating VMware Infra to KVM Using CloudStack - Nicolas Vazquez - ShapeBlue
Migrating VMware Infra to KVM Using CloudStack - Nicolas Vazquez - ShapeBlue
ShapeBlue176 vues
Data Integrity for Banking and Financial Services par Precisely
Data Integrity for Banking and Financial ServicesData Integrity for Banking and Financial Services
Data Integrity for Banking and Financial Services
Precisely78 vues
CloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&T par ShapeBlue
CloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&TCloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&T
CloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&T
ShapeBlue112 vues
Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda... par ShapeBlue
Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...
Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...
ShapeBlue120 vues
Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava... par ShapeBlue
Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava...Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava...
Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava...
ShapeBlue101 vues
KVM Security Groups Under the Hood - Wido den Hollander - Your.Online par ShapeBlue
KVM Security Groups Under the Hood - Wido den Hollander - Your.OnlineKVM Security Groups Under the Hood - Wido den Hollander - Your.Online
KVM Security Groups Under the Hood - Wido den Hollander - Your.Online
ShapeBlue181 vues
Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O... par ShapeBlue
Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O...Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O...
Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O...
ShapeBlue88 vues
The Role of Patterns in the Era of Large Language Models par Yunyao Li
The Role of Patterns in the Era of Large Language ModelsThe Role of Patterns in the Era of Large Language Models
The Role of Patterns in the Era of Large Language Models
Yunyao Li80 vues
Keynote Talk: Open Source is Not Dead - Charles Schulz - Vates par ShapeBlue
Keynote Talk: Open Source is Not Dead - Charles Schulz - VatesKeynote Talk: Open Source is Not Dead - Charles Schulz - Vates
Keynote Talk: Open Source is Not Dead - Charles Schulz - Vates
ShapeBlue210 vues
DRBD Deep Dive - Philipp Reisner - LINBIT par ShapeBlue
DRBD Deep Dive - Philipp Reisner - LINBITDRBD Deep Dive - Philipp Reisner - LINBIT
DRBD Deep Dive - Philipp Reisner - LINBIT
ShapeBlue140 vues
Why and How CloudStack at weSystems - Stephan Bienek - weSystems par ShapeBlue
Why and How CloudStack at weSystems - Stephan Bienek - weSystemsWhy and How CloudStack at weSystems - Stephan Bienek - weSystems
Why and How CloudStack at weSystems - Stephan Bienek - weSystems
ShapeBlue197 vues
Kyo - Functional Scala 2023.pdf par Flavio W. Brasil
Kyo - Functional Scala 2023.pdfKyo - Functional Scala 2023.pdf
Kyo - Functional Scala 2023.pdf
Flavio W. Brasil449 vues
Uni Systems for Power Platform.pptx par Uni Systems S.M.S.A.
Uni Systems for Power Platform.pptxUni Systems for Power Platform.pptx
Uni Systems for Power Platform.pptx
Uni Systems S.M.S.A.61 vues
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P... par ShapeBlue
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...
ShapeBlue154 vues

OVN: Scaleable Virtual Networking for Open vSwitch

  • 1. OVN: Scaleable Virtual Networking for Open vSwitch Kyle Mestery (@mestery) Justin Pettit (@Justin_D_Pettit)
  • 2. The Case for Network Virtualization • Network provisioning needs to be self-service. • Virtual networking needs to be abstracted from physical. • Virtual networking needs same features as physical. Legacy Physical Network HV1 HV2 Cloud Physical Network
  • 6. How is OVN Different?
  • 7.
  • 8. Architecture • Configuration coordinated through databases • Logical flows, don’t worry about physical topology • Local controller converts logical flow state into physical flow state • Desired state clearly separated from run-time state • Based on the architecture we wanted from seeing a number of others using OVS
  • 10. Common Approach to Security Groups • OpenFlow • Not truly stateful • Possibly bad performance • OpenStack • Required extra linux bridge and veth pair per VM • Uses iptables
  • 11. OVN Security Groups Design ● Uses kernel conntrack module directly from OVS ● Design benefits ○ No complicated pipeline ○ Faster* -- Fewer hops and veth ports OVS bridge VM VM eth eth tap tap * http://blog.russellbryant.net/2015/10/22/openstack-security-groups-using-ovn-acls/
  • 13. Common Approach to L3 • Agent-based • Use the Linux IP stack and iptables • Forwarding • NAT • Overlapping IP address support using namespaces
  • 15. OVN L3 Design • Native support for IPv4 and IPv6 • Distributed • ARP/ND suppression • Flow caching improves performance • Without OVN: multiple per-packet routing layers • With OVN: cache sets dest mac, decrements TTL • No CMS-specific L3 agent
  • 18. Current Scale (Pure OVN) • • • • • • •
  • 19. Scale Improvements - Ongoing • • • • • • •
  • 21. Deployment made easy ● No additional daemons to install on hypervisors beyond what comes with OVS ● Minimal host-level configuration ● Rolling upgrades
  • 22. • OVSDB schema is versioned • Changes to schema will be carefully managed to be backwards compatible • Allows rolling upgrades • Update databases first • Roll through upgrades to ovn-controller • Same strategy OVS itself has been using Rolling Upgrades
  • 24. Why Continuous Delivery of OVN? ● 90+ active developers working on OVS/OVN ● Hundreds to thousands of lines of code added daily - travis-ci jobs running to test this ● At large scale, automated testing is a given ● Delivering upstream fast means developers can work upstream, reducing technical debt
  • 27. One Way To Continuously Deliver ● Align with OpenStack CI/CD ○ Same tools upstream ■ Zuul (Pipeline management) ■ Nodepool (resource management) ■ Gerrit (code review) ○ Build our own packages ● Ability to carry local patches ○ Needed for security patches ○ Also for bugs and features not landed upstream yet
  • 30. OVN vs. OVS Python Agents
  • 31. OpenStack Deployment Options ● Full devstack support ● Puppet OpenStack now supports OVN ● TripleO support posted for review ● Kolla support being planned
  • 32. • Non-experimental for next OpenStack release (Newton) • Recently landed features: • L3 gateway with NAT and load-balancing support • IPv6 logical routing • Native DHCP service • Address Set for ACL/Security group • Kubernetes support Upcoming Release The “Microwave” Release
  • 33. Future Work ● Better database clustering and HA ● Avoid complete recalculations with incremental computation ● Native DNS support ● Live migration support for ACLs ● Hitless upgrades
  • 34. Resources • Architecture described in detail in ovn-architecture (5) • Available in the “master” and “branch-2.6” branches of the main OVS repo: – https://github.com/openvswitch/ovs – http://openvswitch.org/support/dist-docs/ • Neutron plugin: – https://git.openstack.org/openstack/networking-ovn.git • Neutron integration docs, including devstack instructions: – http://docs.openstack.org/developer/networking-ovn/ • Kubernetes plugin and documentation: – https://github.com/openvswitch/ovn-kubernetes • OVN scale test harness – https://github.com/openvswitch/ovn-scale-test.git
  • 35. How you can help • Try it! Test it! Scale it! Report bugs! Write Code! • Core OVN is being developed on ovs-dev mailing list: – http://openvswitch.org/pipermail/dev/ – #openvswitch on Freenode • Neutron plugin for OVN is being developed here: – http://git.openstack.org/openstack/networking-ovn.git – openstack-dev mailing list – #openstack-neutron-ovn on Freenode
  • 36. Thank you! Questions? Justin Pettit (@Justin_D_Pettit) Kyle Mestery (@mestery)