SlideShare a Scribd company logo

OpenStack Summit Portland April 2013 talk - Quantum and EC2

Download as PPTX, PDF
Naveen Joy
Naveen Joy

These slides are from the talk I gave at the OpenStack summit in Portland in April2013.

TechnologyEducation
1 of 28
Naveen Joy Cloud Architect © 2012 Cisco and/or its affiliates. All rights reserved. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
Name: Naveen Joy • 17+ years in IT • IT Operations (Networking & Sys Admin) - 15 yrs • Development/ Python hacking - 2+ yrs © 2012 Cisco and/or its affiliates. All rights reserved. 2
© 2012 Cisco and/or its affiliates. All rights reserved. 3
• How many are new to OpenStack networking (Quantum) ? • How many are experts in Quantum? © 2012 Cisco and/or its affiliates. All rights reserved. 4
WAN Edge / DCI Core Aggregation/ Access Services Compute 4x10GE 4x10GE Storage TODAY © 2012 Cisco and/or its affiliates. All rights reserved. 5
THE MOST DESIRABLE CLOUD NETWORK FEATURES ELASTIC SCALING APIs FOR PROGRAMMABILITY REDUCED COMPLEXITY CONSISTENT POLICIES HIGH AVAILABILITY © 2012 Cisco and/or its affiliates. All rights reserved. 6
What does the conceptual network architecture for a cloud look like? Is it possible to transform my current network while preserving my existing investment? How can I implement Networking as a Service reliably using OpenStack Quantum? © 2012 Cisco and/or its affiliates. All rights reserved. 7
WAN Edge / DCI Core Aggregation/ Implementation Access A detail Services P Application I Abstract Compute Network Properties 4x10GE 4x10GE Storage © 2012 Cisco and/or its affiliates. All rights reserved. 8
Network abstraction enables programmability It’s about • Simplification – hiding unnecessary details • Defining two roles – client + implementer • Implementers can change without causing any changes in the client code GENERAL Client API Implementer Abstraction MODEL Quantum Quantum Quantum Quantum’s Client APIs Plugins Model © 2012 Cisco and/or its affiliates. All rights reserved. 9
tip of the iceberg Subnet Network id:uuid-str id:uuid-str network_id:uuid-str name:string name:string admin_state_up:bool ip_version:int status:string 1 * cidr:string subnets:list(uuid-str) gateway_ip: string shared: bool dns_nameservers:list(str) tenant_id:uuid-str allocation_pools:list(dict) 1 host_routes:list(dict) enable_dhcp: bool Port tenant_id:uuid-str * id:uuid-str network_id:uuid-str 1 name:string admin_state_up:bool status:string mac_address:string * fixed_ips: list(dict) device_id:string device_owner: string tenant_id:uuid-str © 2012 Cisco and/or its affiliates. All rights reserved. 10
Client/Business Applications API API API API L2 (Folsom) Firewall (in-progress) Quantum L3 (Folsom) Load Balancer(Grizzly) Network Service VPN (in-progress) Other Services layer Network Abstraction DB Plugin [Network state] plugin – network communication Network Network Device 1 Network Device 3 Infrastructure Layer Network Device 2 Network Device n © 2012 Cisco and/or its affiliates. All rights reserved. 11
RabbitMQ Queues amqp Performs Keystone OpenvSwitch Identity vSwitch plugin- configuration service agent on each host Driver Provides dhcp- DHCP services agent to tenant Keystone networks Auth_token middleware amqp Quantum Driver using dnsmasq Exchange Quantum client Provides API L3- App Quantum Server OpenvSwitch L3 routing agent NAT (SNAT) plugin Floating IP (DNAT) API Driver Extension module modules (l3, LbaaS) Provides LB- Load Balancing agent Services to tenant applications Driver DB © 2012 Cisco and/or its affiliates. All rights reserved. 12
Keystone Identity service Keystone plugin to Auth_token middleware controller communication e.g. REST API Controller to Switch communication API Quantum e.g. OpenFlow client API Server APIExternal Quantum Controlle External plugin r Controller API module cluster clusters Extenstion modules (l3, LbaaS) vSwitch vSwitch .. DB DB network infrastructure © 2012 Cisco and/or its affiliates. All rights reserved. 13
© 2012 Cisco and/or its affiliates. All rights reserved. 14
Compute Nodes Tenant1 Tenant2 Tenant3 DHCP VM VM VM service 5.0.0.3 5.0.0.4 5.0.0.4 5.0.0.2 Shared Quantum Quantum Network (name = hosting) network 5.0.0.0/22 mapped to an existing VLAN on OpenvSwitch 5.0.0.1 (VLAN 10) Existing physical Router/L3 switch gatewaygateway Router Router provides gateway services to VMs (Provider Managed Router) Internet © 2012 Cisco and/or its affiliates. All rights reserved. 15
TenantA TenantB TenantC VM VM VM Compute 5.1.1.3 5.2.2.3 5.3.3.3 DHCP DHCP DHCP Nodes Service Service Service 5.1.1.2 5.2.2.2 5.3.3.2 Red Net Blue Net Green Net (Vlan Red) (Vlan Blue) (Vlan Green) 5.1.1.0/24 5.2.2.0/24 5.3.3.0/24 802.1q trunk to a network gateway 5.1.1.1 Quantum networks mapped to existing vlans 5.2.2.1 5.3.3.1 gateway gateway L3 Gateway Router Router (Provider Managed) Internet © 2012 Cisco and/or its affiliates. All rights reserved. 16
Tenant TenantA TenantB TenantC Private VM 10.1.1.2 VM VM VM Compute 10.1.1.1 5.2.2.3 5.3.3.3 Nodes 5.1.1.3 DHCP DHCP DHCP Service Service Service TenantA 5.1.1.2 5.2.2.2 5.3.3.2 Network 10.1.1.0/24 Red Net Blue Net Green Net 5.1.1.0/24 5.2.2.0/24 5.3.3.0/24 802.1q trunk to an external gateway private Physical Router/L3 switch gatewa tenant y gateway provides gateway services Router created Router (Provider Managed) network Internet © 2012 Cisco and/or its affiliates. All rights reserved. 17
(Has scalability and availability issues in Folsom) Tenant1 Tenant2 Tenant3 Tenant1 Tenant4 network VM VM VM VM VM 10.1.1.5 10.1.2.5 10.1.3.5 10.1.4.5 10.1.5.5 node Tenant1 net Tenant2 net Tenant3 net Tenant1 net Tenant4 net 10.1.1.0/24 10.1.2.0/24 10.1.3.0/24 10.1.4.0/24 10.1.5.0/24 Provider vRouter1 vRouter2 vRouter3 Managed (shared routers and subnets) External Network [L3 uplink] 20.1.1.0/24 gatewaygateway Physical Router/L3 switch Router Router provides gateway services to the virtual network layer (Provider Managed) Internet © 2012 Cisco and/or its affiliates. All rights reserved. 18
200.1.1.0/24 200.1.1.2/24 200.1.1.1/24 Tenant B Tenant A Router Instance1 Instance1 Internet Internet Gateway Default VPC Short Answer: They are similar. Key Idea: Networking is abstracted from tenants © 2012 Cisco and/or its affiliates. All rights reserved. 19
Has scalability and availability issues in Folsom Tenant1 Tenant1 Tenant2 Tenant3 Tenant3 VM VM2 VM VM VM network 10.1.1.5 10.1.2.5 10.1.2.1 10.1.4.5 10.1.5.5 node Tenant1 Web Tenant1 DB Net Tenant3 Web Tenant2 net1 Tenant3 DB net Net 10.1.2.0/24 Net Tenant 10.1.2.0/24 10.1.5.0/24 10.1.1.0/24 10.1.4.0/24 created and managed vRouters vRouter vRouter vRouter and Tenant1 Tenant2 Tenant3 subnets External Network [L3 uplink] 20.1.1.0/24 gatewa Physical Router/L3 switch gateway y provides gateway services to Router Router the virtual network layer (Provider Managed) Internet © 2012 Cisco and/or its affiliates. All rights reserved. 20
10.1.1.0/24 (tenant assigned IP network) 10.1.1.2/24 10.1.1.3/24 Instance Instance Tenant Router 1 2 Internet Internet Gateway VPC for tenant A Tenant has control over networking - Network isolation, subnets, elastic IPs and routing © 2012 Cisco and/or its affiliates. All rights reserved. 21
• How many networks do we need for deploying Quantum? Traffic generated by OpenStack components AMQP and MySQL traffic, Nova to Quantum API calls etc. Cloud Management traffic ssh, monitoring, logging, puppet/chef etc. Application Traffic between VMs via overlay tunnels or vlans VM communication with the Internet, floating IPs Traffic generated by tenants interacting directly with Quantum API Management network API network Data network External network © 2012 Cisco and/or its affiliates. All rights reserved. 22
Tenants Internet Cloud Controller nova-api, nova-scheduler RabbitMQ/ MySQL Provider gateway Quantum Router / Compute Network API Firewall Nodes Nodes server External API Data Mgmt © 2012 Cisco and/or its affiliates. All rights reserved. 23
Tenant Front end protocol e.g. SSL Load Balancer VIP Back end protocol e.g. HTTP Health Pool App App App Monitor Pool Members ping/TCP/http/https (e.g. Instances) © 2012 Cisco and/or its affiliates. All rights reserved. 24
(available in Grizzly) Compute Nodes web pool App pool Tenant2 Tenant3 Tenant3 VM VM VM Network VM1 VM2 VM3 VM1 VM2 VM3 10.1.2.1 10.1.4.5 10.1.5.5 Nodes Web Tier App Tier Tenant2 net1 Tenant3 Tier1 Tenant3 net 10.1.1.0/24 10.1.2.0/24 10.1.2.0/24 10.1.4.0/24 10.1.5.0/24 LB vRouter vRouter vRouter LB Acme Coke Pepsi External Network [L3 uplink] gatewaygateway Physical Router/L3 switch Router Router provides gateway services to the virtual network layer (Provider Managed) Internet © 2012 Cisco and/or its affiliates. All rights reserved. 25
These three features are mandatory! • Design to handle failures • Loosely couple your components • Implement elasticity © 2012 Cisco and/or its affiliates. All rights reserved. 26
• Quantum is evolving • Production deployment and operations is hard • Plugins must be architected for the cloud • Be aware of L3 scalability and reliability issues in Folsom • Start slowly and do your research • Environments and requirements differ e.g. Start off with the basic networking model shown in this deck • Document your work • Contribute to the community © 2012 Cisco and/or its affiliates. All rights reserved. 27
© 2012 Cisco and/or its affiliates. All rights reserved. 28

