OpenStack meet iNaaS SDN Controller

iNaaS : SDN Controller for virtual network OpenStack과 SDN Controller 연동을 위한 삽질 기행기

SDN Research Section, ETRI

Yongyoon SHIN

함께 이야기 해 봅시다

• OpenStack Neutron

• OpenStack ml2

– Write own mechanism driver

– Using DevStack

• SDN

– iNaaS : The SDN Controller for virtual network

– Value

• Demo

OpenStack ml2 plugin

• Ml2 plugin : Types + Mechanisms

• Type : typically network type (gre/vlan/vxlan)

• Mechanism : network implement (vender specific)

Core plugin (ML2)

Type Manager Mechanism Manager

Type Driver Mechanism Driver

GRE VLAN VXLAN … Linux Bridge

OVS ODL iNaaS …

HERE!!

Mechanism 드라이버를 어떻게 만들죠?

• Ml2 plugin (neutron/plugins/ml2/plugin.py)

… self.mechanism_manager.create_RESOURCE_precommit(mech_context) try: self.mechanism_manager.create_RESOURCE_postcommit(mech_context) except ml2_exc.MechanismDriverError: with excutils.save_and_reraise_exception(): LOG.error(_("The respective error message")) self.delete_RESOURCE(context, result['id']) # only on create operations return result

network / subnet / port

나만의 mechanism 드라이버를 만들어보자

• Write mechanism driver basic

neutron/plugins/ml2/drivers/xxx.py Ex) neutron/plugins/ml2/drivers/mech_inaas.py

iNaaS mechanism driver

• iNaaS mechanism driver

REST Call to iNaaS SDN Controller

Mechanism 드라이버가 동작하기 위해서…

• Editing ml2_conf.ini file

• File location

– /etc/neutron/plugins/ml2/ml2_conf.ini

• Edit

– tenant_network_type

– mechanism_drivers

– REST address

Edit ml2_conf.ini

Control Node

Network/Compute Node

이제 서비스를 해볼까?

나 : “아싸~~ 완성~~ git에다가 올리고~~ 룰루~~”

A모 서브팀장 : “이거 안 돌아가는데???” B모 서브팀장 : “우리는 잘 돌아가는데???”

이유는…

A 서브팀에서는 DevStack을 사용하더라…

DevStack

• Where is ml2 mechanism driver??

– /opt/stack/neutron/neutron/plugins/ml2/drivers/

• Where is ml2_conf.ini??

– /etc/neutron/plugins/ml2/ -> don’t

– must edit setup.cfg -> /opt/stack/neutron/

• How can I start DevStack??

– Edit local.conf : /stack/

– stack.sh

DevStack을 활용한 설정

• Edit setup.cfg

… [files] etc/neutron/plugins/ml2 = … etc/neutron/plugins/ml2/ml2_conf_inaas.ini … … [entry_point] … neutron.ml2.mechanism_drivers = … inaas = neutron.plugins.ml2.drivers.mech_inaas:iNaaSMechanismDriver …

[[local|localrc]] … Q_PLUGIN=ml2 Q_AGENT=openvswitch Q_ML2_PLUGIN_MECHANISM_DRIVERS=inaas Q_ML2_TENANT_NETWORK_TYPE=vxlan Q_ML2_PLUGIN_TYPE_DRIVERS=vxlan Q_ML2_PLUGIN_VXLAN_TYPE_OPTIONS=(vni_ranges=1001:2000) Q_AGENT_EXTRA_AGENT_OPTS=(tunnel_types=vxlan vxlan_udp_port=4789) … [[post-config|/etc/neutron/plugins/ml2/ml2_conf.ini]] [agent] minimize_polling=True [ml2_inaas] url=http://192.168.56.15:8080/wm/ml2 username=admin password=password

DevStack을 활용한 설정

• local.conf

DevStack에서 mechanism driver는?

• Location : /opt/stack/neutron/neutron/plugins/ml2/drivers

• DevStack START!!!

