[OpenStack 스터디] OpenStack With Contrail

Download [OpenStack 스터디] OpenStack With Contrail

Post on 22-Feb-2017

680 views

Category:

Software

10 download

Embed Size (px)

TRANSCRIPT

  • OPENSTACKWITH CONTRAILSoftware Defined Networking

    And Cloud infrastructure

    KOREA DATA CENTER ARCHITECT GROUP

    KwonSun Bae as known as BeBe

  • FIRST,WHAT IS THE SDN?

    Why we want SDN?

  • Software Defined Network

    SDN?SDDC? OPENSTACK? SDN.

    NetworkDefinedSoftware

  • SOFTWARE DEFINED NETWORK

  • Business

    Infra

    .

    SDN? SDN.

    Network

  • VLAN

    Scale -4096 Tenant IDs

    VLAN

    Tenant

    . . .

  • Reactive OpenFlow Approach

    OpenFlow

    OpenFlowflow

    Tenant

    LATENCY. . FLOW. CONTROLLER .

    Centralized

    Openflow

    Controller

    Traffic flowpacket controller

  • How Does SDN or Software Defined Networking Work?

    Controller

    Southbound APIs

    Northbound APIs

    https://www.sdxcentral.com/resources/sdn/what-the-definition-of-software-defined-networking-sdn/

    SOFTWARE DEFINED NETWORKOpenFlow SDN .

    https://www.sdxcentral.com/resources/sdn/what-the-definition-of-software-defined-networking-sdn/

  • Packet forwarding

    Underlay

    overlay Tenant.

    Controller

    Proactive Overlay Networks

    LATENCY. . . CONTROLLER .

  • SDN

    Agility and Flexibility.

    https://www.sdxcentral.com/resources/sdn/why-sdn-software-defined-networking-or-nfv-network-functions-virtualization-now/

    SOFTWARE DEFINED NETWORKThe Time for Changes in Networking is Now!

    https://www.sdxcentral.com/resources/sdn/why-sdn-software-defined-networking-or-nfv-network-functions-virtualization-now/

  • HARDWARE CENTRIC

    DEDICATED HARDWARE

    LENGTHY SERVICE CHANGES

    MANUAL PROCESSES

    LIMITED EXPENSIVE SCALE & HA

    STATIC WORKLOADS/OPERATION

    SOFTWARE CENTRIC & VIRTUALIZED

    FLEXIBLE INFRASTRUCTURE

    DYNAMIC & AGILE ORCHESTRATION

    AUTOMATED IT WORKFLOWS

    INNATELY RESILIENT & SCALABLE

    DYNAMIC WORKLOAD MODELS

    Cloud

    SOFTWARE CENTRIC CONTROL

    SOFTWARE OVERLAYS

    DYNAMIC & AGILE ORCHESTRATION

    AUTOMATED IT WORKFLOWS

    INNATELY RESILIENT & SCALABLE

    DYNAMIC CONFIG & OPERATION

    SDN

    SDN is an IMPERATIVE for CLOUD

    CLOUD is an IMPERATIVE for ENTERPRISE

  • CONTRAIL

    CONTROL PLANE, MANAGEMENT PLANE

    NETWORK PROGRAMMABILITY

    ENABLING NFV (NETWORK FUNCTION VIRTUALIZATION)

    VIRTUALIZED NETWORK SERVICES

    INTEROPERABILITY WITH PHYSICAL

    NETWORK

    NETWORK VIRTUALIZATION (PRIVATE, HYBRID)

    CONVERGED NETWORK ORCHESTRATION

    AUTOMATION, ANALYTICS

  • METAFABRIC END-TO-END NETWORKSMulti-Data Center, Multi-Cloud, One Network

    Internet

    MX (USG)

    Virtual & PhysicalSecurity

    QFX, EX, and QFabic Switching

    Private Cloud

    Hosted/Managed

    MX (USG)

    Virtual & PhysicalSecurity

    QFX, EX, and QFabic Switching

    Private Cloud

    Public Cloud(Hybrid)

    Campus and

    Branch

    Junos Space

    Network Director

    WAN

  • WAN

    METAFABRIC END-TO-END NETWORKS

    Internet

    MX (USG)

    Virtual & PhysicalSecurity

    QFX, EX, and QFabic Switching

    Private Cloud

    Hosted/Managed

    MX (USG)

    Virtual & PhysicalSecurity

    QFX, EX, and QFabic Switching

    Private Cloud

    Public Cloud(Hybrid)

    Campus and

    Branch

    P

    End-to-end virtual networking

    VLANs & EVPN

    Application VPNs & Tenant VPNs

    (L3VPN & EVPN)

    VPC networks VPC networks

    VPC networks

    VPC networks

    Junos Space

    Network Director

  • Any IP* underlay physical network

    NSXController

    NSX-MHController

    vSphere server

    VM VM VM VM VM VM VM VM VM

    DVS

    vSphere ESXi

    DVS

    vSphere ESXi

    DVS

    vSphere ESXi

    VN VN VN

    VM VM VM VM VM VM VM VM VM

    OVS, vSwitch

    KVM, Xen, ESXi

    OVS, vSwitch

    KVM, Xen, ESXi

    OVS, vSwitch

    KVM, Xen, ESXi

    VN VN VN

    Optional vCD, vCAC Two editions of NSX

    NSX for Multi-hypervisor

    NSX for vSphere

    L2/L3 Virtual networking

    Add-ons: NAT, FW, LB, VPNs

  • NSX-MHController

    VM VM VM VM VM VM VM VM VM

    OVS, vSwitch

    KVM, Xen, ESXi

    OVS, vSwitch

    KVM, Xen, ESXi

    OVS, vSwitch

    KVM, Xen, ESXi

    VN VN VN

    NSX CROSS SELL OPPORTUNITY

    QFX5100

    IP, VC, VCF or QF fabric

    MX/EX9200

    USG features

    Appliances(eg SRX)

    Bare Metal(eg HPC)

    VLAN

    Junos Space Network Director

    Virtual security portfolio is a cross-sell though not NSX-integrated

  • WAN

    METAFABRIC END-TO-END NETWORKS

    Internet

    MX (USG)

    Virtual & PhysicalSecurity

    QFX, EX, and QFabic Switching

    Private Cloud

    Hosted/Managed

    MX (USG)

    Virtual & PhysicalSecurity

    QFX, EX, and QFabic Switching

    Private Cloud

    Public Cloud(Hybrid)

    Campus and

    Branch

    P

    Junos Space

    Network Director

  • Hardened OpenStack

    Contrail Networking

    Distributed storage

    Server management

    BYO

    VM FW VM VM VM VM VM VM VM

    Contrail vRouter

    KVM, Xen, ESXi, Docker

    Contrail vRouter

    KVM, Xen, ESXi, Docker

    Contrail vRouter

    KVM, Xen, ESXi, Docker

    VN VN VN

    MX(or any PE router)

    Appliances(eg SRX)

    Bare Metal(eg HPC)

    Bare Metal(eg HPC)

    Any IP underlay physical network

    Contrail vRouter

    Linux OS

    VLAN

    Virtual Appliance(eg Firefly)

    ContrailController

    DISTRIBUTION

  • SDNJUNIPER CONTRAIL

    Overview

  • CONTRAIL

    Physical Network

    (no changes)

    Analytics

    CONTRAIL CONTROLLER

    ControlConfiguration

    Physical Host with Hypervisor

    vRouter

    VM VM VM VM

    Physical Host with Hypervisor

    vRouter

    VM VM VM VM

    WAN, Internet

    Gateway

    Orchestrator

    VM

    , VM

    Uptime Provisioning

    vRouter: Control Plan Forwarding Plane

    GateWay :

    Juniper Router GateWay

    REST API

    BGP

    Clustering

    BGP

    XMPP XMPP

  • CONTRAIL & OPENSTACK COMPONENTS

    Horizon UI

    Contrail Web UI

    Nova

    (Compute Orchestration)

