openstack korea 정기 세미나_openstack meet inaas sdn controller
TRANSCRIPT
OpenStack meet iNaaS SDN Controller
iNaaS : SDN Controller for virtual network OpenStack과 SDN Controller 연동을 위한 삽질 기행기
SDN Research Section, ETRI
Yongyoon SHIN
함께 이야기 해 봅시다
• OpenStack Neutron
• OpenStack ml2
– Write own mechanism driver
– Using DevStack
• SDN
– iNaaS : The SDN Controller for virtual network
– Value
• Demo
OpenStack ml2 plugin
• Ml2 plugin : Types + Mechanisms
• Type : typically network type (gre/vlan/vxlan)
• Mechanism : network implement (vender specific)
Core plugin (ML2)
Type Manager Mechanism Manager
Type Driver Mechanism Driver
GRE VLAN VXLAN … Linux Bridge
OVS ODL iNaaS …
HERE!!
Mechanism 드라이버를 어떻게 만들죠?
• Ml2 plugin (neutron/plugins/ml2/plugin.py)
… self.mechanism_manager.create_RESOURCE_precommit(mech_context) try: self.mechanism_manager.create_RESOURCE_postcommit(mech_context) except ml2_exc.MechanismDriverError: with excutils.save_and_reraise_exception(): LOG.error(_("The respective error message")) self.delete_RESOURCE(context, result['id']) # only on create operations return result
network / subnet / port
나만의 mechanism 드라이버를 만들어보자
• Write mechanism driver basic
neutron/plugins/ml2/drivers/xxx.py Ex) neutron/plugins/ml2/drivers/mech_inaas.py
Mechanism 드라이버가 동작하기 위해서…
• Editing ml2_conf.ini file
• File location
– /etc/neutron/plugins/ml2/ml2_conf.ini
• Edit
– tenant_network_type
– mechanism_drivers
– REST address
이제 서비스를 해볼까?
나 : “아싸~~ 완성~~ git에다가 올리고~~ 룰루~~”
A모 서브팀장 : “이거 안 돌아가는데???” B모 서브팀장 : “우리는 잘 돌아가는데???”
이유는…
A 서브팀에서는 DevStack을 사용하더라…
DevStack
• Where is ml2 mechanism driver??
– /opt/stack/neutron/neutron/plugins/ml2/drivers/
• Where is ml2_conf.ini??
– /etc/neutron/plugins/ml2/ -> don’t
– must edit setup.cfg -> /opt/stack/neutron/
• How can I start DevStack??
– Edit local.conf : /stack/
– stack.sh
DevStack을 활용한 설정
• Edit setup.cfg
… [files] etc/neutron/plugins/ml2 = … etc/neutron/plugins/ml2/ml2_conf_inaas.ini … … [entry_point] … neutron.ml2.mechanism_drivers = … inaas = neutron.plugins.ml2.drivers.mech_inaas:iNaaSMechanismDriver …
[[local|localrc]] … Q_PLUGIN=ml2 Q_AGENT=openvswitch Q_ML2_PLUGIN_MECHANISM_DRIVERS=inaas Q_ML2_TENANT_NETWORK_TYPE=vxlan Q_ML2_PLUGIN_TYPE_DRIVERS=vxlan Q_ML2_PLUGIN_VXLAN_TYPE_OPTIONS=(vni_ranges=1001:2000) Q_AGENT_EXTRA_AGENT_OPTS=(tunnel_types=vxlan vxlan_udp_port=4789) … [[post-config|/etc/neutron/plugins/ml2/ml2_conf.ini]] [agent] minimize_polling=True [ml2_inaas] url=http://192.168.56.15:8080/wm/ml2 username=admin password=password
DevStack을 활용한 설정
• local.conf
DevStack에서 mechanism driver는?
• Location : /opt/stack/neutron/neutron/plugins/ml2/drivers
• DevStack START!!!
– stack.sh
iNaaS
• Based OpenIRIS SDN Controller (https://github.com/bjlee72/IRIS)
• iNaaS : OpenIRIS Network as a Service (https://github.com/uni2u/iNaaS)
• Network virtualization solutions for cloud environments
• Providing policy-based NaaS
• Work with OpenStack to create a virtual segment networks(VSN) for each tenant
• Separate policy application support for each VSN
SDN 환경에서는 OVS도 제어할 수 있다던데
• OpenStack using OpenvSwitch – Wow!!! OpenvSwitch support OF 1.0/1.3
– Wow!!! OpenvSwitch connect SDN Controller
– Wow!!! OpenvSwitch create tunnel network
• BUT!!!! – OpenvSwitch using hybrid flow
• Make OpenFlow rule using OF 1.0 + 1.3
• Solutions – Using OVSDB
– agent
ovsdb / agent 무엇을 사용하나?
• Ubuntu에서는 Remote로 ovs 관련 command를 100% 사용할 수 없다
– ovs-vsctl : 완벽 사용 가능
– ovs-ofctl : 사용 불가
• ovsdb를 사용하면?
– ovs는 OF 기반의 가상 스위치인데…
– 그러면 당연 SDN Controller가 제어할 수 있어야 하는데…
– 이거 되게 복잡하네???
• ovs-ofctl add flow를 사용하게 해 달라
– Agent 개발 하라는 무언의 압박
iNaaS Agent
• Using Java
• Install Network/Compute node
• Create tunnel network (full mash)
– Network to each compute node
• Create Flow rules to OF switch from iNaaS
iNaaS Function
iNaaS Server
iNaaS Manager iNaaS DB Tunnel Manager
Policy-based Virtual Forwarding Manager
ARP Manager
Flow-to-VNID Mapper
vNet State Manager
Policy Manager
OpenStack iNaaS Plugins
iNaaS Agent iNaaS Mechanism Driver
iCanvas
Custom Costs Manager
Custom Path Finder
Path Calculation
Multipath Selection
iNaaS Architecture
Compute Node
Nova Compute Agent
…
IRIS Agent
ovs
VM VM
Network Node
DHCP Agent
l3 Agent
IRIS Agent
DHCP & l3 services DHCP & l3 services DHCP & l3 services
ovs
iCanvas/Horizon
IRIS Controller
iNaaS Server
IRIS Core
iNaaS Manager
Policy Manager
iNaaS DB
Policy based Virtual Forwarding Manager
Flow to VNID Mapper
Tunnel Manager
DHCP Manager
l3 Manager
vNet State Manager
Control Node
Nova
ovs
Neutron
REST API
RPCs
REST API
Our Topology
Public Network Data Network
[OpenStack Tunnel Network]
OpenStack Management Network
iNaaS OpenStack
Control Node OpenStack
Network Node OpenStack Compute01
OpenStack Compute02
OpenStack Compute03
eth0 eth2
eth1
eth0
eth1
eth0 eth2
eth1
eth2
eth1
eth2
eth1
eth2
eth1
OF AP OF AP OF AP OF AP
OF SW OF SW OpenFlow
Management Switch
10.0.0.10 10.0.0.11 10.0.0.21 10.0.0.31 10.0.0.32 10.0.0.33
10.0.10.32 10.0.10.33 10.0.10.21 10.0.10.31 Public IP 10.0.20.10
10.0.20.21 10.0.20.23
10.0.20.11 10.0.20.12 10.0.20.13 10.0.20.14
OpenStack Management Switch
Public IP Public IP
OpenStack과 SDN.. 뭘 할 수 있는거지?
• Physical & Virtual Network 제어
– Virtual Network에 해당하는 Physical Network 제어
– Flow level management
• Tenant 별 네트워크 제어
– Band width, Traffic 등
– Flow path management
– Policy based network management
앞으로 할 일들이 산더미…
• 다중 도메인 지원
– A OpenStack to B OpenStack
– Tenant to Tenant
• iNaaS HA
– Clustering
• 다음에도 불러주시면…
– 적어도 위에 2가지는 해결한 모델을…