– stack.sh

What is SDN

• 쉽게 말하자면… 소프트웨어를 통해 구성된 네트워크

iNaaS

• Based OpenIRIS SDN Controller (https://github.com/bjlee72/IRIS)

• iNaaS : OpenIRIS Network as a Service (https://github.com/uni2u/iNaaS)

• Network virtualization solutions for cloud environments

• Providing policy-based NaaS

• Work with OpenStack to create a virtual segment networks(VSN) for each tenant

• Separate policy application support for each VSN

SDN 환경에서는 OVS도 제어할 수 있다던데

• OpenStack using OpenvSwitch – Wow!!! OpenvSwitch support OF 1.0/1.3

– Wow!!! OpenvSwitch connect SDN Controller

– Wow!!! OpenvSwitch create tunnel network

• BUT!!!! – OpenvSwitch using hybrid flow

• Make OpenFlow rule using OF 1.0 + 1.3

• Solutions – Using OVSDB

– agent

ovsdb / agent 무엇을 사용하나?

• Ubuntu에서는 Remote로 ovs 관련 command를 100% 사용할 수 없다

– ovs-vsctl : 완벽 사용 가능

– ovs-ofctl : 사용 불가

• ovsdb를 사용하면?

– ovs는 OF 기반의 가상 스위치인데…

– 그러면 당연 SDN Controller가 제어할 수 있어야 하는데…

– 이거 되게 복잡하네???

• ovs-ofctl add flow를 사용하게 해 달라

– Agent 개발 하라는 무언의 압박

ovs-ofctl command

iNaaS Agent

• Using Java

• Install Network/Compute node

• Create tunnel network (full mash)

– Network to each compute node

• Create Flow rules to OF switch from iNaaS

iNaaS Function

iNaaS Server

iNaaS Manager iNaaS DB Tunnel Manager

Policy-based Virtual Forwarding Manager

ARP Manager

Flow-to-VNID Mapper

vNet State Manager

Policy Manager

OpenStack iNaaS Plugins

iNaaS Agent iNaaS Mechanism Driver

iCanvas

Custom Costs Manager

Custom Path Finder

Path Calculation

Multipath Selection

iNaaS Architecture

Compute Node

Nova Compute Agent

…

IRIS Agent

ovs

VM VM

Network Node

DHCP Agent

l3 Agent

IRIS Agent

DHCP & l3 services DHCP & l3 services DHCP & l3 services

ovs

iCanvas/Horizon

IRIS Controller

iNaaS Server

IRIS Core

iNaaS Manager

Policy Manager

iNaaS DB

Policy based Virtual Forwarding Manager

Flow to VNID Mapper

Tunnel Manager

DHCP Manager

l3 Manager

vNet State Manager

Control Node

Nova

ovs

Neutron

REST API

RPCs

REST API

Our Topology

Public Network Data Network

[OpenStack Tunnel Network]

OpenStack Management Network

iNaaS OpenStack

Control Node OpenStack

Network Node OpenStack Compute01

OpenStack Compute02

OpenStack Compute03

eth0 eth2

eth1

eth0

eth1

eth0 eth2

eth1

eth2

eth1

eth2

eth1

eth2

eth1

OF AP OF AP OF AP OF AP

OF SW OF SW OpenFlow

Management Switch

10.0.0.10 10.0.0.11 10.0.0.21 10.0.0.31 10.0.0.32 10.0.0.33

10.0.10.32 10.0.10.33 10.0.10.21 10.0.10.31 Public IP 10.0.20.10

10.0.20.21 10.0.20.23

10.0.20.11 10.0.20.12 10.0.20.13 10.0.20.14

OpenStack Management Switch

Public IP Public IP

Network 노드와 Compute 노드의 OVS

OpenStack과 SDN.. 뭘 할 수 있는거지?

• Physical & Virtual Network 제어

– Virtual Network에 해당하는 Physical Network 제어

– Flow level management

• Tenant 별 네트워크 제어

– Band width, Traffic 등

– Flow path management

– Policy based network management

Demo

앞으로 할 일들이 산더미…

• 다중 도메인 지원

– A OpenStack to B OpenStack

– Tenant to Tenant

• iNaaS HA

– Clustering

• 다음에도 불러주시면…

– 적어도 위에 2가지는 해결한 모델을…

Yongyoon. SHIN (SDN Research Section, ETRI) Email: uni2u@etri.re.kr

http://uni2u.meximas.com