quantum: what it is and where its going lew tucker vp/cto cloud computing cisco systems, inc....
TRANSCRIPT
Quantum:What it is and Where it’s
going
Lew TuckerVP/CTO Cloud Computing
Cisco Systems, Inc.@lewtucker
• OpenStack: open source software for building highly scalable public and private clouds
• Designed as a set of services forming the basis of a cloud platform
• Evolving through community process in which all members may contribute
• Quantum is a community project to build a “Network Service” for advanced networking capabilities
+ Quantum
Open Source Is Where “Standard” Cloud Infrastructure Will Be Defined
Open standards [require] multiple providers, access to code and data, and interoperability of services.
The obvious solution is an open source reference model as the standard.
Potential examples of such would be the OpenStack effort.
-Simon Wardley, CSCFrom “A Question of Standards”
http://blog.gardeviance.org/2011/04/question-of-standards.html
Current Cloud Computing model is great for application development, self-service, and automation, but is missing the potential programmability of the infrastructure
• Applications and infrastructure could interact with each other to provide the best performance, experience and reliability
• What is missing is the right mechanism to expose networking infrastructure capabilities without bringing all the complexity into the application layer
But I can help (sigh)
But I can help (sigh)
I’m a Cloud. I don’t need
you!
I’m a Cloud. I don’t need
you!
Network Technologies in the Data Center and Internet
Internet
Partners
CRS-176006500
Nexus 7000Nexus 7000(w/ Cat 6500as Services
Chassis)
Nexus 5000w/ Nexus 2000Fabric Extender
UCS, MCS 7800 (or Generic
Rack or Blade Servers)
Nexus 1000v MDS 9000 +Consolidated
Storage Arrays (EMC, etc.)
ApplicationSoftware
VirtualMachine VSwitch Access Aggregation Core Peering IP NGN
Backbone
VMWareXen
Hyper-V
CRS-1ASR 9000ASR 1000
7600
Storage and SAN Compute
Applications
IP NGN
Application Control (SLB+)
Service Control
Global Site Selection
Intrusion Detection
Firewall Services
Virtual Device Contexts
Fibre Channel Forwarding
Fabric Extension
Fabric-Hosted Storage
Virtualization
Virtual Contexts for FW and SLB
Port Profiles and VN-Link
Port Profiles and VN-Link
Line-Rate NetFlow
Virtual Device Contexts
Secure Domain Routing
Service Profiles
Virtual Machine Optimization
10G Ethernet10G FCoE4G FC1G EthernetVM to vSwitchvSwitch to HWApp to HW / VM
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
App
OS
Storage Media Encryption
Let’s abstract all this
Compute service (EC2): virtual machines- Specify vCPU, Memory, Disk- Launch instance (image, mem_size, disk)- Suspend, clone, migrate
Storage service (S3, EBS): virtual disks- Specify storage amount, access rights- Store object- Create/attach block
• What to do about networks?
App Svr
OS
VM
Networking
Nova ComputeService
Virtual Machines
Nova ComputeService
Virtual Machines
SwiftStorageService
Object Store
SwiftStorageService
Object Store
Basic Network Connectivity
Nova and Swift APINova and Swift API
ServersServers DisksDisks
Networking is embedded inside of Nova compute, and un-accessible to application developers
Details and differences associated with network provisioning complicates a simple compute service
Difficult to track changes in networking as Software-defined Networking (SDN) comes into play
Nova ComputeService
Virtual Machines
Nova ComputeService
Virtual Machines
SwiftStorageService
Object Store
SwiftStorageService
Object Store
Basic Network Connectivity
Nova, Swift, and Quantum APINova, Swift, and Quantum API
ServersServers DisksDisks
Nova becomes simpler, easier to maintain and extend
Developers have ability to create multiple networks for their own purposes (multi-tier apps)
May support provisioning of both virtual and physical networks – differences captured through plugin’s
QuantumService
Virtual Networks
QuantumService
Virtual Networks
NetworksNetworks
Servers are virtualized through partitioning
Storage through aggregation
Networks through slicing/tunnels/tagging…
Networks are a shared resource carrying traffic for all tenants across shared links
Network overlays and virtualization create private networks through tagging, routing, encapsulation (tunneling), and separation of control (openflow, etc.)- VLANS, NVGRE, VXLAN, STT, LISP
Quantum is designed to support private networks
2011 Design Summit - community-driven merger of proposals
NetworkServicePOCNTT/Midokura
NetworkContainersCisco
NetworkServiceCitrix/Rackspace/Nicira
NaaS Core DesignIntel
… and others
QuantumQuantum
Compute service (EC2): virtual machines- Launch instance (image, mem_size, disk)- Suspend, clone, migrate
Storage service (S3, EBS): virtual storage- Store object- Create/attach block
Network service (Quantum): virtual networks- Create/delete private network- Create “ports” and attach VM’s- Assign IP address blocks (DHCP)
App SvrOS
VM
App SvrOS
VM
App Svr
OS
VM
POST /v1.1/tenants/abc/networks.json
Request: { “network”:
{“name”:”my_db_network”
} }
Response: { “network”:
{“id”: “98bd8391-199f-4440-824d-8659e4906786”
} }
My Private Network
Create multiple, virtual, isolated networks per tenant (FE-Net, DB-Net)
Multiple network interfaces per VM (in-line services)
Create ports on networks (QoS, profiles) and attach VM’s
Have control over your own “private” IP addresses
Access through a user-friendly CLI and GUI (Horizon)
Invoke additional capabilities through extensions
Support different underlying networking implementations (VLANS, L2/L3 tunnels, etc.)