Recommended

Daniel cornejo cisco. centros de datos unificados y su evolución hacia la nub...
Daniel cornejo cisco. centros de datos unificados y su evolución hacia la nub...Daniel cornejo cisco. centros de datos unificados y su evolución hacia la nub...
Daniel cornejo cisco. centros de datos unificados y su evolución hacia la nub...datacentersummit
 
Michael De Leo Global IPv6 Summit México 2009
Michael De Leo Global IPv6 Summit México 2009Michael De Leo Global IPv6 Summit México 2009
Michael De Leo Global IPv6 Summit México 2009Jaime Olmos
 
Ethernet and TCP optimizations
Ethernet and TCP optimizationsEthernet and TCP optimizations
Ethernet and TCP optimizationsJeff Squyres
 
Simplifying Operations: Automation & Orchestration with Juniper Switching
Simplifying Operations: Automation & Orchestration with Juniper SwitchingSimplifying Operations: Automation & Orchestration with Juniper Switching
Simplifying Operations: Automation & Orchestration with Juniper SwitchingJuniper Networks
 
Cisco Cloud Briefing and Experiences for Cloud Slam 2011
Cisco Cloud Briefing and Experiences for Cloud Slam 2011Cisco Cloud Briefing and Experiences for Cloud Slam 2011
Cisco Cloud Briefing and Experiences for Cloud Slam 2011Cisco Collaboration
 
MOW2010: Under the Hood of Oracle Clusterware by Alex Gorbachev, Pythian
MOW2010: Under the Hood of Oracle Clusterware by Alex Gorbachev, PythianMOW2010: Under the Hood of Oracle Clusterware by Alex Gorbachev, Pythian
MOW2010: Under the Hood of Oracle Clusterware by Alex Gorbachev, PythianAlex Gorbachev
 
Ucs overview sap-rnicola
Ucs overview sap-rnicolaUcs overview sap-rnicola
Ucs overview sap-rnicolaRobert Nicola
 
Cisco open network environment
Cisco open network environmentCisco open network environment
Cisco open network environmentdeepers
 

Recommended

Daniel cornejo cisco. centros de datos unificados y su evolución hacia la nub...
Daniel cornejo cisco. centros de datos unificados y su evolución hacia la nub...Daniel cornejo cisco. centros de datos unificados y su evolución hacia la nub...
Daniel cornejo cisco. centros de datos unificados y su evolución hacia la nub...datacentersummit
 
