evolution of openstack networking at cern
play

Evolution of OpenStack Networking at CERN Nova Network, Neutron and - PowerPoint PPT Presentation

Jun 10, 2023 •111 likes •428 views

Evolution of OpenStack Networking at CERN Nova Network, Neutron and SDN Belmiro Moreira @belmiromoreira belmiro.moreira@cern.ch Ricardo Rocha @ahcorporto ricardo.rocha@cern.ch Fundamental Science Founded in 1954 What is 96% of the universe

  2. Evolution of OpenStack Networking at CERN Nova Network, Neutron and SDN Belmiro Moreira @belmiromoreira belmiro.moreira@cern.ch Ricardo Rocha @ahcorporto ricardo.rocha@cern.ch

  3. Fundamental Science Founded in 1954 What is 96% of the universe made of? What was the state of matter just after the Big Bang? Why isn’t there anti-matter in the universe?

  6. 6

  7. Capabilities GPU TOP CELL N Neutron CPU Pinning Huge Pages SMP Compute GPU CELL 2 Neutron ... CELL 1 Compute Configuration Nova Network Neutron vs Nova Network Scalability & Flexibility Allowed Projects ... Moving from CellsV1 to CellsV2 at CERN, Mon 21 11:35 7

  8. VN CELL NODE 1 V2 V3 V1 Hypervisors Virtual Machines V2 V3 NODE 2 V1 Order of ~10s of cells (currently 70), with ~200 hypervisors per cell ● Number of virtual machines per hypervisor varies per use case ● From 4 to 30 VMs per hypervisor ○ 8

  9. VN CELL NODE 1 V2 V3 V1 Hypervisors Virtual Machines S513-V-IP123 S513-V-VM908 V2 137.1XX.43.0/24 V3 188.1XX.191.0/24 NODE 2 ( Primary Service ) ( Secondary Service ) V1 Flat but segmented network, with multiple broadcast domains ● Scalability ○ Segmentation done on Primary Services ○ Primary Services can have multiple Secondaries ● No route if Secondary is in a different Primary ● VM IP allocation must belong to the hypervisor’s Primary ○ 9

  10. LanDB Source of Truth Primary Services Secondary Services Virtual Machines Hypervisors IPv4 IPv6 DNS Aliases Aliases IPv6 Readiness Ownership ... All devices must be present ● ● Used for different purposes ○ Security checks ○ DNS/DHCP Configuration Switch/router configuration ○ Active Directory, … ○ 10

  11. Phase 1. Phase 2. Phase 3. Nova Network Neutron SDN 11

  12. Phase 1. Nova Network Custom NetworkManager ● Late IP allocation - after scheduling to compute nodes ● Patching done directly in the Nova code ● NOVA DB NOVA COMPUTE LanDB Nova Network is being deprecated... ● Quantum is the new thing… Neutron is the new thing... ○ 12

  13. Phase 2. Neutron Linuxbridge, Flat / Provider networks ● Better integration using ML2, mechanism driver and extensions ● Quickly became possible to have it out of tree ○ Our extensions have a similar role to Neutron Segments ○ Gradual enroll, cell by cell ● Vanilla upstream packages for Neutron, much smaller patch on Nova ● More split pieces, potential points of failure ● Periodic consistency checks ○ 2 3 4b 1 NOVA COMPUTE Neutron LanDB 4a https://gitlab.cern.ch/cloud-infrastructure/openstack-neutron-cern 13

  14. Phase 2. Neutron Subnet Cluster Which subnets belong to this cluster? neutron cluster-list +--------+----------------------+-------------------------------------------------------+ | id | name | subnets | +--------+----------------------+-------------------------------------------------------+ | ... | VMPOOL SXXXX-C-IPZZZ | ... 188.xxx.yy.zz/22 | | ... | VMPOOL SBBBB-C-IPWWW | ... 137.aaa.bb.ccc/25 | | | | ... 137.bbb.cc.0/25 | | | | ... 137.bbb.dd.0/25 | +--------+----------------------+-------------------------------------------------------+ 14

  15. Phase 2. Neutron Host Restrictions Which subnets can i use for this hypervisor? neutron host p06253927y321a1 +----------------------------+--------------------------------------+ | Field | Value | +----------------------------+--------------------------------------+ | all_subnets | 4ca09148-32b5-4da4-95f9-35e83e2e1984 | | available_random_subnet | 4ca09148-32b5-4da4-95f9-35e83e2e1984 | | available_subnets | 4ca09148-32b5-4da4-95f9-35e83e2e1984 | | least_available_subnet | 4ca09148-32b5-4da4-95f9-35e83e2e1984 | | most_available_subnet | 4ca09148-32b5-4da4-95f9-35e83e2e1984 | +----------------------------+--------------------------------------+ 15

  16. Phase 2. Neutron Single control plane, no partitioning (as with Nova cells) ● Scaling RabbitMQ wasis a challenge 3 Virtual Machines < 1000 Nodes →5x 64GB Virtual Machines ~default rabbit configuration ~default neutron configuration ~looking ok(ish) 16

  17. Phase 2. Neutron Single control plane, no partitioning (as with Nova cells) ● Scaling RabbitMQ wasis a challenge Cluster crashes once, crashes constantly 1200 Nodes Cannot allocate 1318267840 bytes of memory (of type "heap"). Statistics db issues → collect_statistics_interval = 60000 Agents (too) aggressively trying to reconnect → rabbit_retry_backoff = 60 Agents not re-connecting properly → restart neutron servers Scale up Rabbit nodes, larger VMs 17

  18. Phase 2. Neutron Single control plane, no partitioning (as with Nova cells) ● Scaling RabbitMQ wasis a challenge Cluster crashes periodically 2000 Nodes Lots of queued messages, until it goes ( neutron server ) →rpc_thread_pool_size = 2048 →rpc_conn_pool_size = 60 →rpc_response_timeout = 120 →rpc_workers = 4 ( rabbit ) →tcp_backlog: 4096 →tcp_listen_options { reuseaddr: true, keepalive, true } →tcp_keepalive = true →rabbitmq_server_erl_args = '+K +A128 +P 1048576' →vm_memory_high_watermark = 0.8 →ulimits (65536 for nofile/nproc soft and hard) →cluster_partition_handling = autoheal 18

  19. Phase 2. Neutron Single control plane, no partitioning (as with Nova cells) ● Scaling RabbitMQ wasis a challenge Cluster crashes less, but still happens 2400 Nodes Lots of queued messages, until it goes ( rabbit virtual machines ) →ip link set %k txqueuelength 10000 ( neutron agent ) →report_interval=43200 ( neutron server ) →agent_downtime=86500 Other Considerations ( not done, not helpful ) →increase rpc_state_report_workers →heartbeat timeouts on the rabbit cluster 19

  20. Phase 2. Neutron Single control plane, no partitioning (as with Nova cells) ● Scaling RabbitMQ wasis a challenge Stable cluster ~5000 Nodes →5x 64GB Virtual Machines Ocasional network partitions →recovering most times, but not always →procedure for a quick cluster rebuild (~10min downtime) 20

  21. Phase 2. Neutron Single control plane, no partitioning (as with Nova cells) ● Scaling RabbitMQ wasis a challenge Stable cluster ~5000 Nodes →5x 64GB Virtual Machines Ocasional network partitions →recovering most times, but not always →procedure for a quick cluster rebuild (~10min downtime) 21

  22. Phase 2. Neutron Single control plane, no partitioning (as with Nova cells) ● Scaling RabbitMQ wasis a challenge ~5000 Nodes 22

  23. Phase 2. Neutron Migrating existing cells from Nova Network https://gitlab.cern.ch/cloud-infrastructure/python-neutronclient-cern Puppet for reconfiguration ● Custom command for the live VM changes ● $ openstack network cluster migrate --dry-run --host p06146676a327ab $ openstack network cluster migrate --host p06146676a327ab $ openstack network cluster migrate --cluster ‘VMPOOL SXXXX-C-IPZZZ’ for instance in instances: commands.extend([ ip = instance.addresses['CERN_NETWORK'][0] "brctl delif %s %s " % (NOVA_BRIDGE, raw_device), mac = ip['OS-EXT-IPS-MAC:mac_addr'] "ip link set %s down" % NOVA_BRIDGE, nova_tap = nova_interfaces[mac] "ip link set %s name %s " % (NOVA_BRIDGE, CERN_NETWORK_BRIDGE), neutron_tap = nova_interfaces[mac] "brctl addif %s %s " % (CERN_NETWORK_BRIDGE, raw_device), commands.extend([ "ip link set %s up" % CERN_NETWORK_BRIDGE, "brctl delif %s %s " % (NOVA_BRIDGE, nova_tap), "ip route add default via %s dev %s " % (gw, CERN_NETWORK_BRIDGE), "ip link set %s name %s " % (nova_tap, neutron_tap), ]) ]) 23

