Transcript

• 1. Virtualized Network with OpenvSwitch Paul Sim Cloud Consultant [email protected]
• 2. Index ● OpenvSwitch Overview ● OpenvSwitch Architecture ● Configuration ● OpenvSwitch Demo ● Virtual Network with OpenvSwitch ● OpenStack with OpenvSwitch ● Use-case
• 3. OpenvSwitch Overview ❏ A virtual switch or Virtual Ethernet bridge (VEB) ❏ A key component of networking for virtualized computing ❏ “Open” vSwitch version of Nicira’s proprietary vSwitch ❏ User-space : configuration, control ❏ Kernel-space : datapath (included in main Linux kernel since version 3.3) ❏ Cisco Nexus 1000V, VMware vDS, IBM DVS 5000V, MS Hyper-V vSwitch
• 4. OpenvSwitch Overview - Features ❏ Visibility into inter-VM communication via NetFlow, sFlow(R), IPFIX, SPAN, LACP (IEEE 802.1AX-2008) ❏ Standard 802.1Q VLAN model with trunking ❏ STP (IEEE 802.1D-1998), Fine-grained QoS control ❏ NIC bonding with source-MAC load balancing, active backup, and L4 hashing ❏ OpenFlow protocol support (including many extensions for virtualization) ❏ Multiple tunneling protocols (VxLAN, Ethernet over GRE, CAPWAP, IPsec, GRE over IPsec) http://openvswitch.org/features/
• 5. OpenvSwitch Overview - Performance
• 6. OpenvSwitch Architecture user space ovs-vsctl ovsdb-client ovs-appctl ovs-dpctl ovs-brcompatd Remote OpenvSwitch db OVS Management (JSON RPC) ovsdb-server ovs-vswitchd OpenFlow Controller OpenFlow Kernel space ovs-ofctl brcompat.ko Netlink openvswitch.ko Kernel Datapath(Fast Path) VM tap vNIC
• 7. OpenvSwitch Architecture VM VM vNIC vNIC tap1 tap2 Port Flow table vnet0 vnet1 Packet flows br-ovs bond0 eth0 eth2 eth1 eth2 Bridge Interface
• 8. OpenvSwitch Architecture ❏ ovs-vswitchd : a daemon that implements the switch, along with a companion Linux kernel module for flow-based switching. ❏ ovsdb-server : a lightweight database server that ovs-vswitchd queries to obtain its configuration. ❏ ovs-vsctl : a utility for querying and updating the configuration of ovsvswitchd. ❏ ovs-dpctl : a tool for configuring and monitoring the switch kernel module. ❏ ovs-appctl : a utility that sends commands to running Open vSwitch daemons (ovs-vswitchd). ❏ ovs-controller : a simple OpenFlow controller reference implementation. ❏ brocompat.ko : Linux bridge compatibility module ❏ openvswitch.ko : Open vSwitch switching datapath
• 9. Configuration Table Open_vSwitch Bridge Port Interface QoS Purpose Open vSwitch configuration Bridge configuration Port configuration One physical network device in a Port Quality of Service configuration Queue QoS output queue Mirror Port mirroring Controller OpenFlow controller configuration Manager OVSDB management connection NetFlow NetFlow configuration SSL sFlow Capability SSL configuration sFlow configuration Capability configuration $man ovs-vswitchd.conf.db
• 10. Configuration sample(1) ~$ sudo ovs-vsctl show 225d73cc-15b3-4db5-9b45-e783f7c49a10 Bridge br-tun Port "gre-3" Interface "gre-3" type: gre options: {in_key=flow, out_key=flow, remote_ip=" Bridge br-int 192.168.0.10"} Port "tap1" Port br-tun tag: 1 Interface br-tun Interface "tap1" type: internal Port "tap2" Port patch-int tag: 1 Interface patch-int Interface "tap2" type: patch Port br-int options: {peer=patch-tun} Interface br-int type: internal Port patch-tun Interface patch-tun type: patch options: {peer=patch-int}
• 11. Configuration sample(2) VM VM vNIC vNIC tap1 tap2 br-int gre3 patch-tun patch-int br-tun Linux Networking Stack eth0 External IP eth1 192.168.0.20 eth2 192.168.10.20 GRE tunnel 192.168.0.10
• 12. OpenvSwitch Demo - Environment External network Switch eth0 eth0 VM VM VM VM vNIC vNIC vNIC vNIC tap1 tap2 tap1 tap2 OpenvSwitch Bridge gre-1 GRE tunnel gre-1 OpenvSwitch Bridge eth1 eth1 Switch Tunneling network 192.168.0.0/24
• 13. Virtual Network with OpenvSwitch - OpenStack External network eth0 eth0 eth0 eth0 Controller node Network node Compute node - 1 Compute node - 2 Nova Keystone Neutron - Server Neutron agent Neutron agent Glance Horizon Neutron L3-agent Neutron OpenvSwitch Plug-in Neutron OpenvSwitch Plug-in Nova compute Nova compute eth1 eth2 eth1 eth2 eth1 eth2 Management 192.168.0.0/24 Data 192.168.10.0/24 eth1 eth2
• 14. Virtual Network with OpenvSwitch - OpenStack Neutron OpenvSwitch plug-in GRE tunneling Tunnel <-> compute node - 2 Network node Compute node - 1 gre-2 gre-2 VM qr~~~ br-tun qg~~~ br-tun tap~~~ VM tap1 tap2 Tunnel br-ext gre-1 br-int eth0 gre-1 br-int eth0 ❏ ❏ ❏ qg~~~ : external gateway interface qr~~~ : virtual router interface tap~~~ : network service interface (DHCP, DNS and …)
• 15. Use-case - VMware NSX VM VM VM VM VM VM vNIC vNIC vNIC vNIC vNIC vNIC OpenFlow OpenvSwitch Hypervisor NSX Controller Cluster Hypervisor NIC NIC Switch ❏ ❏ ❏ ❏ Overlay networking GRE & STT ❏ Centralized Controller ❏ MAC-over-GRE ARP Proxy : No MAC flooding Security : OpenvSwitch
• 16. Use-case - MidoNet VM vNIC VM vNIC VM MidoNet Agent VM vNIC vNIC MidoNet Agent Distributed Database OpenvSwitch Hypervisor Hypervisor NIC MidoNet Controller NIC Switch ❏ ❏ ❏ ❏ ❏ ❏ ❏ Overlay networking : GRE L2 ~ L4 (stateful) virtual networking Virtual Router : for each tenant, provider Forwarding decision in local No OpenFlow Distributed Database ❏ Cassandra : L4 session ❏ Zookeeper : MAC, F/W rules and ... Latency?
• 17. Use-case - Pica8 ❏ ❏ ❏ ❏ ❏ ❏ Two running modes : OpenvSwitch mode and L2/L3 mode Pics OVS : The implementation of OpenvSwitch on Pica8 hardware switch MPLS, GRE Standard 802.1Q VLAN model with trunking link monitoring NetFlow, sFlow
• 18. Use-case - Intel DPDK vSwitch ❏ ❏ ❏ High performance and ultra-low latency packet switching of OpenvSwitch using Intel DPDK(Data Plane Development Kit) acceleration technology. DPDK vSwitch suggests modified Qemu and OpenvSwitch. 6WIND clams 6WINDGate shows 10x faster performance than standard OpenvSwitch. ❏ http://www.6wind.com/wp-content/uploads/PDF/prod/6WIND-Virtual-Switch-Product-Brief.pdf