Michael De Leo Global IPv6 Summit México 2009
Michael De Leo Global IPv6 Summit México 2009Michael De Leo Global IPv6 Summit México 2009
Michael De Leo Global IPv6 Summit México 2009Jaime Olmos
 
Ethernet and TCP optimizations
Ethernet and TCP optimizationsEthernet and TCP optimizations
Ethernet and TCP optimizationsJeff Squyres
 
Simplifying Operations: Automation & Orchestration with Juniper Switching
Simplifying Operations: Automation & Orchestration with Juniper SwitchingSimplifying Operations: Automation & Orchestration with Juniper Switching
Simplifying Operations: Automation & Orchestration with Juniper SwitchingJuniper Networks
 
Cisco Cloud Briefing and Experiences for Cloud Slam 2011
Cisco Cloud Briefing and Experiences for Cloud Slam 2011Cisco Cloud Briefing and Experiences for Cloud Slam 2011
Cisco Cloud Briefing and Experiences for Cloud Slam 2011Cisco Collaboration
 
MOW2010: Under the Hood of Oracle Clusterware by Alex Gorbachev, Pythian
MOW2010: Under the Hood of Oracle Clusterware by Alex Gorbachev, PythianMOW2010: Under the Hood of Oracle Clusterware by Alex Gorbachev, Pythian
MOW2010: Under the Hood of Oracle Clusterware by Alex Gorbachev, PythianAlex Gorbachev
 
Ucs overview sap-rnicola
Ucs overview sap-rnicolaUcs overview sap-rnicola
Ucs overview sap-rnicolaRobert Nicola
 
Cisco open network environment
Cisco open network environmentCisco open network environment
Cisco open network environmentdeepers
 
10 fn key2
10 fn key210 fn key2
10 fn key2Scott Foster
 
A Hitchhiker's Guide to the Inter-Cloud
A Hitchhiker's Guide to the Inter-CloudA Hitchhiker's Guide to the Inter-Cloud
A Hitchhiker's Guide to the Inter-CloudGovCloud Network
 
How Technology can help to facilitate Effective eLearning Space
How Technology can help to facilitate Effective eLearning SpaceHow Technology can help to facilitate Effective eLearning Space
How Technology can help to facilitate Effective eLearning SpaceeLearning Consortium 電子學習聯盟
 
The Present and Future of DDS
The Present and Future of DDSThe Present and Future of DDS
The Present and Future of DDSAngelo Corsaro
 
The Scope of Cloud Computing, Kevin Bloch
The Scope of Cloud Computing, Kevin BlochThe Scope of Cloud Computing, Kevin Bloch
The Scope of Cloud Computing, Kevin Blochguesta04b0
 
Field device integration evolution in asset integration
Field device integration evolution in asset integrationField device integration evolution in asset integration
Field device integration evolution in asset integrationFieldComm Group
 
Simulation & CBTs: Mixing traditional CBT and low cost simulation in the same...
Simulation & CBTs: Mixing traditional CBT and low cost simulation in the same...Simulation & CBTs: Mixing traditional CBT and low cost simulation in the same...
Simulation & CBTs: Mixing traditional CBT and low cost simulation in the same...Jose Carlos Diaz
 
Geospatial Community Cloud Vision
Geospatial Community Cloud VisionGeospatial Community Cloud Vision
Geospatial Community Cloud VisionDaneyon Hansen
 
Taller Redes Emergentes
Taller Redes EmergentesTaller Redes Emergentes
Taller Redes EmergentesMundo Contact
 
Cim 20070701 jul_2007
Cim 20070701 jul_2007Cim 20070701 jul_2007
Cim 20070701 jul_2007Carlos Alberto Bonatto
 
Cisco Entrepreneur Institute
Cisco Entrepreneur InstituteCisco Entrepreneur Institute
Cisco Entrepreneur InstituteSSA KPI
 
CCNA R&S At A Glance
CCNA R&S At A GlanceCCNA R&S At A Glance
CCNA R&S At A GlanceCNA KFUPM
 
OpenStack meetup, March2013 keynote
OpenStack meetup, March2013 keynoteOpenStack meetup, March2013 keynote
OpenStack meetup, March2013 keynoteopenstackindia
 
Il Cloud chiavi in mano | Marco Soldi (Intel) | Milano
Il Cloud chiavi in mano | Marco Soldi (Intel) | MilanoIl Cloud chiavi in mano | Marco Soldi (Intel) | Milano
Il Cloud chiavi in mano | Marco Soldi (Intel) | MilanoCA Technologies Italia
 
Roger boesch xen desktop mit cisco
Roger boesch xen desktop mit ciscoRoger boesch xen desktop mit cisco
Roger boesch xen desktop mit ciscoDigicomp Academy AG
 
Portfolio: ActionBase Fireworks, a Hardware-Software Complex
Portfolio: ActionBase Fireworks, a Hardware-Software ComplexPortfolio: ActionBase Fireworks, a Hardware-Software Complex
Portfolio: ActionBase Fireworks, a Hardware-Software ComplexEdgewood Services
 
Puppet for Junos
Puppet for JunosPuppet for Junos
Puppet for JunosJuniper Networks
 
Cim 20071101 nov_2007
Cim 20071101 nov_2007Cim 20071101 nov_2007
Cim 20071101 nov_2007Carlos Alberto Bonatto
 
Triangle bdpa wo vid
Triangle bdpa wo vidTriangle bdpa wo vid
Triangle bdpa wo vidsantosomar
 
CCA09 Cloud Computing Standards and OCCI
CCA09 Cloud Computing Standards and OCCICCA09 Cloud Computing Standards and OCCI
CCA09 Cloud Computing Standards and OCCIbefreax
 
Presentación Data Center Cablevisión Day 2010
Presentación Data Center Cablevisión Day 2010Presentación Data Center Cablevisión Day 2010
Presentación Data Center Cablevisión Day 2010Logicalis Latam
 
M2M関連状況 roll&core WG meeting in IETF86
M2M関連状況 roll&core WG meeting in IETF86M2M関連状況 roll&core WG meeting in IETF86
M2M関連状況 roll&core WG meeting in IETF86Shoichi Sakane
 

More Related Content

What's hot

A Hitchhiker's Guide to the Inter-Cloud
A Hitchhiker's Guide to the Inter-CloudA Hitchhiker's Guide to the Inter-Cloud
A Hitchhiker's Guide to the Inter-CloudGovCloud Network
 
The Present and Future of DDS
The Present and Future of DDSThe Present and Future of DDS
The Present and Future of DDSAngelo Corsaro
 