  24. Phase 3. SDN Current network deployment has significant limitations ● Limited IP Mobility ● Segmented broadcast domains ○ Live migration limited to single cluster ○ Ad-hoc tunnels for hardware retirement campaigns ○ Hardware Repurposing ● Multiple network domains (General, Services, …) ○ Services dedicated to a single domain ○ No Floating IPs ● No Tenant/Private Networks ● 24

  25. Phase 3. SDN Small prototype setups to evaluate functionality ● Neutron/OpenVSwitch OpenDaylight OVN DHCP Neutron Neutron/Built-in Built-in Floating IPs Yes Yes Yes Distributed Routing Only with DVR Yes Yes Tunneling Protocols vxlan / GRE / geneve vxlan / GRE / geneve vxlan / geneve Security Groups IPTables OpenFlow Native OpenFlow Native + Logging Load Balancing Octavia Octavia Octavia / OVN Native Acceleration Limited DPDK DPDK DPDK Tracing tcpdump tcpdump ovn-trace Physical Switch Integr. L2 / L3 L2 / L3 L2 / L3 25

  26. Phase 3. SDN In the end we picked OpenContrail / Tungsten ● 26

  27. Phase 3. SDN In the end we picked OpenContrail / Tungsten ● CONTROLLER OPENSTACK CONTROLLER NETCONF/EVPN OVSDB XMPP BGP VROUTER HYPERVISOR PHYSICAL PHYSICAL HYPERVISOR VXLAN MPLSoUDP/GRE WAN GATEWAY 27

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

CERN OpenStack Cloud Control Plane *From VMs to K8s* OpenStack Summit - Shanghai 2019 Belmiro

CERN OpenStack Cloud Control Plane *From VMs to K8s* OpenStack Summit - Shanghai 2019 Belmiro

CERN OpenStack Cloud Control Plane *From VMs to K8s* OpenStack Summit - Shanghai 2019 Belmiro Moreira - @belmiromoreira Spyridon Trigazis - @strigazi CERN - Large Hadron Collider (LHC) CERN - Large Hadron Collider (LHC) CERN: Compact Muon

697 views • 35 slides
Brings OpenStack networking and storage to containers Kubernetes Neutron Networking

Brings OpenStack networking and storage to containers Kubernetes Neutron Networking

Brings OpenStack networking and storage to containers Kubernetes Neutron Networking Native OpenStack infrastructure for mixed workloads spec: podSelector: matchLabels: role: db policyTypes: -

773 views • 8 slides
Deep D Dive ve i into t the C CERN C N Cloud I Infrastruct cture Openstack D Design S

Deep D Dive ve i into t the C CERN C N Cloud I Infrastruct cture Openstack D Design S

Deep D Dive ve i into t the C CERN C N Cloud I Infrastruct cture Openstack D Design S Summi mmit Ho Hong K Kong, 2 2013 Belmiro Moreira belmiro.moreira@cern.ch @belmiromoreira What i is C CERN? N? Conseil Europen

490 views • 48 slides
OpenStack Networking Project Update, OpenStack Summit Sydney Miguel Lavalle, IRC mlavalle

OpenStack Networking Project Update, OpenStack Summit Sydney Miguel Lavalle, IRC mlavalle

November 2017 OpenStack Networking Project Update, OpenStack Summit Sydney Miguel Lavalle, IRC mlavalle Armando Migliaccio, IRC armax Miguel Lavalle Armando Migliaccio Huawei SUSE Q Neutron PTL M-N-O Neutron PTL What is OpenStack

378 views • 18 slides
OpenStack and OVN Whats New with OVS 2.7 OpenStack Summit -- Boston 2017 Russell Bryant

OpenStack and OVN Whats New with OVS 2.7 OpenStack Summit -- Boston 2017 Russell Bryant

OpenStack and OVN Whats New with OVS 2.7 OpenStack Summit -- Boston 2017 Russell Bryant (@russellbryant) Justin Pettit (@Justin_D_Pettit) Ben Pfaff (@Ben_Pfaff) Virtual Networking Overview Provides a logical network abstraction on top of a

660 views • 26 slides
CF Computing Facilities CERN Computer Facilities Evolution Wayne Salter / Vincent Dor HEPiX

CF Computing Facilities CERN Computer Facilities Evolution Wayne Salter / Vincent Dor HEPiX

CF Computing Facilities CERN Computer Facilities Evolution Wayne Salter / Vincent Dor HEPiX October 2011 CERN IT Department CH-1211 Geneva 23 Switzerland www.cern.ch/i t CF Overview Reminder of the various evolution projects

