networking, qos, liberty, mitaka and newton - livnat peer - openstack day israel 2016
TRANSCRIPT
![Page 1: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/1.jpg)
Networking QoS, Liberty, Mitaka and NewtonLivnat Peer, Senior Engineering Manager, Red Hat
June, 2016
![Page 2: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/2.jpg)
QoS
● No industry standard○ Multiple ways to express bandwidth guarantees
■ OVS - min, max■ Linux tc - rate, crate, burst, cburst
![Page 3: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/3.jpg)
The Noisy Neighbor Problem
add image
![Page 4: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/4.jpg)
Sprint in Red Hat’s TLV office - July 2015
![Page 5: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/5.jpg)
QoS Model
Network
QoSPolicy A
Rule 1Rule 2Rule 3….
QoSPolicy B
Rule 1Rule 2….
![Page 6: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/6.jpg)
QoS Model
Network
QoSPolicy A
Rule 1Rule 2Rule 3….
QoSPolicy B
Rule 1Rule 2….
![Page 7: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/7.jpg)
QoS Model
Network
QoSPolicy A
Rule 1Rule 2Rule 3….
QoSPolicy B
Rule 1Rule 2….
![Page 8: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/8.jpg)
QoS - Usage
# neutron qos-policy-create ‘platinum’ \
--description ‘platinum QoS - charge a lot of $$’
# neutron port-update <port id> --qos-policy ‘platinum’
# neutron net-update <net name> --qos-policy ‘platinum’
# neutron qos-bandwidth-limit-rule-create \--max-kbps 3000 \--max-burst-kbps 300 \
platinum
![Page 9: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/9.jpg)
● Bandwidth Limit Rule○ Liberty: OVS (ovs-vsctl) SR-IOV (ip link), Mitaka: Linux Bridge (tc)
Rule Types
# neutron qos-bandwidth-limit-rule-create <policy name> \--max-kbps 3000 \--max-burst-kbps 300
![Page 10: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/10.jpg)
● DSCP Marking Rule○ value: even number between 0 and 56, except 2-6, 42, 44, and 50-54
● Bandwidth Limit Rule○ Liberty: OVS (ovs-vsctl) SR-IOV (ip link), Mitaka: Linux Bridge (tc)
Rule Types
# neutron qos-bandwidth-limit-rule-create <policy name> \--max-kbps 3000 \--max-burst-kbps 300
# neutron qos-dscp-marking-limit-rule-create <policy name> \--dscp_mark <value>
![Page 11: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/11.jpg)
● DSCP Marking Rule○ value: even number between 0 and 56, except 2-6, 42, 44, and 50-54
● Bandwidth Limit Rule○ Liberty: OVS (ovs-vsctl) SR-IOV (ip link), Mitaka: Linux Bridge (tc)
Rule Types
# neutron qos-bandwidth-limit-rule-create <policy name> \--max-kbps 3000 \--max-burst-kbps 300
# neutron qos-dscp-marking-limit-rule-create <policy name> \--dscp_mark <value>
● There is an option to see all supported Rule types
# Neutron qos-available-rule-types
![Page 12: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/12.jpg)
Policy propagation
● Changes to the Policy immediately propagate to the ports
![Page 13: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/13.jpg)
Policy propagation
● Changes to the Policy immediately propagate to the ports
Attach a policy to a port
![Page 14: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/14.jpg)
Policy propagation
Update Policy
![Page 15: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/15.jpg)
Role Based Access Control (RBAC)
● QoS permission model (Liberty)○ By default only cloud admin can create a QoS policy○ Shared QoS policy○ The default behaviour managed in policy.json file
● RBAC mechanism - introduced in Liberty○ A policy framework that allows both operators and users to grant access to resources for
specific projects
○ The generic mechanism was added in Liberty with ‘Network’ as the first resource supporting this mechanism
![Page 16: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/16.jpg)
QoS Policy - RBAC Support
● Support was added in Mitaka
# neutron rbac-create --target-tenant <tenant-uuid> \ --action access_as_shared \ --type qos-policy \ <qos-policy-uuid>
# neutron qos-policy-create secret_policy
![Page 17: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/17.jpg)
What’s Next?