The Scope of Cloud Computing, Kevin Bloch
The Scope of Cloud Computing, Kevin BlochThe Scope of Cloud Computing, Kevin Bloch
The Scope of Cloud Computing, Kevin Blochguesta04b0
 
Field device integration evolution in asset integration
Field device integration evolution in asset integrationField device integration evolution in asset integration
Field device integration evolution in asset integrationFieldComm Group
 
Simulation & CBTs: Mixing traditional CBT and low cost simulation in the same...
Simulation & CBTs: Mixing traditional CBT and low cost simulation in the same...Simulation & CBTs: Mixing traditional CBT and low cost simulation in the same...
Simulation & CBTs: Mixing traditional CBT and low cost simulation in the same...Jose Carlos Diaz
 
Geospatial Community Cloud Vision
Geospatial Community Cloud VisionGeospatial Community Cloud Vision
Geospatial Community Cloud VisionDaneyon Hansen
 
Taller Redes Emergentes
Taller Redes EmergentesTaller Redes Emergentes
Taller Redes EmergentesMundo Contact
 
Cisco Entrepreneur Institute
Cisco Entrepreneur InstituteCisco Entrepreneur Institute
Cisco Entrepreneur InstituteSSA KPI
 
CCNA R&S At A Glance
CCNA R&S At A GlanceCCNA R&S At A Glance
CCNA R&S At A GlanceCNA KFUPM
 
OpenStack meetup, March2013 keynote
OpenStack meetup, March2013 keynoteOpenStack meetup, March2013 keynote
OpenStack meetup, March2013 keynoteopenstackindia
 
Il Cloud chiavi in mano | Marco Soldi (Intel) | Milano
Il Cloud chiavi in mano | Marco Soldi (Intel) | MilanoIl Cloud chiavi in mano | Marco Soldi (Intel) | Milano
Il Cloud chiavi in mano | Marco Soldi (Intel) | MilanoCA Technologies Italia
 
Roger boesch xen desktop mit cisco
Roger boesch xen desktop mit ciscoRoger boesch xen desktop mit cisco
Roger boesch xen desktop mit ciscoDigicomp Academy AG
 
Portfolio: ActionBase Fireworks, a Hardware-Software Complex
Portfolio: ActionBase Fireworks, a Hardware-Software ComplexPortfolio: ActionBase Fireworks, a Hardware-Software Complex
Portfolio: ActionBase Fireworks, a Hardware-Software ComplexEdgewood Services
 
Triangle bdpa wo vid
Triangle bdpa wo vidTriangle bdpa wo vid
Triangle bdpa wo vidsantosomar
 
CCA09 Cloud Computing Standards and OCCI
CCA09 Cloud Computing Standards and OCCICCA09 Cloud Computing Standards and OCCI
CCA09 Cloud Computing Standards and OCCIbefreax
 

What's hot (20)

10 fn key2
10 fn key210 fn key2
10 fn key2
 
A Hitchhiker's Guide to the Inter-Cloud
A Hitchhiker's Guide to the Inter-CloudA Hitchhiker's Guide to the Inter-Cloud
A Hitchhiker's Guide to the Inter-Cloud
 
How Technology can help to facilitate Effective eLearning Space
How Technology can help to facilitate Effective eLearning SpaceHow Technology can help to facilitate Effective eLearning Space
How Technology can help to facilitate Effective eLearning Space
 
The Present and Future of DDS
The Present and Future of DDSThe Present and Future of DDS
The Present and Future of DDS
 
The Scope of Cloud Computing, Kevin Bloch
The Scope of Cloud Computing, Kevin BlochThe Scope of Cloud Computing, Kevin Bloch
The Scope of Cloud Computing, Kevin Bloch
 
Field device integration evolution in asset integration
Field device integration evolution in asset integrationField device integration evolution in asset integration
Field device integration evolution in asset integration
 
Simulation & CBTs: Mixing traditional CBT and low cost simulation in the same...
Simulation & CBTs: Mixing traditional CBT and low cost simulation in the same...Simulation & CBTs: Mixing traditional CBT and low cost simulation in the same...
Simulation & CBTs: Mixing traditional CBT and low cost simulation in the same...
 
Geospatial Community Cloud Vision
Geospatial Community Cloud VisionGeospatial Community Cloud Vision
Geospatial Community Cloud Vision
 
Taller Redes Emergentes
Taller Redes EmergentesTaller Redes Emergentes
Taller Redes Emergentes
 
Cim 20070701 jul_2007
Cim 20070701 jul_2007Cim 20070701 jul_2007
Cim 20070701 jul_2007
 
Cisco Entrepreneur Institute
Cisco Entrepreneur InstituteCisco Entrepreneur Institute
Cisco Entrepreneur Institute
 
CCNA R&S At A Glance
CCNA R&S At A GlanceCCNA R&S At A Glance
CCNA R&S At A Glance
 
OpenStack meetup, March2013 keynote
OpenStack meetup, March2013 keynoteOpenStack meetup, March2013 keynote
OpenStack meetup, March2013 keynote
 
Il Cloud chiavi in mano | Marco Soldi (Intel) | Milano
Il Cloud chiavi in mano | Marco Soldi (Intel) | MilanoIl Cloud chiavi in mano | Marco Soldi (Intel) | Milano
Il Cloud chiavi in mano | Marco Soldi (Intel) | Milano
 
Roger boesch xen desktop mit cisco
Roger boesch xen desktop mit ciscoRoger boesch xen desktop mit cisco
Roger boesch xen desktop mit cisco
 
Portfolio: ActionBase Fireworks, a Hardware-Software Complex
Portfolio: ActionBase Fireworks, a Hardware-Software ComplexPortfolio: ActionBase Fireworks, a Hardware-Software Complex
Portfolio: ActionBase Fireworks, a Hardware-Software Complex
 
Puppet for Junos
Puppet for JunosPuppet for Junos
Puppet for Junos
 
Cim 20071101 nov_2007
Cim 20071101 nov_2007Cim 20071101 nov_2007
Cim 20071101 nov_2007
 
Triangle bdpa wo vid
Triangle bdpa wo vidTriangle bdpa wo vid
Triangle bdpa wo vid
 
CCA09 Cloud Computing Standards and OCCI
CCA09 Cloud Computing Standards and OCCICCA09 Cloud Computing Standards and OCCI
CCA09 Cloud Computing Standards and OCCI
 

