Acknowledgments
I want to thank all the developers and members in OpenStack Community, OpenStack
Foundation and Open Networking Foundation. Also to my colleges in PLUMgrid Inc.
Information presented here is sourced from my own experience as PLUMgrid employee and from:
ion/openstack-neutron-modular-layer-2-plugin-deep-dive
PLUMgrid Inc, http://plumgrid.com/resources/
Views and technical points expressed here are solely presenters and doesnt reflect the
views/positions of PLUMgrid Inc in any way.
Agenda
Components
Architecture
Demo. Neutron.
Slides. SDN.
Definition, architecture.
Virtual Networks.
Software Edges.
Example: PLUMgrid.
Demo
Dashboard and CLI overview.
Create Networks, spawn VMs, test connectivity.
Create and assign floating IPs, test external access.
Load balancer create and test.
Overlapping IPs, test tenant isolation.
Neutron in Openstack
Neutron in Openstack
Neutron Components
Neutron Components
Neutron Server
Runs on Controller node.
Exposes API. Enforces network model.
Passes requests to Neutron plugin.
Neutron Plugin
Runs on Controller node.
Implements the API.
Interacts with neutron server, database and agents.
Queue
Enhance communication between each components of neutron
Database
Persistent network model
Plugin agent (*)
Run on each compute node
Connect instances to network port
DHCP Agent (*)
Start/stop dhcp server
Maintain dhcp configuration
L3 Agent (*)
To implement floating IPs and other L3 features, such as NAT
(*) These components may be overridden by the plug-in
Neutron & SDN
Demo (II)
Neutron REST API, example with curl.
Neutron Internals:
Network namespaces DHCP, Router, LoadBalancer
OVS Bridges - VLANs
Demo (II)
Neutron API example with cURL.
How to update a network:
1.- get the token from keystone
2.- list existing networks to get id of network to update
3.- update network name
After these, check in Dashboard that name has actually changed
$ export IP=<host_ip>
$ export PASS=<admin_password>
$ curl -d "{\"auth\":{\"tenantName\": \"admin\", \"passwordCredentials\":
{\"username\": \"admin\", \"password\": \"$PASS\"}}}" -H "Content-type: application/json"
http://$IP:35357/v2.0/tokens
$ export TOKEN=<token_id>
$ curl -H "X-Auth-Token: $TOKEN" http://$IP:9696/v2.0/networks
$ export NET=<network_id>
$ curl -H "X-Auth-Token: $TOKEN" -X PUT -d '{"network": {"name": "network_updated"}}'
http://10.0.2.15:9696/v2.0/networks/$NET.json
APIs:
http://docs.openstack.org/api/openstack-identity-service/2.0/content/POST_authenticate_v2.0_
tokens_.html
https://wiki.openstack.org/wiki/Neutron/APIv2-specification#API_Operations
Demo (II)
Show soft bridges. We can see the vlan tags in integration bridge.
$ sudo ovs-vsctl show
e80f467f-bd33-452a-a495-e7c89736c552
Bridge br-int
Port "tap0b53fd22-35"
tag: 2
Interface "tap0b53fd22-35"
Port "tapd7e7242f-64"
tag: 3
Interface "tapd7e7242f-64"
Port br-int
Interface br-int
type: internal
Port "qr-63a50193-d2"
tag: 2
Interface "qr-63a50193-d2"
type: internal
Port "qr-2ad51820-c7"
tag: 1
Interface "qr-2ad51820-c7"
type: internal
Port "tap2f696f92-6c"
tag: 2
Interface "tap2f696f92-6c"
type: internal
...
Demo (II)
Show network namespaces
$ ip netns show
qlbaas-9035ea38-1916-4cf9-855f-06f1a41b1899
qdhcp-a389d59d-5275-4470-9edf-44bf7de6cb0f
qdhcp-f030bfa9-5209-477b-a260-e0bc552ebffd
qrouter-9de1459b-c453-485c-b89e-99cb09e82371
qrouter-91a3612b-835c-400b-b8db-6d11dade6b11
Demo (II)
Execute commands in network namespaces
$ sudo ip netns exec qdhcp-a389d59d-5275-4470-9edf-44bf7de6cb0f ifconfig
lo
Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
tapae991773-bd Link encap:Ethernet HWaddr fa:16:3e:80:a8:0f
inet addr:30.0.0.4 Bcast:30.0.0.255 Mask:255.255.255.0
inet6 addr: fe80::f816:3eff:fe80:a80f/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:40 errors:0 dropped:0 overruns:0 frame:0
TX packets:25 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:5048 (5.0 KB) TX bytes:3074 (3.0 KB)
inaki@precise:~/devstack$ sudo ip netns exec qdhcp-a389d59d-5275-4470-9edf-44bf7de6cb0f
tcpdump -i tapae991773-bd
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tapae991773-bd, link-type EN10MB (Ethernet), capture size 65535 bytes
SDN Introduction
Why SDN?:
SDN Architecture
Network Virtualization
http://plumgrid.com/resources/
Centralized
Thank you!