666 views • 39 slides
networking-odl Syncing OpenDaylight with OpenStack Neutron Isaku Yamahata OpenDaylight Developer

networking-odl Syncing OpenDaylight with OpenStack Neutron Isaku Yamahata OpenDaylight Developer

networking-odl Syncing OpenDaylight with OpenStack Neutron Isaku Yamahata OpenDaylight Developer Design Forum Feb 29, 2016 This session goal To socialise whats happening in openstack side to OpenDaylight community whats coming,

307 views • 18 slides
Topics Why SDN? What is SDN? SDN in OpenStack and K8s Overview of SDN controllers

Topics Why SDN? What is SDN? SDN in OpenStack and K8s Overview of SDN controllers

Topics Why SDN? What is SDN? SDN in OpenStack and K8s Overview of SDN controllers Why SDN? Limitations of Traditional Networking Traditional networking It's hardware centric! Closed systems Vendor specific software

787 views • 54 slides
CERN and Science Clouds in Europe with TOSCA, OpenStack Heat and the Heat Translator Matt

CERN and Science Clouds in Europe with TOSCA, OpenStack Heat and the Heat Translator Matt

CERN and Science Clouds in Europe with TOSCA, OpenStack Heat and the Heat Translator Matt Rutkowski Mathieu Velten Sahdev Zala Ricardo Rocha Brad Topol mrutkows@us.ibm.com mathieu.velten@cern.ch spzala@us.ibm.com Ricardo.Rocha@cern.ch

570 views • 25 slides
Ideas for evolution of replication technology @ CERN Openlab Minor Review December 14 th , 2010

Ideas for evolution of replication technology @ CERN Openlab Minor Review December 14 th , 2010

Ideas for evolution of replication technology @ CERN Openlab Minor Review December 14 th , 2010 Zbigniew Baranowski, IT-DB CERN IT Department CH-1211 Geneva 23 Switzerland www.cern.ch/ i t Outline Replication use cases at CERN

321 views • 30 slides
Docker Networking Workshop Agenda 1. Detailed Overview 2. Docker Networking Evolution 3. Use

Docker Networking Workshop Agenda 1. Detailed Overview 2. Docker Networking Evolution 3. Use

Docker Networking Workshop Agenda 1. Detailed Overview 2. Docker Networking Evolution 3. Use Cases Single-host networking with the Bridge driver Multi-host networking with the Overlay driver Connecting to existing VLANs with the

1.32k views • 93 slides
Practical OVN: Architecture, Deployment, and Scale of OpenStack Networking Justin Pettit

Practical OVN: Architecture, Deployment, and Scale of OpenStack Networking Justin Pettit

Practical OVN: Architecture, Deployment, and Scale of OpenStack Networking Justin Pettit (@Justin_D_Pettit) Ben Pfaff (@Ben_Pfaff) Han Zhou (@zhouhanok) Ryan Moats (@regxboi) The Case for Network Virtualization Network provisioning needs

787 views • 33 slides
Facility-based Clouds using OpenStack John Hover, Xin Zhao OSG All-Hands Meeting 2013

Facility-based Clouds using OpenStack John Hover, Xin Zhao OSG All-Hands Meeting 2013

Facility-based Clouds using OpenStack John Hover, Xin Zhao OSG All-Hands Meeting 2013 Indianapolis, Indiana John Hover 13 Mar 2013 1 Outline Rationale/Benefits Limitations Openstack Overview Components Networking BNL Openstack

486 views • 19 slides
What is OpenStack ? Hello! I am Thierry Carrez I work for the OpenStack Foundation. You can

What is OpenStack ? Hello! I am Thierry Carrez I work for the OpenStack Foundation. You can

What is OpenStack ? Hello! I am Thierry Carrez I work for the OpenStack Foundation. You can find me at @tcarrez on Twitter And ttx on IRC No, really What is OpenStack ? An open source project A common goal A coalition of

672 views • 33 slides
Scaling Up OpenStack Networking with Routed Networks Carl Baldwin, Neutron Developer, IBM Cloud

Scaling Up OpenStack Networking with Routed Networks Carl Baldwin, Neutron Developer, IBM Cloud

Scaling Up OpenStack Networking with Routed Networks Carl Baldwin, Neutron Developer, IBM Cloud @CarlNBaldwin Miguel Lavalle, Neutron Development Lead, IBM Linux Technology Center Agenda Why Routed Networks Layer 2 and layer-3

397 views • 27 slides
Get a Python job, Work on OpenStack ! about:me Release Manager for OpenStack Chair of

Get a Python job, Work on OpenStack ! about:me Release Manager for OpenStack Chair of