Similar to OpenStack Summit Portland April 2013 talk - Quantum and EC2

Presentación Data Center Cablevisión Day 2010
Presentación Data Center Cablevisión Day 2010Presentación Data Center Cablevisión Day 2010
Presentación Data Center Cablevisión Day 2010Logicalis Latam
 
M2M関連状況 roll&core WG meeting in IETF86
M2M関連状況 roll&core WG meeting in IETF86M2M関連状況 roll&core WG meeting in IETF86
M2M関連状況 roll&core WG meeting in IETF86Shoichi Sakane
 
OpenFlow Beyond the Data Centre at IP Expo
OpenFlow Beyond the Data Centre at IP ExpoOpenFlow Beyond the Data Centre at IP Expo
OpenFlow Beyond the Data Centre at IP ExpoADVA
 
Triangle OpenStack Meetup
Triangle OpenStack MeetupTriangle OpenStack Meetup
Triangle OpenStack Meetupmestery
 
Cisco entel summit2010
Cisco entel summit2010Cisco entel summit2010
Cisco entel summit2010Entel
 
Track2 -刘希斌----c ie-net-openstack-2012-apac
Track2 -刘希斌----c ie-net-openstack-2012-apacTrack2 -刘希斌----c ie-net-openstack-2012-apac
Track2 -刘希斌----c ie-net-openstack-2012-apacOpenCity Community
 
End-to-End Data Center Virtualization
End-to-End Data Center VirtualizationEnd-to-End Data Center Virtualization
End-to-End Data Center VirtualizationCisco Canada
 
[Cisco Connect 2018 - Vietnam] 2. lam doan software-defined access-a transf...
[Cisco Connect 2018 - Vietnam] 2. lam doan software-defined access-a transf...[Cisco Connect 2018 - Vietnam] 2. lam doan software-defined access-a transf...
[Cisco Connect 2018 - Vietnam] 2. lam doan software-defined access-a transf...Nur Shiqim Chok
 
FIWARE Global Summit - The Scorpio NGSI-LD Broker: Features and Supported Arc...
FIWARE Global Summit - The Scorpio NGSI-LD Broker: Features and Supported Arc...FIWARE Global Summit - The Scorpio NGSI-LD Broker: Features and Supported Arc...
FIWARE Global Summit - The Scorpio NGSI-LD Broker: Features and Supported Arc...FIWARE
 
Networking Concepts and Tools for the Cloud
Networking Concepts and Tools for the CloudNetworking Concepts and Tools for the Cloud
Networking Concepts and Tools for the CloudAlex Amies
 
Building The Right Network
Building The Right NetworkBuilding The Right Network
Building The Right NetworkCisco Canada
 
Cisco tec rob soderbery - core enterprise networking
Cisco tec rob soderbery - core enterprise networkingCisco tec rob soderbery - core enterprise networking
Cisco tec rob soderbery - core enterprise networkingCisco Public Relations
 
Развитие технологий SDN для сетей ЦОД
Развитие технологий SDN для сетей ЦОДРазвитие технологий SDN для сетей ЦОД
Развитие технологий SDN для сетей ЦОДCisco Russia
 
vBrownBag OpenStack Networking Talk
vBrownBag OpenStack Networking TalkvBrownBag OpenStack Networking Talk
vBrownBag OpenStack Networking Talkmestery
 
Tech editors conf tucker yen-jacoby revised final for may 24 2012
Tech editors conf tucker yen-jacoby revised final for may 24 2012Tech editors conf tucker yen-jacoby revised final for may 24 2012
Tech editors conf tucker yen-jacoby revised final for may 24 2012Cisco Public Relations
 
Cisco Connect 2018 Vietnam - Software-defined access-a transformational appro...
Cisco Connect 2018 Vietnam - Software-defined access-a transformational appro...Cisco Connect 2018 Vietnam - Software-defined access-a transformational appro...
Cisco Connect 2018 Vietnam - Software-defined access-a transformational appro...NetworkCollaborators
 
[Cisco Connect 2018 - Vietnam] Lam doan software-defined access-a transform...
[Cisco Connect 2018 - Vietnam] Lam doan software-defined access-a transform...[Cisco Connect 2018 - Vietnam] Lam doan software-defined access-a transform...
[Cisco Connect 2018 - Vietnam] Lam doan software-defined access-a transform...Nur Shiqim Chok
 
Cisco Connect 2018 Singapore - Cisco Software Defined Access
Cisco Connect 2018 Singapore - Cisco Software Defined AccessCisco Connect 2018 Singapore - Cisco Software Defined Access
Cisco Connect 2018 Singapore - Cisco Software Defined AccessNetworkCollaborators
 
Application Centric Infrastructure (ACI), the policy driven data centre
Application Centric Infrastructure (ACI), the policy driven data centreApplication Centric Infrastructure (ACI), the policy driven data centre
Application Centric Infrastructure (ACI), the policy driven data centreCisco Canada
 

Similar to OpenStack Summit Portland April 2013 talk - Quantum and EC2 (20)

Presentación Data Center Cablevisión Day 2010
Presentación Data Center Cablevisión Day 2010Presentación Data Center Cablevisión Day 2010
Presentación Data Center Cablevisión Day 2010
 
M2M関連状況 roll&core WG meeting in IETF86
M2M関連状況 roll&core WG meeting in IETF86M2M関連状況 roll&core WG meeting in IETF86
M2M関連状況 roll&core WG meeting in IETF86
 
OpenFlow Beyond the Data Centre at IP Expo
OpenFlow Beyond the Data Centre at IP ExpoOpenFlow Beyond the Data Centre at IP Expo
OpenFlow Beyond the Data Centre at IP Expo
 
Triangle OpenStack Meetup
Triangle OpenStack MeetupTriangle OpenStack Meetup
Triangle OpenStack Meetup
 
Cisco entel summit2010
Cisco entel summit2010Cisco entel summit2010
Cisco entel summit2010
 
Track2 -刘希斌----c ie-net-openstack-2012-apac
Track2 -刘希斌----c ie-net-openstack-2012-apacTrack2 -刘希斌----c ie-net-openstack-2012-apac
Track2 -刘希斌----c ie-net-openstack-2012-apac
 
End-to-End Data Center Virtualization
End-to-End Data Center VirtualizationEnd-to-End Data Center Virtualization
End-to-End Data Center Virtualization
 
[Cisco Connect 2018 - Vietnam] 2. lam doan software-defined access-a transf...
[Cisco Connect 2018 - Vietnam] 2. lam doan software-defined access-a transf...[Cisco Connect 2018 - Vietnam] 2. lam doan software-defined access-a transf...
[Cisco Connect 2018 - Vietnam] 2. lam doan software-defined access-a transf...
 
