Scaling Up OpenStack Networking with Routed Networks Carl Baldwin, Neutron Developer, IBM Cloud @CarlNBaldwin Miguel Lavalle, Neutron Development Lead, IBM Linux Technology Center
Agenda • Why Routed Networks • Layer 2 and layer-3 networks at scale • Routed Networks implementation • Changes to Neutron • Interaction with the Nova scheduler • Configuration • Demo
Agenda • Why Routed Networks • Layer 2 and layer-3 networks at scale • Routed Networks implementation • Changes to Neutron • Interaction with the Nova scheduler • Configuration • Demo
Neutron excels at …. Providing a rich toolkit to create complex networking topologies TenantA-VM3 TenantA-VM1 TenantA-VM2 9.0.0.2 10.0.0.2 10.0.0.3 9.0.0.3 Tenant-A Net1 Tenant-A Net2 Load Balancer 10.0.0.0/24 9.0.0.0/24 Public Net 88.0.0.0/18
Neutron also excels at …. Enabling admins to create complex layer-2 provider networks VXLAN 123567 physnet1 VLAN 37 physnet2 VLAN 413 VM 1 VM 2 VM 3 • The entire network constitutes a contiguous layer-2 domain • Ports associated with network, not specific segment • Ports bound automatically to segment with connectivity
But what if …. Tenants only need to connect VM’s to a single or few shared networks VXLAN 123567 Layer-2 network physnet1 VLAN 37 physnet1 VLAN 820 VM VM VM VM VM VM VM VM VM VM VM VM One alternative is to create one large layer-2 network • These networks become complex at larger scale • Also have large failure domains
Another alternative to achieve scale …. Collection of distinct networks routed together to the outside: network-1 network-2 network-3 VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM • Leaves the choice of which network to select to the user • This is confusing, since nothing distinguishes one network from the other
Routed Networks Layer-3 Layer-2 segment 1 segment 2 VM VM VM VM VM VM VM VM VM VM • Users boot instances to a routed network presented as a single entity. The compute host determines the segment. • This allows for simplicity and scalability simultaneously
Agenda • Why Routed Networks • Layer-2 and layer-3 networks at scale • Routed Networks implementation • Changes to Neutron • Interaction with the Nova scheduler • Configuration • Demo
Segments • A segment contains the encapsulation details used to carry level-2 traffic • Each network has at least one segment associated with it • Segment details • network_type - how traffic is encapsulated • segmentation_id - the encapsulation identifier • physical_network - a unique name for the physical network the encapsulated traffic will be sent on • With L2 networks, multiple segments on the same netwoks are assumed to be bridged together • Not true for routed networks
Network Segment API extension • New in Newton as part of the implementation of routed networks • Moved segments from ML2 DB to the core DB model • Made segment an API resource with uuid • CRUD operations for segments as part of the ReST API • Exposed as a service plugin • Not enabled by default • All core plugins are not guaranteed to work with it • Available with: • ML2 agents based implementation • Ml2 OVN mechanism driver. Requires own host mapping mechanism
Subnets associate to segments in routed networks 172.16.0.0/22 172.16.2.0/22 172.16.8.0/22 172.16.12.0/22 segment 1 segment 2 segment 3 segment 1
Subnets associate to segments in routed networks • Associating a subnet to a segment • $ openstack subnet create --network multinet --ip-version 4 --network-segment my-segment --subnet-range 172.16.0.0/22 multinet-segment1-subnet • This turns a network into a routed network • Networks have a new attribute l2_adjacency • When a network is originally created, l2_adjacency is True • When subnets are assigned to segments, it becomes a routed network and its l2_adjacency becomes False • Cannot mix subnets with segments and without segments in the same network
Each segment requires at least one DHCP agent If segments are small, DHCP can run in one of the compute nodes in each rack 172.16.0.0/22 172.16.2.0/22 172.16.8.0/22 172.16.12.0/22 segment 1 segment 2 segment 3 segment 1 DHCP DHCP DHCP DHCP
Ports in routed networks • In a routed network, a port cannot get ip addresses until it is bound, when the segment it will be connected to is known • These unbound ports have an empty fixed_ips attribute • Ports have a new attribute ip_allocation • immediate for bound and unbound ports in l2 networks • immediate for ports in routed networks that were bound at creation • deferred for routed networks ports that were unbound at creation. • It will remain deferred even after binding • Neutron maintains a hosts to segments mapping • Used during host binding to allocate ip addresses • Available in ML2 agent based implementations and OVN
Floating IPs 203.0.113.0/24 • Floating IP subnets Datacenter Routing BGP Speaker • BGP • With Neutron router 203.0.113.0.43 203.0.113.0.251 • Routed external -> 172.16.0.227 -> 172.16.12.199 gateway • No Neutron router • NAT on the port? physnet1 physnet1 physnet1 physnet1 • DVR 172.16.0.0/22 172.16.4.0/22 172.16.8.0/22 172.16.12.0/22 • Fixed IPs segment 1 segment 2 segment 3 segment 1
Routed networks and Nova scheduling 172.16.0.0/22 172.16.2.0/22 172.16.8.0/22 172.16.12.0/22 segment 1 segment 2 segment 3 segment 1 Segments topology and ip address availability have to be considered by the Nova scheduler to place instances in compute nodes if routed networks are involved, both when booting and when live migrating
Changes to Nova scheduling (Ocata) • Creation of instance’s ports moved from compute manager to conductor and will take place prior to placement decision • There are four use cases: User requests Scheduler places instance at: Boot with port id. Port has no IP address Any segment with available ip addresses Boot with port id. Port has IP address Segment with subnet containing ip address Boot with network id Any segment with available ip addresses Instance move Segment with subnet containing ip address
Nova Generic Resource Pools API A resource pool represents a provider of resources: e.g. segments provide IPv4 addresses Resource Pool Inventories Aggregates DISK_GB IPV4_ADDRESS Host 1 Host n …..
Resource Pools for routed networks ‘ Neutron segment id <uuid>’ Resource Pool Only created for routed networks segments Aggregates Inventories Based on hosts segments mapping IPV4_ADDRESS Updated for every Host 1 Host n ….. subnet associated with the segment
Agenda • Why Routed Networks • Layer 2 and layer-3 networks at scale • Routed Networks implementation • Changes to Neutron • Interaction with the Nova scheduler • Configuration • Demo
Physical preparation • Unique physnet per segment • VLAN number is independent per physnet • VLAN ids can be re-used from segment to segment • DHCP agent hosts per physnet • Your choice of routing architecture
Neutron Configuration • Configure segments service plugin • Bridge mappings • OVN provides a different way to configure host to segment access • Create network • Includes creating the segments with multi-provider extension • Creating segments after network creation is also supported • Create subnets • Include segment_id from previous step with each subnet create
Agenda • Why Routed Networks • Layer 2 and layer-3 networks at scale • Routed Networks implementation • Changes to Neutron • Interaction with the Nova scheduler • Configuration • Demo
Demo set-up https://github.com/miguellavalle/routednetworksvagrant compute2 allinone + Network segment 1 segment 2 10.1.0.0/24 10.1.1.0/24 iprouter fd2a:d02c:d36b:1a::/64 fd2a:d02c:d36b:1b::/64 physnet1, vlan id 2016 physnet2, vlan id 2016 compute1 compute3
Thank You
Double Content (Layout)
Recommend
More recommend