![Page 18: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/18.jpg)
Future - Min Bandwidth guarantee
● Seems like a simple change
● Challenges○ Support ‘borrowing’○ Requires influencing VM placements
# neutron qos-bandwidth-limit-rule-create <policy name> \--max-kbps 3000 --max-burst-kbps 300 \--min-kbps 1000
![Page 19: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/19.jpg)
Min Bandwidth guarantee
● Seems like a simple change
● Challenges○ Support ‘borrowing’○ Requires influencing VM placements
# neutron qos-bandwidth-limit-rule-create <policy name> \--max-kbps 3000 --max-burst-kbps 300 \--min-kbps 1000
comp1
10G each
comp2
![Page 20: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/20.jpg)
Min Bandwidth guarantee
● Seems like a simple change
● Challenges○ Support ‘borrowing’○ Requires influencing VM placements
# neutron qos-bandwidth-limit-rule-create <policy name> \--max-kbps 3000 --max-burst-kbps 300 \--min-kbps 1000
comp1
10Geach
VM1
comp2
min=7G
![Page 21: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/21.jpg)
Min Bandwidth guarantee
● Seems like a simple change
● Challenges○ Support ‘borrowing’○ Requires influencing VM placements
# neutron qos-bandwidth-limit-rule-create <policy name> \--max-kbps 3000 --max-burst-kbps 300 \--min-kbps 1000
comp110Geach
VM1
comp2
min=7G
![Page 22: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/22.jpg)
Min Bandwidth guarantee
● Seems like a simple change
● Challenges○ Support ‘borrowing’○ Requires influencing VM placements
# neutron qos-bandwidth-limit-rule-create <policy name> \--max-kbps 3000 --max-burst-kbps 300 \--min-kbps 1000
comp110Geachcomp2
VM1
min=7G
![Page 23: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/23.jpg)
Min Bandwidth guarantee
● Seems like a simple change
● Challenges○ Support ‘borrowing’○ Requires influencing VM placements
# neutron qos-bandwidth-limit-rule-create <policy name> \--max-kbps 3000 --max-burst-kbps 300 \--min-kbps 1000
comp110Geach
VM2
comp2
min=5G
VM1
min=7G
![Page 24: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/24.jpg)
Min Bandwidth guarantee
● Seems like a simple change
● Challenges○ Support ‘borrowing’○ Requires influencing VM placements
# neutron qos-bandwidth-limit-rule-create <policy name> \--max-kbps 3000 --max-burst-kbps 300 \--min-kbps 1000
comp110Geach
VM2
comp2
min=5G
VM1
min=7G
![Page 25: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/25.jpg)
Min Bandwidth guarantee
● Seems like a simple change
● Challenges○ Support ‘borrowing’○ Requires influencing VM placements
# neutron qos-bandwidth-limit-rule-create <policy name> \--max-kbps 3000 --max-burst-kbps 300 \--min-kbps 1000
comp1 comp2
VM1
VM2
min=7G min=5G
10Geach
![Page 26: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/26.jpg)
Min Bandwidth guarantee
● Nova scheduler○ Resource Provider Framework =>○ Bandwidth modeled as a resource○ Reported to Nova generic resource pool API
resource-classes
resource-providers
compute-node-inventory
resource-providers-allocations
![Page 27: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/27.jpg)
Traffic Classification
● Traffic classifiers
○ Apply rules to specific traffic flows
○ Use cases: Prioritize certain traffic, like control, realtime data, etc.
● Optional modelPolicy
Rule Rule Rule
Traffic Classifie
Traffic Classifier
SSH HTTP
![Page 28: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/28.jpg)
Additional Future Work
● Default policy per Tenant
● Shaping incoming traffic
● QoS VLAN 802.1p Support
● Many other ideas and requests - https://bugs.launchpad.net/neutron/+bugs?field.tag=qos
![Page 29: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/29.jpg)
Thank You
![Page 30: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/30.jpg)
Resources
● Neutron QoS API Extension - Neutron spec● Ajo’s Blog - Neutron Quality of Service coding sprint● DSCP Marking - Neutron spec● Add Classifier Resource - Neutron spec● User Guide for QoS● The noisy neighbor problem● RBAC policy - OpenStack Manual Documentation● Nova resource Provider Framework
○ https://review.openstack.org/#/c/253187/14
○ https://review.openstack.org/#/c/271779/4/specs/newton/approved/resource-providers-allocations.rst
○ https://review.openstack.org/#/c/225546/10/specs/mitaka/approved/resource-providers.rst
○ https://review.openstack.org/#/q/topic:bp/generic-resource-pools
●
![Page 31: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/31.jpg)
Resources
● Nova Resource Providers Framework○ https://review.openstack.org/#/c/253187/14
○ https://review.openstack.org/#/c/271779/4/specs/newton/approved/resource-providers-allocations.rst
○ https://review.openstack.org/#/c/225546/10/specs/mitaka/approved/resource-providers.rst○ https://review.openstack.org/#/q/topic:bp/generic-resource-pools
![Page 32: Networking, QoS, Liberty, Mitaka and Newton - Livnat Peer - OpenStack Day Israel 2016](https://reader033.vdocuments.mx/reader033/viewer/2022042723/5876d5991a28ab1d238b57a9/html5/thumbnails/32.jpg)
QoS in Neutron - Liberty
● Adding generic infrastructure that would be extensible for additional use cases
● Scope○ Traffic within the hypervisor○ Only traffic that leaves the VM (VM-egress)○ No integration with Nova scheduler