FIWARE Global Summit - The Scorpio NGSI-LD Broker: Features and Supported Arc...
FIWARE Global Summit - The Scorpio NGSI-LD Broker: Features and Supported Arc...FIWARE Global Summit - The Scorpio NGSI-LD Broker: Features and Supported Arc...
FIWARE Global Summit - The Scorpio NGSI-LD Broker: Features and Supported Arc...
 
AlexsanderLima
AlexsanderLimaAlexsanderLima
AlexsanderLima
 
Networking Concepts and Tools for the Cloud
Networking Concepts and Tools for the CloudNetworking Concepts and Tools for the Cloud
Networking Concepts and Tools for the Cloud
 
Building The Right Network
Building The Right NetworkBuilding The Right Network
Building The Right Network
 
Cisco tec rob soderbery - core enterprise networking
Cisco tec rob soderbery - core enterprise networkingCisco tec rob soderbery - core enterprise networking
Cisco tec rob soderbery - core enterprise networking
 
Развитие технологий SDN для сетей ЦОД
Развитие технологий SDN для сетей ЦОДРазвитие технологий SDN для сетей ЦОД
Развитие технологий SDN для сетей ЦОД
 
vBrownBag OpenStack Networking Talk
vBrownBag OpenStack Networking TalkvBrownBag OpenStack Networking Talk
vBrownBag OpenStack Networking Talk
 
Tech editors conf tucker yen-jacoby revised final for may 24 2012
Tech editors conf tucker yen-jacoby revised final for may 24 2012Tech editors conf tucker yen-jacoby revised final for may 24 2012
Tech editors conf tucker yen-jacoby revised final for may 24 2012
 
Cisco Connect 2018 Vietnam - Software-defined access-a transformational appro...
Cisco Connect 2018 Vietnam - Software-defined access-a transformational appro...Cisco Connect 2018 Vietnam - Software-defined access-a transformational appro...
Cisco Connect 2018 Vietnam - Software-defined access-a transformational appro...
 
[Cisco Connect 2018 - Vietnam] Lam doan software-defined access-a transform...
[Cisco Connect 2018 - Vietnam] Lam doan software-defined access-a transform...[Cisco Connect 2018 - Vietnam] Lam doan software-defined access-a transform...
[Cisco Connect 2018 - Vietnam] Lam doan software-defined access-a transform...
 
Cisco Connect 2018 Singapore - Cisco Software Defined Access
Cisco Connect 2018 Singapore - Cisco Software Defined AccessCisco Connect 2018 Singapore - Cisco Software Defined Access
Cisco Connect 2018 Singapore - Cisco Software Defined Access
 
Application Centric Infrastructure (ACI), the policy driven data centre
Application Centric Infrastructure (ACI), the policy driven data centreApplication Centric Infrastructure (ACI), the policy driven data centre
Application Centric Infrastructure (ACI), the policy driven data centre
 

Recently uploaded

Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 

Recently uploaded (20)

Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 

OpenStack Summit Portland April 2013 talk - Quantum and EC2

  • 1. Naveen Joy Cloud Architect © 2012 Cisco and/or its affiliates. All rights reserved. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
  • 2. Name: Naveen Joy • 17+ years in IT • IT Operations (Networking & Sys Admin) - 15 yrs • Development/ Python hacking - 2+ yrs © 2012 Cisco and/or its affiliates. All rights reserved. 2
  • 3. © 2012 Cisco and/or its affiliates. All rights reserved. 3
  • 4. • How many are new to OpenStack networking (Quantum) ? • How many are experts in Quantum? © 2012 Cisco and/or its affiliates. All rights reserved. 4
  • 5. WAN Edge / DCI Core Aggregation/ Access Services Compute 4x10GE 4x10GE Storage TODAY © 2012 Cisco and/or its affiliates. All rights reserved. 5
  • 6. THE MOST DESIRABLE CLOUD NETWORK FEATURES ELASTIC SCALING APIs FOR PROGRAMMABILITY REDUCED COMPLEXITY CONSISTENT POLICIES HIGH AVAILABILITY © 2012 Cisco and/or its affiliates. All rights reserved. 6
  • 7. What does the conceptual network architecture for a cloud look like? Is it possible to transform my current network while preserving my existing investment? How can I implement Networking as a Service reliably using OpenStack Quantum? © 2012 Cisco and/or its affiliates. All rights reserved. 7
  • 8. WAN Edge / DCI Core Aggregation/ Implementation Access A detail Services P Application I Abstract Compute Network Properties 4x10GE 4x10GE Storage © 2012 Cisco and/or its affiliates. All rights reserved. 8
  • 9. Network abstraction enables programmability It’s about • Simplification – hiding unnecessary details • Defining two roles – client + implementer • Implementers can change without causing any changes in the client code GENERAL Client API Implementer Abstraction MODEL Quantum Quantum Quantum Quantum’s Client APIs Plugins Model © 2012 Cisco and/or its affiliates. All rights reserved. 9
  • 10. tip of the iceberg Subnet Network id:uuid-str id:uuid-str network_id:uuid-str name:string name:string admin_state_up:bool ip_version:int status:string 1 * cidr:string subnets:list(uuid-str) gateway_ip: string shared: bool dns_nameservers:list(str) tenant_id:uuid-str allocation_pools:list(dict) 1 host_routes:list(dict) enable_dhcp: bool Port tenant_id:uuid-str * id:uuid-str network_id:uuid-str 1 name:string admin_state_up:bool status:string mac_address:string * fixed_ips: list(dict) device_id:string device_owner: string tenant_id:uuid-str © 2012 Cisco and/or its affiliates. All rights reserved. 10
  • 11. Client/Business Applications API API API API L2 (Folsom) Firewall (in-progress) Quantum L3 (Folsom) Load Balancer(Grizzly) Network Service VPN (in-progress) Other Services layer Network Abstraction DB Plugin [Network state] plugin – network communication Network Network Device 1 Network Device 3 Infrastructure Layer Network Device 2 Network Device n © 2012 Cisco and/or its affiliates. All rights reserved. 11
  • 12. RabbitMQ Queues amqp Performs Keystone OpenvSwitch Identity vSwitch plugin- configuration service agent on each host Driver Provides dhcp- DHCP services agent to tenant Keystone networks Auth_token middleware amqp Quantum Driver using dnsmasq Exchange Quantum client Provides API L3- App Quantum Server OpenvSwitch L3 routing agent NAT (SNAT) plugin Floating IP (DNAT) API Driver Extension module modules (l3, LbaaS) Provides LB- Load Balancing agent Services to tenant applications Driver DB © 2012 Cisco and/or its affiliates. All rights reserved. 12
  • 13. Keystone Identity service Keystone plugin to Auth_token middleware controller communication e.g. REST API Controller to Switch communication API Quantum e.g. OpenFlow client API Server APIExternal Quantum Controlle External plugin r Controller API module cluster clusters Extenstion modules (l3, LbaaS) vSwitch vSwitch .. DB DB network infrastructure © 2012 Cisco and/or its affiliates. All rights reserved. 13
  • 14. © 2012 Cisco and/or its affiliates. All rights reserved. 14
  • 15. Compute Nodes Tenant1 Tenant2 Tenant3 DHCP VM VM VM service 5.0.0.3 5.0.0.4 5.0.0.4 5.0.0.2 Shared Quantum Quantum Network (name = hosting) network 5.0.0.0/22 mapped to an existing VLAN on OpenvSwitch 5.0.0.1 (VLAN 10) Existing physical Router/L3 switch gatewaygateway Router Router provides gateway services to VMs (Provider Managed Router) Internet © 2012 Cisco and/or its affiliates. All rights reserved. 15
  • 16. TenantA TenantB TenantC VM VM VM Compute 5.1.1.3 5.2.2.3 5.3.3.3 DHCP DHCP DHCP Nodes Service Service Service 5.1.1.2 5.2.2.2 5.3.3.2 Red Net Blue Net Green Net (Vlan Red) (Vlan Blue) (Vlan Green) 5.1.1.0/24 5.2.2.0/24 5.3.3.0/24 802.1q trunk to a network gateway 5.1.1.1 Quantum networks mapped to existing vlans 5.2.2.1 5.3.3.1 gateway gateway L3 Gateway Router Router (Provider Managed) Internet © 2012 Cisco and/or its affiliates. All rights reserved. 16
  • 17. Tenant TenantA TenantB TenantC Private VM 10.1.1.2 VM VM VM Compute 10.1.1.1 5.2.2.3 5.3.3.3 Nodes 5.1.1.3 DHCP DHCP DHCP Service Service Service TenantA 5.1.1.2 5.2.2.2 5.3.3.2 Network 10.1.1.0/24 Red Net Blue Net Green Net 5.1.1.0/24 5.2.2.0/24 5.3.3.0/24 802.1q trunk to an external gateway private Physical Router/L3 switch gatewa tenant y gateway provides gateway services Router created Router (Provider Managed) network Internet © 2012 Cisco and/or its affiliates. All rights reserved. 17
  • 18. (Has scalability and availability issues in Folsom) Tenant1 Tenant2 Tenant3 Tenant1 Tenant4 network VM VM VM VM VM 10.1.1.5 10.1.2.5 10.1.3.5 10.1.4.5 10.1.5.5 node Tenant1 net Tenant2 net Tenant3 net Tenant1 net Tenant4 net 10.1.1.0/24 10.1.2.0/24 10.1.3.0/24 10.1.4.0/24 10.1.5.0/24 Provider vRouter1 vRouter2 vRouter3 Managed (shared routers and subnets) External Network [L3 uplink] 20.1.1.0/24 gatewaygateway Physical Router/L3 switch Router Router provides gateway services to the virtual network layer (Provider Managed) Internet © 2012 Cisco and/or its affiliates. All rights reserved. 18
  • 19. 200.1.1.0/24 200.1.1.2/24 200.1.1.1/24 Tenant B Tenant A Router Instance1 Instance1 Internet Internet Gateway Default VPC Short Answer: They are similar. Key Idea: Networking is abstracted from tenants © 2012 Cisco and/or its affiliates. All rights reserved. 19
  • 20. Has scalability and availability issues in Folsom Tenant1 Tenant1 Tenant2 Tenant3 Tenant3 VM VM2 VM VM VM network 10.1.1.5 10.1.2.5 10.1.2.1 10.1.4.5 10.1.5.5 node Tenant1 Web Tenant1 DB Net Tenant3 Web Tenant2 net1 Tenant3 DB net Net 10.1.2.0/24 Net Tenant 10.1.2.0/24 10.1.5.0/24 10.1.1.0/24 10.1.4.0/24 created and managed vRouters vRouter vRouter vRouter and Tenant1 Tenant2 Tenant3 subnets External Network [L3 uplink] 20.1.1.0/24 gatewa Physical Router/L3 switch gateway y provides gateway services to Router Router the virtual network layer (Provider Managed) Internet © 2012 Cisco and/or its affiliates. All rights reserved. 20
  • 21. 10.1.1.0/24 (tenant assigned IP network) 10.1.1.2/24 10.1.1.3/24 Instance Instance Tenant Router 1 2 Internet Internet Gateway VPC for tenant A Tenant has control over networking - Network isolation, subnets, elastic IPs and routing © 2012 Cisco and/or its affiliates. All rights reserved. 21
  • 22. • How many networks do we need for deploying Quantum? Traffic generated by OpenStack components AMQP and MySQL traffic, Nova to Quantum API calls etc. Cloud Management traffic ssh, monitoring, logging, puppet/chef etc. Application Traffic between VMs via overlay tunnels or vlans VM communication with the Internet, floating IPs Traffic generated by tenants interacting directly with Quantum API Management network API network Data network External network © 2012 Cisco and/or its affiliates. All rights reserved. 22
  • 23. Tenants Internet Cloud Controller nova-api, nova-scheduler RabbitMQ/ MySQL Provider gateway Quantum Router / Compute Network API Firewall Nodes Nodes server External API Data Mgmt © 2012 Cisco and/or its affiliates. All rights reserved. 23
  • 24. Tenant Front end protocol e.g. SSL Load Balancer VIP Back end protocol e.g. HTTP Health Pool App App App Monitor Pool Members ping/TCP/http/https (e.g. Instances) © 2012 Cisco and/or its affiliates. All rights reserved. 24
  • 25. (available in Grizzly) Compute Nodes web pool App pool Tenant2 Tenant3 Tenant3 VM VM VM Network VM1 VM2 VM3 VM1 VM2 VM3 10.1.2.1 10.1.4.5 10.1.5.5 Nodes Web Tier App Tier Tenant2 net1 Tenant3 Tier1 Tenant3 net 10.1.1.0/24 10.1.2.0/24 10.1.2.0/24 10.1.4.0/24 10.1.5.0/24 LB vRouter vRouter vRouter LB Acme Coke Pepsi External Network [L3 uplink] gatewaygateway Physical Router/L3 switch Router Router provides gateway services to the virtual network layer (Provider Managed) Internet © 2012 Cisco and/or its affiliates. All rights reserved. 25
  • 26. These three features are mandatory! • Design to handle failures • Loosely couple your components • Implement elasticity © 2012 Cisco and/or its affiliates. All rights reserved. 26
  • 27. • Quantum is evolving • Production deployment and operations is hard • Plugins must be architected for the cloud • Be aware of L3 scalability and reliability issues in Folsom • Start slowly and do your research • Environments and requirements differ e.g. Start off with the basic networking model shown in this deck • Document your work • Contribute to the community © 2012 Cisco and/or its affiliates. All rights reserved. 27
  • 28. © 2012 Cisco and/or its affiliates. All rights reserved. 28

