Scribd
Upload
49 views36 pages

Networking in Openstack: Neutron, SDN, NFV, Containers

This document discusses networking in OpenStack. It describes limitations of traditional networking and how SDN and Neutron address these limitations. Neutron provides networking services and abstracts away the underlying networking hardware. It uses plugins to support different networking backends and agents to interface with physical networking devices. Neutron also enables advanced networking services like load balancing, firewalls, and VPNs on top of the basic networking capabilities. Kuryr allows container networking to be integrated with Neutron, providing a unified API for both containers and VMs.

Uploaded by

dz
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
49 views36 pages

Networking in Openstack: Neutron, SDN, NFV, Containers

This document discusses networking in OpenStack. It describes limitations of traditional networking and how SDN and Neutron address these limitations. Neutron provides networking services and abstracts away the underlying networking hardware. It uses plugins to support different networking backends and agents to interface with physical networking devices. Neutron also enables advanced networking services like load balancing, firewalls, and VPNs on top of the basic networking capabilities. Kuryr allows container networking to be integrated with Neutron, providing a unified API for both containers and VMs.

Uploaded by

dz
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 36

Networking in OpenStack

Neutron, SDN, NFV, Containers

Rossella Sblendido
Team Lead Networking
rsblendido@suse.com
Traditional networking

2
Limitations of Traditional Networking

3
It's hardware centric!

4
Closed system
● Vendor specific software
● Costly
● Hard to inter-operate

5
Not scalable!

6
No abstractions
● Hard to maintain
● Hard to innovate
● Hard to experiment

7
Server virtualization
VLANs are not flexible enough (e.g. server is moved)
Traffic differs from the classic server-client model

8
Connect a new machine
1. Reach the place

9
Connect a new machine
1. Reach the place
2. Plug the cable

10
Connect a new machine
1. Reach the place
2. Plug the cable

3. Configure

11
OpenFlow

12
OpenFlow
● Open standard
● Separation of control plane and data plane
● OF switch has flow tables

● OF controller programs the flow entries

● Flow = match + action

13
OpenFlow switch

14
SDN

15
What's SDN?
● Separate control plane from data plane
● Centralization of control
● Program a network vs configure network

16
Overlay network
● Encapsulation decouples a network service from the underlying
infrastructure
● Per-service state is restricted at the edge of the network

Image from ipcraft.net

17
Connect a new machine in the virtual world

18
NFV

19
What's NFV?

20
NFV benefits
● Agility
● Reduced costs
● Faster time to market
● Interoperability

21
OPNFV
● Open Source platform for deploying NFV solutions

22
Networking in OpenStack

23
Neutron
● Neutron is an OpenStack project to provide “networking as a
service” between interface devices (e.g., vNICs) managed
by other Openstack services (e.g., nova)
● provides a powerful API to define the network connectivity

24
Neutron abstractions
● Network: L2 broadcast domain
● Subnet: a block of v4 or v6 IP addresses and associated
configuration state.
● Port: a connection point for attaching a single device, such
as the NIC of a virtual server, to a virtual network. Also
describes the associated network configuration, such as the
MAC and IP addresses to be used on that port.
● Router: interconnects networks

25
Modular architecture
● Plugin: custom back-end implementation of the Networking
API
● Neutron-server: exposes the API

26
Neutron agents
● L2 agent
● DHCP agent
● L3 agent
● Metadata agent

27
Neutron advanced services: LBaaS
● Pools
● Virtual IPs
● Listeners
● Health monitors

28
Neutron advanced services: VPNaaS
● IPSec
● OpenSwan

29
Neutron advanced services: FWaaS
● Enhanced router

30
Containers

31
Containers are cool but...
● Containers need to be reachable
● Containers need to be connected together

Image from patgt.net

32
Kuryr
● Neutron Stadium
● Map container networking abstraction to the Neutron API
● Bring containers and VMs together under one API

33
Kuryr: how it works
● Maps libnetwork API into Neutron API
● Leverages the networking services provided by Neutron

34
Thanks!
Questions?

35

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy