12th japan cloudstack user group meetup
DESCRIPTION
Talking about how MidoNet offers scalable virtual router function to CloudStack. (This deck is the English translated version.)TRANSCRIPT
![Page 1: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/1.jpg)
CloudStack Networking:
- With and Without MidoNet -
12th CloudStack User Group Meet-up2013.3.22
![Page 2: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/2.jpg)
Introduction
Dave Cahill
Software Engineer
● MidoNet CloudStack Integration Team
![Page 3: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/3.jpg)
Outline
1. How the default Virtual Router on CloudStack works
2. The problems with default Virtual Router
3. How MidoNet solves the problem with its scalable distributed architecture
![Page 4: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/4.jpg)
Outline
1. How the default Virtual Router on CloudStack works
2. The problems with default Virtual Router
3. How MidoNet solves the problem with its scalable distributed architecture
![Page 5: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/5.jpg)
● Provides network functions like Routing, Firewall rules, NAT DHCP
● A Debian-based VM running haproxy, dnsmasq etc
● On VPC Mode, there's one Virtual Router for each VPC
What is the Virtual Router?
VR VM
![Page 6: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/6.jpg)
VPC Logical View (example)
UserVM
UserVM
Virtual RouterVM
UserVMUser
VM
UserVMUser
VMUserVM
Orange Tier Purple Tier
![Page 7: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/7.jpg)
UserVM
UserVM
UserVM
UserVM
UserVM
UserVM
Virtual RouterVM
UserVM
System VM(SSVM)
System VM(CPVM)
Physical View - VPC with default CS networking
![Page 8: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/8.jpg)
I
E
Physical Packet Flow
UserVM
UserVM
UserVM
UserVM
UserVM
UserVM
Virtual RouterVM
UserVM
System VM(SSVM)
System VM(CPVM)
E
I Ingress Point
Egress Point
![Page 9: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/9.jpg)
I
E
Physical Packet Flow
UserVM
UserVM
UserVM
UserVM
UserVM
UserVM
Virtual RouterVM
UserVM
System VM(SSVM)
System VM(CPVM)
E
I Ingress Point
Egress Point
![Page 10: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/10.jpg)
Outline
1. How the default Virtual Router on CloudStack works
2. The problems with default Virtual Router
3. How MidoNet solves the problem with its scalable distributed architecture
![Page 11: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/11.jpg)
The problem with this model
● The Virtual Router is a traffic bottleneck, and causes scalability issues
● VLANs are used to isolate the separate "tiers", which causes the following issues:
○ Max 4096 VLANs issue : Scalability issue
○ Cumbersome manual configuration and operation
![Page 12: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/12.jpg)
Outline
1. How the default Virtual Router on CloudStack works
2. The problems with default Virtual Router
3. How MidoNet solves the problem with its scalable distributed architecture
![Page 13: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/13.jpg)
MidoNetAgent
MidoNetAgent
MidoNetAgent
MidoNetAgent
MidoNetAgent
NSD
Network State Database (Clustered)
UserVM
UserVM
UserVM
UserVM
UserVM
UserVM
UserVM
System VM(SSVM)
System VM(CPVM)
No Virtual Router
VM
![Page 14: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/14.jpg)
NSD
The Network State Database (clustered, fault-tolerant)contains logical topology of the network, firewall rules etc
UserVM
UserVM
Router
UserVMUser
VM
UserVMUser
VMUserVM
Orange Tier Purple Tier
![Page 15: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/15.jpg)
NSD
The Network State Database (clustered, fault-tolerant)contains logical topology of the network, firewall rules etc
UserVM
UserVM
Router
UserVMUser
VM
UserVMUser
VMUserVM
Orange Tier Purple Tier
MidoNetAgent
MidoNetAgent
MidoNetAgent
MidoNetAgent
MidoNetAgent
![Page 16: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/16.jpg)
NSD
The Network State Database (clustered, fault-tolerant)contains logical topology of the network, firewall rules etc
UserVM