Editor's Notes

  1. Various Entities and RelationshipsAttributes and data types Observation: When you have multiple subnets associated with a network, you can pick the subnet on which the instance will be attached to.Notes:Note Decoupling between the abstraction and the technology that’s used to implement network.Talk about what capabilities are enabled by this model.Attachment postPort is an attachment point to a quantum network The device id identifies the instance-id or router-id or the dhcp-server-id that is connected to this portIt could be between an instance and network or a router and a network or a dhcp server and the network.When you create a port you are creating an “attachment or a connection” and an IP will be
  2. What are the various components of quantum?How do these components communicate with one another?Quantum API server:When the quantum API server starts up, it does the following sequence of actions: a) gathers the configuration options from the config files (quantum.conf and the plugin config file) For instance, from the config file it figures out a) the port and host IP on which the API server should listen on. b) the plugin abstraction module that it should load (This is the piece of code that is responsible for creating the logical network model used by the plugin) c) authentication strategy d) policy.json file for authorization b) Then it loads the plugin abstraction module. This module reads the plugin specific configuration file and creates the logical model used by the plugin in the DB. c) Establishes the AMQP connection to RabbitMQ d) Loads the extension modules – quota and Quantum L3 Router module (quantum.api.extensions.l3.py) e) Uses the eventlet python library to start up a wsgi server on the quantum host on port 9696 f) Now the API server is ready to listen to client requestsAPI calls:create_network: - Authentication and authorization is performed using the middleware with the keystone identity service - Creates a logical network using the quantum plugin module and persists it in the DB. Sets its admin state to up. - Allocates a unique ID of 32 Hex characters (using the UUID module) to the network - If the network_type is Vlan , plugin module allocates a Vlan ID to the network from the pool of Vlan ID - The calls returns the network information (ID, vlan) back to the caller. The network state in the database looks like this:+----------------------------------+--------------------------------------+--------+--------+----------------+--------+-------------------------------------| tenant_id | id | name | status | admin_state_up | shared |+----------------------------------+--------------------------------------+--------+--------+----------------+--------+------------------------------------| 244be8af89624b1e94c0136d5d557a9d | e32fbdbd-2757-4dd2-9b61-ebd20606752e | net123 | ACTIVE | 1 | 0 |-------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------+-------------- +------------------+-----------------+-----------------------| network_id | network_type | physical_network | segmentation_id |+--------------------------------------+--------------+------------------+-----------------+------------------------| e32fbdbd-2757-4dd2-9b61-ebd20606752e | vlan | datanet1 | 2000 |+--------------------------------------+--------------+------------------+-----------------+-------------------------2) create_subnet: - plugin module persists the subnet information in the database and allocates a static IP for the dhcp server’s port. - The plugin module sends a notification to the dhcp-agent to create a subnet (dnsmasq dhcp server) on this network. Messages the network ID and subnet information. - The dhcp agent makes an RPC call to the API server to obtain a portID and IP allocation for the port - Then it creates a Linux tap interface and binds the dnsmasq dhcp server to the subnet. The agent makes an RPC call to obtain the subnet information from the DB - Since overlapping ip addresses are permitted, the dhcp agent uses the linux namespace to create a logically isolated dhcp server for that network3) Boot a vm on a network:4) Create a router:Note: A linux name space is created using the ipnetns command. A linux namespace is a logically sepated copy of the linux network stack, which means separate routing tables, firewall rules and network devices. With routing you are creating a namespace named qrouter-XX and enabling ip forwarding on the linux kernel: sysctl -w net.ipv4.ip_forward=1. Some additonal notes:Ordinary update workflow is: 1) REST API request is accepted by Quantum and routed to the corresponding Extension and Plugin. 2) Plugin performs validation of request (schema conformance, values and references check, etc). If validation fails one of 40x codes is returned (depending on reason). 3)DB object is updated and object is moved to PENDING_UPDATE state. 4) Request is transformed into task and pushed into queue. 5) Plugin responses user with HTTP 202 reply. Steps 1-5 are done synchronously. 6) Agent picks message from the queue and forwards it to Driver. Driver changes configuration of load balancing device. 7) Once completed the response message is pushed into Plugin's queue. 8) Plugin retrieves message and updates DB with either "ACTIVE" or "ERROR" status
  3. Typically a provider network.Create networkcreate subnet (provide subnet and gateway information)Provide segmentation ID in OpenVswitch (Vlan1)
  4. Typically a provider network.Provider admin creates the networkThese networks can be shared or can be mapped to tenantsSmall/medium size networkRequirement:You need to trunk all the tenant vlans to your L3 switch (typically the aggregation switch).Your internal virtual networks (vlans) are exposed to your physical switch here. So you have 4kvlan limitations.
  5. Typically a provider network.Provider admin creates the networkThese networks can be shared or can be mapped to tenantsSmall/medium size networkRequirement:You need to trunk all the tenant vlans to your L3 switch (typically the aggregation switch)Drawbacks:Load on the gateway router – filtering, mac-addresses, arp-tables etc. Limit scalabilityHard to provide additional services such as floating IP/ VPN connectivity etc. (cloud admin needs to configure on the physical router or the VPN gateway)Vlan limitations.
  6. vRouter and subnets are managed by the providerSecurityDrawbacks – does not support overlapping IP addressesHow the API call works – create routerMapping between provider networks to virtual networks
  7. overlapping IP addresses are supported Virtual routers reside on the network nodes
  8. traffic pattern between services – Nova compute -> Quantum API Quantum Client -> Quantum API Quantum agents -> Controller (AMQP (rabbit) + MySQL) VMs -> DHCP server VM -> gateway (routing between subnets and to the internet) Overlay networking such as GRE tunnels to connect the broadcast domains together
  9. VIP not only represents the IP address but also other parameters such as the IP/protocol/port.
  10. Option 1: Embedded /Integrated services nodeOption 2: In-Path insertion mode