ºÝºÝߣ

ºÝºÝߣShare a Scribd company logo

OpenStack summit austin 2016

?
?
Yongyoon Shin
Yongyoon Shin

OpenStack summit austin 2016 summary

1 of 61
Downloaded 53 times
OpenStack Summit Austin 2016 YongYoon. SHIN http://uni2u.tistory.com
Let¡¯s Talk ? Summary of OpenStack Summit ? OpenStack User Survey ? OpenStack Summit Keynote ? Networking SFC ? OpenStack and Container ? Container Network
SUMMARY OF OPENSTACK SUMMIT
OpenStack Summit Austin 2016 ? OpenStack Mitaka (2016.1) ?? ?? ?? ??? ????, Newton Design Summit ? ?? ? ????? ? 7,800 ??? ??? ?? ?? ? ??? ?? ¨C OpenStack Design Summit 2010 (¡®10.11) : 250 ?? ¨C OpenStack Summit HongKong 2013 (¡¯13.11) : 4,000 ?? ¨C OpenStack Summit Atlanta 2014 (¡¯14.05) : 4,500 ?? ¨C OpenStack Summit Paris 2014 (¡®14.11) : 4,600 ?? ¨C OpenStack Summit Vancouver 2015 (¡®15.05) : 6,000 ?? ¨C OpenStack Summit Tokyo 2015 (¡®15.10) : 5,000 ??
OpenStack Summit Austin 2016
OpenStack Summit ?? ? Big Tent ?? ?? ??? ?? ¨C ??? ??? ???? ???? ???? ??? (??? ??) ¨C ???, ?? ??? ?? ?? ??? ?? ??? ?? ¨C ????? Summit ????? ??? ???? ??? ?? ????? ???? ?? ??? ¨C Enterprise Cloud? ?? ??? ????? ???? ?? ????, ?? ?? ? SDN/NFV ??? ???? ?? ????? ??? ? ? ? ?? ??? OpenStack Deployment Model ?? ?? ¨C OpenStack Core Project (6?) ??? ????? ?? ? ?? ?? ?? ¨C ??, Neutron? SFC, DVR, L3 HA, LBaaS, VPNaaS, FWaaS ? ??? ?? ??? ?? ?? ? ?? ?? ?? ¨C Ceilometer ?? ?? ?? ??? ? ??? ?? ????? ?? ?? ?? ??
The Next Summit ¡°O¡± Release Design Summit October 25~28, Barcelona, Spain
OPENSTACK USER SURVEY
OpenStack user survey_user perspectives ? Which emerging technologies interest OpenStack user? https://www.openstack.org/assets/survey/April-2016-User-Survey-Report.pdf
OpenStack user survey deployments ? Which projects are OpenStack users most interested in? https://www.openstack.org/assets/survey/April-2016-User-Survey-Report.pdf
OpenStack user survey deployment decisions ? Which OpenStack Network (Neutron) drivers are in use? https://www.openstack.org/assets/survey/April-2016-User-Survey-Report.pdf
OpenStack user survey current issues ? Which Neutron features are actively used, interested in, or planned for use? https://www.openstack.org/assets/survey/April-2016-User-Survey-Report.pdf
OPENSTACK SUMMIT KEYNOTE What a big conference!!!
? 7,500?!!! ?? 10,000? ??!!!
Keynote ? OpenStack ¡°Mitaka¡± Release ¨C 178 Countries / 345 Organizations / 2,336 Developers ¨C 3,500,000 lines of code ¨C Speaker: Jonathan Bryce (Executive Director, OpenStack Foundation)
Keynote ? OpenStack user interested ¨C Containers, NFV/SDN, Bare Metal ¨C OpenStack already prepared ¨C Speaker: Mark Collier (Chief Operating Officer, OpenStack Foundation)
AT&T Cloud Journey ? Mobile Data growth ¨C must transform building networks ? ACI (AT&T Integrated Cloud) ¨C Open-whitebox HW ? Virtualized & Controlled by AIC ¨C Lower cost & High speed/Agility ¨C Goal ? 75% of network using cloud infra and SDN by 2020
NETWORKING SFC
What is Service Function Chain ? 2016 OpenStack Summit Austin ¨C Cathy Zhang ¨C Realize SFC Using ONOS Controller
OpenStack Neutron Service Chain Architecture
OpenStack Service Chain API Overview
SFC in ONOS Architecture OpenStack Networking-SFC (ONOS SFC Driver) ONOS NBI for SFC Functions ONOS SFC Manager SB API for SFC Provisioning on the Device
SFC (v1)? ??? ? Neutron API ?? (OpenStack/Networking-SFC) ? ??? ??? ?? VM? Traffic Steering ? ?? ??? ?? ?? ? ??? ??? ? SFC Encapsulation (NSH, MPLS, ..?) ? Reclassification and Branching ? Network Transport Protocol ? SFC Proxying ? Criteria for Elasticity and Load Balancing ? SFC Symmetry ? ??? SFC API ?? (??? ???? ??) ? ??? Port Chaining ?? ??? ?? ?? https://review.openstack.org/#/c/308453/2/specs/newton/ietf-compliant-sfc-api.rst
Networking-SFC Phase 2 ? Container ? Physical Device ??? SF? ?? Chaining ?? ? Tacker ?? ?? ? Open Source SDN Controller Driver ?? ¨C ODL SFC Driver, OVN SFC Driver, Dragonflow SFC Driver ? IETF NSH Encapsulation ?? ? ???? SFC ?? ??
Proposed Change ? Data Model ? Reclassification & Branching ? Service Function Path ? Service Function Path Hop
Proposed Change ? Example of high-level view Instance Selection Policy (same to Scheduling Algorithm (ODL)) ->Elastic & Load Balancing ? Without SFC encapsulation ("legacy" mode) : ?? ??? ???? ?? ?? ?? ?? ? With SFC Encapsulation ?? : Next hop SF? ???? ????, ??? ?? ??? ??
Proposed Change ? Architecture
Tacker+SFC ?? ?? ? Tacker?? ODL SFC? ?? ¨C Neutron? Network ?? ?? ? Tacker?? VNFFGD ?? ? Tacker?? Networking-SFC ?? ? ODL? Neutron NB ??
Service Chaining & Injection (1) 2016 OpenStack Summit Austin - Gal Sagie ¨C Container Based Dynamic Service Chaining
Service Chaining & Injection (2) Attack Flow & Normal Flow ? Attack Flow ¨C Service ?? (IPS) ¨C Manager? IPS ?? ?? ?? ¨C Drop ? Normal Traffic ¨C Manager? ?? ??? ?? ¨C IPS? ??? ??, ?? ??
ODL SFC? vADC? ?? 2016 OpenStack Summit Austin - Michael OMalley ¨C A better wheel using OPNFV for superior service
6 Top Challenges for Using OpenStack for D-NFV ? Binding Virtual Network Interface Card to the Virtual Network Function ? Service Chain Modification ? Securing OpenStack over the Internet ? Scalability of the Controller(s) ? Start-up Storms (Or Stampedes) ? Backward Compatibility between Release 2016 OpenStack Summit Austin ¨C T. Khan ¨C Distributed NFV & OpenStack Challenges and Potential Solutions
OpenStack Networking-SFC V1/V2 ? ¡°Port Group¡± ?? ???? ¨C API ?? ?? ? SFC ?? ?? ?? ¨C ¡°A standards-compliant SFC API¡± ? SFC v2? ?? ¨C Resource ? Service ?? ?? ¨C IETF ?? (Meta-data, NSH ?) ¨C Instance ?? ?? ?? ¨C ??? ??? SFF Proxy ??? ?? ¨C ??? ?? ??? ??
SFC MPLS/BGP VPN Approach
WHAT¡¯S NEW IN MITAKA Neutron Address Scopes?
Neutron Address Scopes ? Motivation ¨C NAT : External ? Private ???? ?? ? ??? ?? ?? ?? ? IPv6??? NAT ?? ?? ¨C Mitaka?? BGP? ??? announcing private networks ¨C L2VPN/L3VPN?? BGP ?? ??? ?? ?? ¨C ??? ??? ?? ?? ¨C ??? ??? ??? IP ?? ??? ?? ?? ? Subnet Pools ¨C Subnet ??? ?? ?? ?? ? Tenant? ?? ?? ? Tenant? ?? ¨C ?? ? https://blueprints.launchpad.net/neutron/+spec/subnet-allocation 2016 OpenStack Summit Austin ¨C Carl Baldwin ¨C Neutron Address Scope
Neutron Subnet Pools ? Subnet? ??? ? ?? ?? ?? ? Subnet ??? subnetpool_id attribute? ?? ?? ¨C Subnet Pool? UUID ¨C ??? ???? ?? ??? Null ¨C Subnet Pool? ????, CIDR? ?? ?? ¨C CIDR? ????, Subnet Pool? ??? ?? ??? ??. ¨C Subnet pool? subnet? overlap ?? ? Subnet Pool Quotas ¨C IPv4? ?? ?????? Quota ?? : x/24 -> 256 http://docs.openstack.org/developer/neutron/devref/address_scopes.html
Neutron Address Scopes ? ?? ???? ???? ?? ?? (¡°The thing within which address overlap is not allowed¡±) ? Mitaka ?? ¨C ???? ??? ?? ?? ??. ?? ??? ?? ¨C ?? ?? Tenant? ??? ?? . ?? ????? ?? ???? ? NAT ?? -> Tenant? ??? Address Scope? ?? ?? ?? ? NAT? ?? ???, Tenant? ??? ??? ??? ?? ? Routing ¨C Address Scope ?: ???? ??? ¨C Address Scope ? : ??? ?? (NAT? ?? ??? ??), Floating IP ?? ?? ? RPC ¨C L3 Agent : ???? ? ??? ?? Address Scope? ? ??? ?? ¨C Subnet? ??? subnet pool ?? (??? Address Scope) ? L3 Agent ¨C ???? Ingress?? Marking (???? ?? Network ?? ??) -> ?? Address Scope? ?????? ??? ?? Block ¨C Floating IP ???? ?? ?? ?? : Floating IP? ???? DNAT ??. Floating IP?? ??? ?? ?? ¨C ???? ??? ??? ??? SNAT ???? ?? ?? : ?? ????? ???? Address Scope? ??, ?? ????? Address Scope? ???? NAT ???
Neutron Address Scopes ? Subnet Pools support Address Scopes ¨C Address overlap ?? ¨C Subnet pools? subnet ?? ?? ¨C Address scopes? ??? ???? ?? ¨C Subnet pools? Address scopes? ???? ?? Accounting Mechanism ¨C Address scopes ? ?? pool ? ??? ?? ¨C Aggregation instead of Composition ? Subnet pool ?? subnet ?? ? Address scope ?? subnet pool ?? ¨C The ¡°no scope¡± scope ? Subnet pool ?? ?? subnet ?? ? Address scope ?? ?? subnet ?? ? Constraints are relaxed ¨C ???? ?? overlap ?? ¨C ??? ?? ?? ?? ?? ¨C Private IPv4 ??? ?? ???? ???? NAT ¨C and the external network
OpenStack summit austin 2016
OpenStack summit austin 2016
L2GW? ??? Inter-Cloud ?? 2016 OpenStack Summit Austin ¨C E. Gampel ¨C Spanning your overlay network across clouds
OpenStack?? L2 ???? ?? ? More use case ? L2 Border Gateway ? ?? OpenStack?? Overlay L2 ???? ??? ??? ?? ?? ? Multi Region OpenStack ? Region ?? L2 ?? ?? ? Hybrid Cloud ? Public Cloud?? ???? VPC ? ? ?? ??
OpenStack summit austin 2016
l2-gateway-create l2-gateway-connection-create l2-remote-gateway-create l2-remote-gateway-connection-create l2-remote-mac-create
OPENSTACK AND CONTAINER LXD¡­ Docker¡­ Mesos¡­ etc So many container services¡­ But networks?
OpenStack project for container Nova Heat Magnum A Docker hypervisor driver for Nova Compute to treat containers and images as the same type of resource as virtual machines. A plugin template for orchestrating Docker resources on top of OpenStack resources. Allows access to full Docker API. Provides an API to manage multi- tenant Containers-as-a-Service leveraging Heat, Nova, and Neutron. Kolla Murano Kuryr Containerizes the OpenStack control services themselves as microservices to simplify the operational experience. Provides an application catalog of containerized applications that can be deployed to an OpenStack cloud. Brings the Neutron networking model to containers. Providing consistency between bare metal, virtual machines, and containers.
OpenStack with Container_User Story ? Stackanetes (CoreOS) ¨C OpenStack over Kubernetes ¨C Clustering Node = Seamless OpenStack service
Containers.. more faster, more light ? LXD (canonical) ¨C LXD provides machine containers ? Application container ¨C Linux container(LXC) hypervisor ? more container, more faster, more light ¨C Dozens of LXD instances launch in seconds ¨C Service migrate in real time ¨C OpenStack mitaka plugin ¨C REST API for managing system containers
Mesos and OpenStack
CONTAINER NETWORK Current container network have a problem¡­ Network is always problem¡­ How can we solved in OpenStack
Problems with current Nested Containers Network ? Two Separate Networking infrastructures ? Hard to enforce network policy ? Security and isolation ? Performance and unneeded overhead of management
OpenStack summit austin 2016
OpenStack summit austin 2016
OpenStack summit austin 2016
Nested Container Networking in OpenStack ? Nested/baremetal container to nested/baremetal container same/different hosts ? Nested/baremetal container to virtual machine communication ? Nested/baremetal container to baremetal communication ? Container networking as a first class entity in Neutron ? Consistent policy enforcement across containers, VMs, bare metal ? Enable advanced networking services like FWaas, LBaas, VPNaas etc
OpenStack summit austin 2016
OpenStack summit austin 2016
OpenStack summit austin 2016
Container Networking in OpenStack Next Step ? Follow up on the Neutron Trunk port implementation ? Finish COE(Container Orchestration Engine) baremetal integration ¨C Policy translation ¨C Make Neutron resources available through native APIs ? Magnum deployment prototype of worker VM with Kuryr agent ? Magnum administrator VM that communicates with Neutron
Containerizing Network Services ? Scalability ¨C Container scale-out with the number of available compute nodes ? High Availability ¨C Seamless failover on container or compute failure ? Container Health ¨C Report the running status of the network service software ? Container Migration ¨C Cloud operator tools to manage network service containers ? Scheduling Policies ¨C Container affinity, host selection and fate-sharing

More Related Content

OpenStack summit austin 2016

  • 1. OpenStack Summit Austin 2016 YongYoon. SHIN http://uni2u.tistory.com
  • 2. Let¡¯s Talk ? Summary of OpenStack Summit ? OpenStack User Survey ? OpenStack Summit Keynote ? Networking SFC ? OpenStack and Container ? Container Network
  • 4. OpenStack Summit Austin 2016 ? OpenStack Mitaka (2016.1) ?? ?? ?? ??? ????, Newton Design Summit ? ?? ? ????? ? 7,800 ??? ??? ?? ?? ? ??? ?? ¨C OpenStack Design Summit 2010 (¡®10.11) : 250 ?? ¨C OpenStack Summit HongKong 2013 (¡¯13.11) : 4,000 ?? ¨C OpenStack Summit Atlanta 2014 (¡¯14.05) : 4,500 ?? ¨C OpenStack Summit Paris 2014 (¡®14.11) : 4,600 ?? ¨C OpenStack Summit Vancouver 2015 (¡®15.05) : 6,000 ?? ¨C OpenStack Summit Tokyo 2015 (¡®15.10) : 5,000 ??
  • 6. OpenStack Summit ?? ? Big Tent ?? ?? ??? ?? ¨C ??? ??? ???? ???? ???? ??? (??? ??) ¨C ???, ?? ??? ?? ?? ??? ?? ??? ?? ¨C ????? Summit ????? ??? ???? ??? ?? ????? ???? ?? ??? ¨C Enterprise Cloud? ?? ??? ????? ???? ?? ????, ?? ?? ? SDN/NFV ??? ???? ?? ????? ??? ? ? ? ?? ??? OpenStack Deployment Model ?? ?? ¨C OpenStack Core Project (6?) ??? ????? ?? ? ?? ?? ?? ¨C ??, Neutron? SFC, DVR, L3 HA, LBaaS, VPNaaS, FWaaS ? ??? ?? ??? ?? ?? ? ?? ?? ?? ¨C Ceilometer ?? ?? ?? ??? ? ??? ?? ????? ?? ?? ?? ??
  • 7. The Next Summit ¡°O¡± Release Design Summit October 25~28, Barcelona, Spain
  • 9. OpenStack user survey_user perspectives ? Which emerging technologies interest OpenStack user? https://www.openstack.org/assets/survey/April-2016-User-Survey-Report.pdf
  • 10. OpenStack user survey deployments ? Which projects are OpenStack users most interested in? https://www.openstack.org/assets/survey/April-2016-User-Survey-Report.pdf
  • 11. OpenStack user survey deployment decisions ? Which OpenStack Network (Neutron) drivers are in use? https://www.openstack.org/assets/survey/April-2016-User-Survey-Report.pdf
  • 12. OpenStack user survey current issues ? Which Neutron features are actively used, interested in, or planned for use? https://www.openstack.org/assets/survey/April-2016-User-Survey-Report.pdf
  • 13. OPENSTACK SUMMIT KEYNOTE What a big conference!!!
  • 15. Keynote ? OpenStack ¡°Mitaka¡± Release ¨C 178 Countries / 345 Organizations / 2,336 Developers ¨C 3,500,000 lines of code ¨C Speaker: Jonathan Bryce (Executive Director, OpenStack Foundation)
  • 16. Keynote ? OpenStack user interested ¨C Containers, NFV/SDN, Bare Metal ¨C OpenStack already prepared ¨C Speaker: Mark Collier (Chief Operating Officer, OpenStack Foundation)
  • 17. AT&T Cloud Journey ? Mobile Data growth ¨C must transform building networks ? ACI (AT&T Integrated Cloud) ¨C Open-whitebox HW ? Virtualized & Controlled by AIC ¨C Lower cost & High speed/Agility ¨C Goal ? 75% of network using cloud infra and SDN by 2020
  • 19. What is Service Function Chain ? 2016 OpenStack Summit Austin ¨C Cathy Zhang ¨C Realize SFC Using ONOS Controller
  • 20. OpenStack Neutron Service Chain Architecture
  • 21. OpenStack Service Chain API Overview
  • 22. SFC in ONOS Architecture OpenStack Networking-SFC (ONOS SFC Driver) ONOS NBI for SFC Functions ONOS SFC Manager SB API for SFC Provisioning on the Device
  • 23. SFC (v1)? ??? ? Neutron API ?? (OpenStack/Networking-SFC) ? ??? ??? ?? VM? Traffic Steering ? ?? ??? ?? ?? ? ??? ??? ? SFC Encapsulation (NSH, MPLS, ..?) ? Reclassification and Branching ? Network Transport Protocol ? SFC Proxying ? Criteria for Elasticity and Load Balancing ? SFC Symmetry ? ??? SFC API ?? (??? ???? ??) ? ??? Port Chaining ?? ??? ?? ?? https://review.openstack.org/#/c/308453/2/specs/newton/ietf-compliant-sfc-api.rst
  • 24. Networking-SFC Phase 2 ? Container ? Physical Device ??? SF? ?? Chaining ?? ? Tacker ?? ?? ? Open Source SDN Controller Driver ?? ¨C ODL SFC Driver, OVN SFC Driver, Dragonflow SFC Driver ? IETF NSH Encapsulation ?? ? ???? SFC ?? ??
  • 25. Proposed Change ? Data Model ? Reclassification & Branching ? Service Function Path ? Service Function Path Hop
  • 26. Proposed Change ? Example of high-level view Instance Selection Policy (same to Scheduling Algorithm (ODL)) ->Elastic & Load Balancing ? Without SFC encapsulation ("legacy" mode) : ?? ??? ???? ?? ?? ?? ?? ? With SFC Encapsulation ?? : Next hop SF? ???? ????, ??? ?? ??? ??
  • 28. Tacker+SFC ?? ?? ? Tacker?? ODL SFC? ?? ¨C Neutron? Network ?? ?? ? Tacker?? VNFFGD ?? ? Tacker?? Networking-SFC ?? ? ODL? Neutron NB ??
  • 29. Service Chaining & Injection (1) 2016 OpenStack Summit Austin - Gal Sagie ¨C Container Based Dynamic Service Chaining
  • 30. Service Chaining & Injection (2) Attack Flow & Normal Flow ? Attack Flow ¨C Service ?? (IPS) ¨C Manager? IPS ?? ?? ?? ¨C Drop ? Normal Traffic ¨C Manager? ?? ??? ?? ¨C IPS? ??? ??, ?? ??
  • 31. ODL SFC? vADC? ?? 2016 OpenStack Summit Austin - Michael OMalley ¨C A better wheel using OPNFV for superior service
  • 32. 6 Top Challenges for Using OpenStack for D-NFV ? Binding Virtual Network Interface Card to the Virtual Network Function ? Service Chain Modification ? Securing OpenStack over the Internet ? Scalability of the Controller(s) ? Start-up Storms (Or Stampedes) ? Backward Compatibility between Release 2016 OpenStack Summit Austin ¨C T. Khan ¨C Distributed NFV & OpenStack Challenges and Potential Solutions
  • 33. OpenStack Networking-SFC V1/V2 ? ¡°Port Group¡± ?? ???? ¨C API ?? ?? ? SFC ?? ?? ?? ¨C ¡°A standards-compliant SFC API¡± ? SFC v2? ?? ¨C Resource ? Service ?? ?? ¨C IETF ?? (Meta-data, NSH ?) ¨C Instance ?? ?? ?? ¨C ??? ??? SFF Proxy ??? ?? ¨C ??? ?? ??? ??
  • 34. SFC MPLS/BGP VPN Approach
  • 35. WHAT¡¯S NEW IN MITAKA Neutron Address Scopes?
  • 36. Neutron Address Scopes ? Motivation ¨C NAT : External ? Private ???? ?? ? ??? ?? ?? ?? ? IPv6??? NAT ?? ?? ¨C Mitaka?? BGP? ??? announcing private networks ¨C L2VPN/L3VPN?? BGP ?? ??? ?? ?? ¨C ??? ??? ?? ?? ¨C ??? ??? ??? IP ?? ??? ?? ?? ? Subnet Pools ¨C Subnet ??? ?? ?? ?? ? Tenant? ?? ?? ? Tenant? ?? ¨C ?? ? https://blueprints.launchpad.net/neutron/+spec/subnet-allocation 2016 OpenStack Summit Austin ¨C Carl Baldwin ¨C Neutron Address Scope
  • 37. Neutron Subnet Pools ? Subnet? ??? ? ?? ?? ?? ? Subnet ??? subnetpool_id attribute? ?? ?? ¨C Subnet Pool? UUID ¨C ??? ???? ?? ??? Null ¨C Subnet Pool? ????, CIDR? ?? ?? ¨C CIDR? ????, Subnet Pool? ??? ?? ??? ??. ¨C Subnet pool? subnet? overlap ?? ? Subnet Pool Quotas ¨C IPv4? ?? ?????? Quota ?? : x/24 -> 256 http://docs.openstack.org/developer/neutron/devref/address_scopes.html
  • 38. Neutron Address Scopes ? ?? ???? ???? ?? ?? (¡°The thing within which address overlap is not allowed¡±) ? Mitaka ?? ¨C ???? ??? ?? ?? ??. ?? ??? ?? ¨C ?? ?? Tenant? ??? ?? . ?? ????? ?? ???? ? NAT ?? -> Tenant? ??? Address Scope? ?? ?? ?? ? NAT? ?? ???, Tenant? ??? ??? ??? ?? ? Routing ¨C Address Scope ?: ???? ??? ¨C Address Scope ? : ??? ?? (NAT? ?? ??? ??), Floating IP ?? ?? ? RPC ¨C L3 Agent : ???? ? ??? ?? Address Scope? ? ??? ?? ¨C Subnet? ??? subnet pool ?? (??? Address Scope) ? L3 Agent ¨C ???? Ingress?? Marking (???? ?? Network ?? ??) -> ?? Address Scope? ?????? ??? ?? Block ¨C Floating IP ???? ?? ?? ?? : Floating IP? ???? DNAT ??. Floating IP?? ??? ?? ?? ¨C ???? ??? ??? ??? SNAT ???? ?? ?? : ?? ????? ???? Address Scope? ??, ?? ????? Address Scope? ???? NAT ???
