2. Who is that guy anyway?
» Hugo Trippaers
– Mission Critical Engineer @ Schuberg Philis
– PMC @ Apache CloudStack
– Contributor @ OpenDaylight OVSDB
– Gamer @ Home
!
» Contact
– @Spark404 @ Twitter
– Spark404 @ Freenode
– hugo @ apache.org
2
3. What i want to talk about
» What if you never heard of Apache CloudStack and/or OpenDaylight?
» Why would someone want to do an integration between ODL and ACS?
» What happens when you decide to go ahead and do it?
3
4. Apache CloudStack
» A highly available, highly scalable Infrastructure as a Service (IaaS) cloud computing platform.
!
» Supporting
– Hypervisors: XenServer, KVM, VMware, Hyperv
– Networking: VLAN, VXLAN, GRE, Nicira NVP, Midokura, Stratosphere, Contrail, BigSwitch
– Storage: NFS, S3, Swift, Nexenta, NetApp
– And a lot more…
!
!
!
4
5. OpenDaylight
» OpenDaylight's mission is to facilitate a community-led, industry-supported open source
platform, including code and architecture, to accelerate adoption of Software-Defined
Networking and Network Functions Virtualization.
!
» Controller platform
– OpenFlow
– OVSDB
– Virtual Tennant Network
– OpenDOVE
– and way more..
5
6. Apache CloudStack networking
» Basic Networking
– Tenant isolation by security groups
– External Router
!
» Advanced Networking
– Tenant isolation by isolating the L2 broadcast domain
– Virtual Router construct for Routing, Firewalling and other services
– Virtual Private Cloud
• Multi tier construct with multiple isolated networks and a core router construct.
6
7. Why integrate?
» As an orchestration platform, you need an eco system that you can orchestrate.
!
» Supporting open software defined networking solutions means wider adoption of SDN
!
» I hate reinventing wheels.
!
» It’s fun to do.
7
8. Down to business
» What is this beast called OpenDaylight
– multiple sub projects, which ones are feasible to support?
!
» Goal: KVM hypervisor with ODL orchestrating the overlay network
!
» Should be easy, where is the API exactly?
8
9. What the bleep to integrate with..
» Existing support for KVM and openVswitch already in CS.
– Easiest to go with that and have OpenDaylight orchestrate the openVswitch and the overlay
network
– I know OVSDB and OpenFlow, lets stick with that
!
99
10. OpenFlow / OVSDB
» OpenFlow
– Tells the switch what action to take on which condition.
» OVSDB
– Manages the openvSwitch“hardware”like
ports, tunnels and switches.
11. Down to business
» OMG I have API docs and still no clue.
!
» Ouch, OVSDB is very much a work in progress.
!
» Guess i need to talk to a human about this…
– Brent Salisbury (@networkstatic)
– Madhu Venugopal
– And a lot of other folks at #opendaylight-ovsdb (freenode)
!
!
11
12. Integration issues
» At which level to we integrate and what do i expect from OpenDaylight
– OpenDaylight supports direct interaction with OVSDB and a higher level API
– Higher layer API designed for Neutron, can it be used by ACS?
!
!
!
!
12
13. Integration issues
» Where are the brains at
– Who decides what?
– Who owns the state of the network and is the authoritative source?
– Reconciliation between controller and CMS?
!
13
14. Integration issues
» OpenDaylight is about to make its first release (Hydrogen)
– But what is going to be in in there?
– And is it enough to support the functionality i need for ACS
14
15. What did we end up with
» Apache CloudStack OpenDaylight plugin
– Works with KVM hypervisors (using OpenVswitch)
– Provides tenant isolation using overlay networks based on gre or vxlan
!
» Plugin available in ACS master branch
– targeted for the next release cycle (4.4.0)
15
16. How does it work
» The test setup i used
– Two KVM hypervisors with OpenVSwitch
– CloudStack Management Server
– OpenDaylight controller
!
» OpenVswitch on KVM hypervisors pre setup with the bridges required by CloudStack and a
bridge called br-int.
16
17. How does it work 1
» In ACS setup a physical network with isolation type ODL
– Physical network is a construct where tenant networks actually send their data
– Provides traffic isolating using the selected method (VLAN, ODL, VXLAN, …)
– Determines with bridge to
connect VMs to on KVM
(br-int in this example)
!
» Add an OpenDaylight
controller to the network
17
18. How does it work 2
» Setup a network offering for the tenants with virtual networking
» As a tenant
– Create a network based on the
new offering
– Start a new VM
18
19. How does it work 3
» Magic happens in the OpenDaylight plugin
– Does OpenDaylight know about the hypervisor where the VM will be provisioned?
• No, use the ODL ConnectionManager to create a new OVSDB node for that hypervisor
• OVSDB creates a br-tun switch and creates a patch between br-int and br-tun
– ACS pushed a network object to
ODL using the NeutronNetwork
API
– ACS pushes a port object to ODL
using the NeutronPort API
19
20. How does it work 4
» Tenant starts another node (which we assume starts on another hypervisor)
– ACS configures the second hypervisor using the ConnectionManager API
– ACS pushes a port configuration using the NeutronPort API
– OpenDaylight recognizes that ports belonging to a network are present on two hypervisors
and pushes a tunnel configuration to both nodes.
– OpenDaylight pushed flows to all switches to make traffic move from A to B
20
22. Are we there yet?
» This is just the first step, ODL offers a lot more.
!
» Cross pollination of ideas
– implement networking features from ODL in ACS
– support networking scenarios from ACS in ODL
!
» What do you guys think?
22