    Neutron Plugin

    Compute NodeStorage

    Keystone

    (Identity / Access

    Mgmt)

    Cinder

    (Block Storage)

    Swift

    (Object Storage)

    Nova Agent

    Contrail Agent

    Contrail Config

    Contrail Control

    vRouter

    Operator

    User Logs in, Create tenant

    (projects), Create IPAM, Create

    virtual network, Launch VMs

    VM

    Get VM Image to

    spawn

    API

    SrvrScheduler

    Select Compute node

    to spawn VM

    Info to

    spawn VM

    Hypervisor

    VM Spawned

    Block Storage

    Assignment

    Xen

    Bi-directional message bus

    (XMPP interaction)

    Launch VM

    Network related interaction

    Get virtual network info

    DHCP

    Plug (Tap interface, Instance ID, ..)

    Glance

    (Image Server)

    Authentication, etc.

  • OPENSTACK INTEGRATION

    Horizon

    Nova API

    Compute Driver

    Virtual-IF

    Driver

    Nova Compute

    Contrail Agent

    vRouter (kernel)

    Virtual Router

    Nova Scheduler Neutron Driver

    Neutron PluginConfiguration

    Node

    Control

    Node

    1Create an Instance (VM Info,

    Network, IPAM, Policies, etc)

    2 Schedule an Instance on the

    Compute Node

    3VM Network

    Properties

    4Create VM Interface 6 Publish VM

    Intf on IFMap

    5 Add Port

    7VM Interface Config

    over XMPP

    Scripts

  • , VROUTER

    Compute Node

    VirtualMachine

    (Tenant B)

    VirtualMachine

    (Tenant C)

    VirtualMachine

    (Tenant C)

    vRouter Forwarding Plane

    VirtualMachine

    (Tenant A)

    Routing Instance

    (Tenant A)

    Routing Instance

    (Tenant B)

    Routing Instance

    (Tenant C)

    vRouter Agent

    Flow Table

    FIB

    Flow Table

    FIB

    Flow Table

    FIB

    Overlay tunnelsMPLS over GRE or VXLAN

    JUNOSV CONTRAIL CONTROLLERJUNOSV CONTRAIL CONTROLLER

    XMPP

    Eth1Kernel

    Tap Interfaces (vif)

    pkt0

    UserEth0 EthN

    Config

    VRFsPolicy Table

    Top of Rack Switch

    XMPP

    vRouter Linux Bridge OVS .

    vRouter(E-VPN)(L3VPN).

    vRouter, NAT, , , .

    , , , NAT L2/L3 .

  • /

    Overlay tunnelsMPLS over GRE or VXLAN

    Compute Node

    vRouter Forwarding Plane

    VirtualMachine(VN-IP1)

    Routing Instance

    Flow Table

    FIB

    Eth1 (Phy-IP1)

    Tap Interfaces (vif)

    Compute Node

    vRouter Forwarding Plane

    VirtualMachine(VN-IP2)

    Routing Instance

    Flow Table

    FIB

    Eth1 (Phy-IP2)

    Tap Interfaces (vif)

    VIRTUAL

    PHYSICAL

    Virtual-IP2

    Payload

    Virtual-IP2

    Payload

    MPLS / VNI

    Phy-IP2

    Virtual-IP2

    Payload

    Virtual-IP2

    Payload

    MPLS / VNI

    Phy-IP2

    1. Guest OS ARP .

    2. vRouter ARP VRRP MAC .

    3. Guest OS VRRP MAC, vRouterMPLS/VNI GRE .

    4. , .

    5. MPLS/VNI .

    6. vRouter Guest OS.

  • SDNJUNIPER CONTRAIL

    Lets Virtual Networks

  • LOGICAL TOPOLOGY

    VM

    G1

    VM

    G2

    VM

    G3

    VN G

    VM

    R1

    VM

    R2

    VM

    R3

    VN R

    PN

    VM

    FW

    Virtual Ne