Quantum APIQuantum API
Quantum Service•Network abstraction definition and management•Does NOT do any actual implementation of abstraction
Quantum Service•Network abstraction definition and management•Does NOT do any actual implementation of abstraction
Quantum Plug-in APIQuantum Plug-in API
API Extensions:For controlled innovation
and experimentation
API Extensions:For controlled innovation
and experimentation
Vendor/User Plug-In•Maps abstraction to implementation on physical network•Can provide additional features through API extensions
Vendor/User Plug-In•Maps abstraction to implementation on physical network•Can provide additional features through API extensions
Compute Service(Nova)
Compute Service(Nova)
Network Service (Quantum)
Network Service (Quantum)
Tenant API
Internal API Admin API SystemAdminSystemAdmin
Plug-InPlug-In
User Application – CLI - Horizon Dashboard - Tools
Tenant API
Compute NodeHypervisor vSwitch
PhysicalNetwork Router/Switch
Clustered Network Controller
Open vSwitch
Linux bridge
Nicira NVP
Cisco (Nexus switches and UCS VM-FEX)- WIP: VXLAN
NTT Labs Ryu OpenFlow controller
NEC OpenFlow
Big Switch Floodlight
Keep it simple - hide complexity while exposing capabilities
Provision their own, abstracted networking resources and topologies
Potential to create their own networking services
Isolation and non-interference
Ability to experiment while leveraging all that is provided by lower-level protocols
Different tenants and applications have different needs
App
OS
VM
DataBase
OS
VM
App
OS
VM
Web Svr
OS
VM
Web Svr
OS
VM
Web Svr
OS
VM
App Svr
OS
VM
App Svr
OS
VM
MemCach
OS
VM
MemCach
OS
VM
DataBase
OS
VM
DataBase
OS
VM
Tenant “A” Tenant “B”
DataBase
OS
VM
App
OS
VM
Tenant “C”
Internet Access, Management Network and Multi-tenant Services
Internet Access, Management Network and Multi-tenant ServicesInternet
GatewayInternetGateway
VPNService
VPNServiceService Provider NetworkService Provider Network
10.0.1.0/24
198.133.219.10
10.0.1.0/24
Quantum 1.0 is available today for Essex as an incubation project- Supports isolated L2 networks- Multiple plug-in’s available
Folsom release – moving into Core- Quantum V2 API (in development)
- Support tenant-created subnets
- Integrated with Horizon (dashboard) and Keystone (identity/token/policy)
- Includes “Melange” IPAM for IP address management
- Includes DHCP/Dnsmasq functionality
POST /v2.0/subnets
Request:{ "network_id": "98bd8391-…", "cidr": "10.0.0.0/24",}
Response{ "id": "e76a23fe-…", "network_id": "98bd8391-..", "cidr": "10.0.0.0/24", "gateway_ip": "10.0.0.1", "dns_nameservers": ["8.8.8.8"], "reserved_ranges": [ { "start" : "10.0.0.1", "end": "10.0.0.1"}, { "start": "10.0.0.255", "end" : "10.0.0.255"}], "additional_host_routes": [],}
3
Purposely started simple with basic abstraction, but with many blueprints expect to see rapid innovation, while maintaining backward compatibility
More plug-in’s for other networking paradigms
Extensions for QoS, port profiles, etc.
Used in the development of new network services
Applied to create virtual data centers spanning multiple sites
New uses in network service provider networks, mobile networks, sensor networks, HPC networks
Quantum API- http://docs.openstack.org/api/openstack-network/1.0/content/
Quantum Admin Guide (Essex): - http://docs.openstack.org/trunk/openstack-network/admin/content/
Code on Github:- https://github.com/openstack/quantum
Quantum V2:- http://wiki.openstack.org/QuantumV2APIIntro
QuantumNetwork Service
Lew Tucker, Cisco Systems@lewtucker