Get a Python job, Work on OpenStack ! about:me Release Manager for OpenStack Chair of OpenStack Technical Committee Python Software Foundation member ttx @ tcarrez @ Cloud ? Buzzword Infrastructure as a service Compute,

700 views • 28 slides
MWBE Utilization Requirements In accordance with NYS Executive Law Article 15-A, New NY Broadband

MWBE Utilization Requirements In accordance with NYS Executive Law Article 15-A, New NY Broadband

Presented by: Lourdes Zapata, Executive Director Division of Minority and Womens Business Development MWBE Utilization Requirements In accordance with NYS Executive Law Article 15-A, New NY Broadband grant awardees must meet the MWBE

206 views • 8 slides
201 2016 ANNU NNUAL G L GENE NERAL ME L MEETIN ING Safe harbour notice Certain statements

201 2016 ANNU NNUAL G L GENE NERAL ME L MEETIN ING Safe harbour notice Certain statements

201 2016 ANNU NNUAL G L GENE NERAL ME L MEETIN ING Safe harbour notice Certain statements made in this presentation are forward-looking statements. These statements include, without limitation, statements relating to our 2016 financial

649 views • 45 slides
General Assembly Meeting Thursday, November 6, 2014 9:30 am to 1:30 pm The Waikiki Room

General Assembly Meeting Thursday, November 6, 2014 9:30 am to 1:30 pm The Waikiki Room

General Assembly Meeting Thursday, November 6, 2014 9:30 am to 1:30 pm The Waikiki Room Castaway Restaurant San Bernardino, California CPUC CASF 14 Statewide Consortia Inland Empire Regional Broadband Consortium Riverside County and San

832 views • 30 slides
MAGYAR TELEKOM GROUP INVESTOR PRESENTATION SEPTEMBER, 2017 STRATEGY AND MARKET POSITION OVERVIEW

MAGYAR TELEKOM GROUP INVESTOR PRESENTATION SEPTEMBER, 2017 STRATEGY AND MARKET POSITION OVERVIEW

MAGYAR TELEKOM GROUP INVESTOR PRESENTATION SEPTEMBER, 2017 STRATEGY AND MARKET POSITION OVERVIEW MAGYAR TELEKOM AT A GLANCE Overview International presence Revenue (FY2016) Integrated operations in Hungary and Macedonia* 8.9% 4.8%

319 views • 27 slides
HKIX Platform Upgrade &amp; Bilateral Peering Che-Hoo CHENG Hong Kong Internet Exchange

HKIX Platform Upgrade &amp; Bilateral Peering Che-Hoo CHENG Hong Kong Internet Exchange

HKIX Platform Upgrade &amp; Bilateral Peering Che-Hoo CHENG Hong Kong Internet Exchange (HKIX) The Chinese University of Hong Kong (CUHK) 02 MAR 2010 Introduction of HKIX (1/2) HKIX is a Settlement-Free Layer-2 Internet Exchange Point

600 views • 30 slides
DOMAIN DRIVEN WEB DESIGN Tom Scott Tuesday, 30 October 12 TRADITIONAL WEB DESIGN Tuesday, 30

DOMAIN DRIVEN WEB DESIGN Tom Scott Tuesday, 30 October 12 TRADITIONAL WEB DESIGN Tuesday, 30

DOMAIN DRIVEN WEB DESIGN Tom Scott Tuesday, 30 October 12 TRADITIONAL WEB DESIGN Tuesday, 30 October 12 FOCUSES ON THE PAGE Follows a desktop publishing WYSIWYG paradigm Tuesday, 30 October 12 NOT VERY WEBBY Designed like a magazine, so...

299 views • 29 slides
Board of Education Superintendents Preliminary Budget 2020-2021 March 12, 2020 A budget is

Board of Education Superintendents Preliminary Budget 2020-2021 March 12, 2020 A budget is

Manhasset Public Schools Board of Education Superintendents Preliminary Budget 2020-2021 March 12, 2020 A budget is more than just a series of numbers on a page; it is an embodiment of our values . - Mission We recognize each

780 views • 42 slides
Mo Mountain untain Br Broo ook k Junio nior r High igh Sc School ool We Welcome!

Mo Mountain untain Br Broo ook k Junio nior r High igh Sc School ool We Welcome!

Mo Mountain untain Br Broo ook k Junio nior r High igh Sc School ool We Welcome! come! Risi sing ng 9 th th Grade rade Cou ourse rse Se Select lection ion an and d Re Registration istration Co Cours urse e Se Select

539 views • 26 slides

More recommend