UserVM
Router
UserVMUser
VM
UserVMUser
VMUserVM
Orange Tier Purple Tier
MidoNetAgent
MidoNetAgent
MidoNetAgent
MidoNetAgent
MidoNetAgent
"Intelligence at the edge"
![Page 17: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/17.jpg)
Network State Database
NSD
MidoNetAgent
MidoNetAgent
MidoNetAgent
MidoNetAgent
MidoNetAgent
UserVM
UserVM
UserVM
UserVM
UserVM
UserVM
UserVM
System VM(SSVM)
System VM(CPVM)
I
E
E
I Ingress Point
Egress Point
![Page 18: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/18.jpg)
How MidoNet Works- Packet Pass Case -
MidoNet Agent
出
UserVM
UserVM
Router
UserVMUser
VM
UserVMUser
VMUserVM
Orange Tier Purple Tier
Flow Rules : None
I E
MidoNet does a logical simulation of the packet flow
![Page 19: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/19.jpg)
How MidoNet Works- Packet Pass Case -
MidoNet Agent
出
UserVM
UserVM
Router
UserVMUser
VM
UserVMUser
VMUserVM
Orange Tier Purple Tier
Flow Rules : None
I E
MidoNet does a logical simulation of the packet flow
![Page 20: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/20.jpg)
NSD
Network State Database (Clustered)
IP Tunnel
I
E
E
I Ingress Point
Egress Point
MidoNetAgent
MidoNetAgent
MidoNetAgent
MidoNetAgent
MidoNetAgent
UserVM
UserVM
UserVM
UserVM
UserVM
UserVM
UserVM
System VM(SSVM)
System VM(CPVM)
![Page 21: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/21.jpg)
NSD
Network State Database (Clustered)
IP Tunnel
I
E
E
I Ingress Point
Egress Point
MidoNetAgent
MidoNetAgent
MidoNetAgent
MidoNetAgent
MidoNetAgent
UserVM
UserVM
UserVM
UserVM
UserVM
UserVM
UserVM
System VM(SSVM)
System VM(CPVM)
![Page 22: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/22.jpg)
How MidoNet Works- Packet Drop Case -
MidoNet Agent
出
Flow Rule
I E
UserVM
UserVM
Router
UserVMUser
VM
UserVMUser
VMUserVM
Orange Tier Purple Tier
I E
MidoNet does a logical simulation of the packet flow
E
I Ingress Point
Egress Point
![Page 23: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/23.jpg)
How MidoNet Works- Packet Drop Case -
MidoNet Agent
出
Flow Rule
I E
UserVM
UserVM
Router
UserVMUser
VM
UserVMUser
VMUserVM
Orange Tier Purple Tier
I E
MidoNet does a logical simulation of the packet flow
E
I Ingress Point
Egress Point
![Page 24: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/24.jpg)
NSD
Network State Database (Clustered)
I
E
E
I Ingress Point
Egress Point
MidoNetAgent
MidoNetAgent
MidoNetAgent
MidoNetAgent
MidoNetAgent
UserVM
UserVM
UserVM
UserVM
UserVM
UserVM
UserVM
System VM(SSVM)
System VM(CPVM)
Packet dropped at source host without being put on the wire - "intelligence at the edge"
![Page 25: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/25.jpg)
NSD
Network State Database (Clustered)
I
E
E
I Ingress Point
Egress Point
MidoNetAgent
MidoNetAgent
MidoNetAgent
MidoNetAgent
MidoNetAgent
UserVM
UserVM
UserVM
UserVM
UserVM
UserVM
UserVM
System VM(SSVM)
System VM(CPVM)
Packet dropped at source host without being put on the wire - "intelligence at the edge"
![Page 26: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/26.jpg)
Midokura CloudStack plugin UI
![Page 27: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/27.jpg)
RoadmapHypervisor:
KVMXenServer(Planned)
Submitted to CloudStack master codebase:Advanced Isolated Mode:
L2, L3, DHCP, Firewall, Source NAT, Static NAT, Port Forwarding
Implemented but not upstream:VPC Mode:
L2, L3, DHCP, Firewall, Source NAT, Static NAT, Port Forwarding
Calling for Customers! We'd like to discuss with you
which features / functions to add next!
![Page 28: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/28.jpg)
Today we covered
1. How the default Virtual Router on CloudStack works
2. The problems with default Virtual Router
3. How MidoNet solves the problem with its scalable distributed architecture
![Page 29: 12th Japan CloudStack User Group Meetup](https://reader033.vdocuments.site/reader033/viewer/2022052619/555150f3b4c905f2288b5559/html5/thumbnails/29.jpg)
Websitewww.midokura.jp
Twitter@MidokuraJapan@davecahill
Book"CloudStack 徹底入門"
Chapter 10 (10.3.3) "Midokura"
Thanks for listening.