  • 39. Neutron Address Scopes ? Subnet Pools support Address Scopes ¨C Address overlap ?? ¨C Subnet pools? subnet ?? ?? ¨C Address scopes? ??? ???? ?? ¨C Subnet pools? Address scopes? ???? ?? Accounting Mechanism ¨C Address scopes ? ?? pool ? ??? ?? ¨C Aggregation instead of Composition ? Subnet pool ?? subnet ?? ? Address scope ?? subnet pool ?? ¨C The ¡°no scope¡± scope ? Subnet pool ?? ?? subnet ?? ? Address scope ?? ?? subnet ?? ? Constraints are relaxed ¨C ???? ?? overlap ?? ¨C ??? ?? ?? ?? ?? ¨C Private IPv4 ??? ?? ???? ???? NAT ¨C and the external network
  • 42. L2GW? ??? Inter-Cloud ?? 2016 OpenStack Summit Austin ¨C E. Gampel ¨C Spanning your overlay network across clouds
  • 43. OpenStack?? L2 ???? ?? ? More use case ? L2 Border Gateway ? ?? OpenStack?? Overlay L2 ???? ??? ??? ?? ?? ? Multi Region OpenStack ? Region ?? L2 ?? ?? ? Hybrid Cloud ? Public Cloud?? ???? VPC ? ? ?? ??
  • 46. OPENSTACK AND CONTAINER LXD¡­ Docker¡­ Mesos¡­ etc So many container services¡­ But networks?
  • 47. OpenStack project for container Nova Heat Magnum A Docker hypervisor driver for Nova Compute to treat containers and images as the same type of resource as virtual machines. A plugin template for orchestrating Docker resources on top of OpenStack resources. Allows access to full Docker API. Provides an API to manage multi- tenant Containers-as-a-Service leveraging Heat, Nova, and Neutron. Kolla Murano Kuryr Containerizes the OpenStack control services themselves as microservices to simplify the operational experience. Provides an application catalog of containerized applications that can be deployed to an OpenStack cloud. Brings the Neutron networking model to containers. Providing consistency between bare metal, virtual machines, and containers.
  • 48. OpenStack with Container_User Story ? Stackanetes (CoreOS) ¨C OpenStack over Kubernetes ¨C Clustering Node = Seamless OpenStack service
  • 49. Containers.. more faster, more light ? LXD (canonical) ¨C LXD provides machine containers ? Application container ¨C Linux container(LXC) hypervisor ? more container, more faster, more light ¨C Dozens of LXD instances launch in seconds ¨C Service migrate in real time ¨C OpenStack mitaka plugin ¨C REST API for managing system containers
  • 51. CONTAINER NETWORK Current container network have a problem¡­ Network is always problem¡­ How can we solved in OpenStack
  • 52. Problems with current Nested Containers Network ? Two Separate Networking infrastructures ? Hard to enforce network policy ? Security and isolation ? Performance and unneeded overhead of management
  • 56. Nested Container Networking in OpenStack ? Nested/baremetal container to nested/baremetal container same/different hosts ? Nested/baremetal container to virtual machine communication ? Nested/baremetal container to baremetal communication ? Container networking as a first class entity in Neutron ? Consistent policy enforcement across containers, VMs, bare metal ? Enable advanced networking services like FWaas, LBaas, VPNaas etc
  • 60. Container Networking in OpenStack Next Step ? Follow up on the Neutron Trunk port implementation ? Finish COE(Container Orchestration Engine) baremetal integration ¨C Policy translation ¨C Make Neutron resources available through native APIs ? Magnum deployment prototype of worker VM with Kuryr agent ? Magnum administrator VM that communicates with Neutron
  • 61. Containerizing Network Services ? Scalability ¨C Container scale-out with the number of available compute nodes ? High Availability ¨C Seamless failover on container or compute failure ? Container Health ¨C Report the running status of the network service software ? Container Migration ¨C Cloud operator tools to manage network service containers ? Scheduling Policies ¨C Container affinity, host selection and fate-sharing
AboutCopyright
? 2025 ºÝºÝߣ