www.opendaylight.org
OpenDaylight OVSDB Plugin Network Virtualization Integration Project:
Past, Present and Future
Anil Vishnoi ([email protected])
Brocade Communication Systems
www.opendaylight.org
...will talk about :
What OVSDB Project offers? Why it's Center of Attraction? Brief Overview of Open vSwitch & Management Protocol High Level Architecture and Control Flow Past : Initial Architecture, Open Flow 1.3 Support, L2 Support Present : MD-SAL Migration, Southbound Plugin, L3 Support Future : Southbound Plugin Migration, LBaaS & FWaaS Support Want to do hands on? Looking for Contribution?
www.opendaylight.org
What OVSDB Project offers?
… network virtualization solution for Openstack … southbound plugin to configure Open vSwitch … library to encode/decode OVSDB protocol … rest & restconf interface to configure Open vSwitch … challenging software define networking problems to solve … challenging work items, if you want to contribute :)
www.opendaylight.org
...will talk about :
What OVSDB Project offers? Why it's Center of Attraction? Brief Overview of Open vSwitch & Management Protocol High Level Architecture and Control Flow Past : Initial Architecture, Open Flow 1.3 Support, L2 Support Present : MD-SAL Migration, Southbound Plugin, L3 Support Future : Southbound Plugin Migration, LBaaS & FWaaS Support Want to do hands on? Looking for Contribution?
www.opendaylight.org
OpenDaylight
DOVE Provider
VTN Provider
Neutron Service
OpenStack Neutron
OVSDB Provider
▪OpenDaylight exposes a single common OpenStack Service Northbound
▪API exposed matches Neutron API precisely
▪Multiple implementations of Neutron networks in OpenDaylight
▪OpenDaylight OpenStack Neutron Plugin simply passes through
▪Simplifies OpenStack plugin
▪Pushes complexity to OpenDaylight
Neutron ML2 MechanismDriver
OpenDaylight APIs (REST)
Reason 1: OpenStack Integration
www.opendaylight.org
Reason 2: SDN, NFV and OpenDaylight
6
Open, Programmable APIsOpen, Programmable APIs
Virtualization and Abstraction Layer Virtualization and Abstraction Layer
New Revenue
Lower Cost
SDNSDN NFVNFV
Orchestration, Automation and MANOOrchestration, Automation and MANO
Service Agility
www.opendaylight.org
...will talk about :
What OVSDB Project offers? Why it's Center of Attraction? Brief Overview of Open vSwitch & Management Protocol High Level Architecture and Control Flow Past : Initial Architecture, Open Flow 1.3 Support, L2 Support Present : MD-SAL Migration, Southbound Plugin, L3 Support Future : Southbound Plugin Migration, LBaaS & FWaaS Support Want to do hands on? Looking for Contribution?
www.opendaylight.org
Brief Overview of Open vSwitch : Main Features
Open vSwitch is an open source switching stack for virtualization. Enables massive network automation through programmatic extensions Open vSwitch brings many features standard in hardware devices to virtualized environments:
VLANs A variety of tunneling protocols LACP and other bonding modes QoS shaping and policing ACLs over a range of L2-L4 protocols NetFlow, sFlow, IPFIX, mirroring
Plus remote programmability and management features: OpenFlow 1.0/1.3 support All features and status remotely configurable and viewable. Support for many extensions (openflow, nicira)
www.opendaylight.org
Brief Overview of Open vSwitch: Programmability Aspect
Extensive flow matching capabilities Layer 1 – Tunnel ID, In Port, QoS priority, skb mark Layer 2 – MAC address, VLAN ID, Ethernet type Layer 3 – IPv4/IPv6 fields, ARP Layer 4 – TCP/UDP, ICMP, ND
Possible chain of actions Output to port (port range, flood, mirror) Discard, Resubmit to table x Packet Mangling (Push/Pop VLAN header, TOS, ...) Send to controller, Learn
Centralized Control One Open Flow connection per datapath One Management channel per system
www.opendaylight.org
Brief Overview of Open vSwitch: High Level Architecture
www.opendaylight.org
Open vSwitch Components:
ovsdb-server Database that holds switch-- level configuration‐ Custom database with nice properties:
Value constraints Weak references Garbage collection
Log based Speaks management protocol(JSON-RPC) to manager and ovs-vswitchd
ovs-vswitchd: Core component in the system:
Communicates with outside world using OpenFlow Communicates with ovsdb- server using management protocol Communicates with kernel module over netlink Communicates with the system through netdev abstract interface
Supports multiple independent datapaths (bridges) Packet classifier supports efficient flow lookup with wildcards and “explodes” these
(possibly) wildcard rules for fast processing by the datapath
www.opendaylight.org
OVSDB Management Protocol :
JSON-RPC based protocol Interact with OVSDB database for managing and configuring Open vSwitch Instance Provides methods like
Transact Monitor Monitor Get Schema Notifications
Allows data base operations like Insert Delete Mutate Update Select Abort Comment
www.opendaylight.org
...will talk about :
What OVSDB Project offers? Why it's Center of Attraction? Brief Overview of Open vSwitch & Management Protocol High Level Architecture and Control Flow Past : Initial Architecture, Open Flow 1.3 Support, L2 Support Present : MD-SAL Migration, Southbound Plugin, L3 Support Future : Southbound Plugin Migration, LBaaS & FWaaS Support Want to do hands on? Looking for Contribution?
www.opendaylight.org
High Level Architecture:
www.opendaylight.org
High Level Control Flow : Connect Ovsdb to Controller
www.opendaylight.org
High Level Control Flow : Programmed Flows – Pipeline processingOpenstack-setup-compute# ovs-vsctl show4575bb26-b73b-4e0a-a62a-9b3ff06e19af Manager "tcp:192.168.57.1:6640" is_connected: true Bridge br-int Controller "tcp:192.168.57.1:6633" is_connected: true fail_mode: secure Port br-int Interface br-int ovs_version: "2.0.2"
Openstack-setup-compute# ovs-ofctl dump-flows br-int -O OpenFlow13 cookie=0x0, duration=23.662s, table=0, n_packets=0, n_bytes=0, dl_type=0x88cc actions=CONTROLLER:65535 cookie=0x0, duration=17.982s, table=0, n_packets=4, n_bytes=320, priority=0 actions=goto_table:20 cookie=0x0, duration=17.474s, table=20, n_packets=1, n_bytes=70, priority=0 actions=goto_table:30 cookie=0x0, duration=16.966s, table=30, n_packets=1, n_bytes=70, priority=0 actions=goto_table:40 cookie=0x0, duration=16.449s, table=40, n_packets=1, n_bytes=70, priority=0 actions=goto_table:50 cookie=0x0, duration=15.933s, table=50, n_packets=1, n_bytes=70, priority=0 actions=goto_table:60 cookie=0x0, duration=15.417s, table=60, n_packets=1, n_bytes=70, priority=0 actions=goto_table:70 cookie=0x0, duration=14.913s, table=70, n_packets=1, n_bytes=70, priority=0 actions=goto_table:80 cookie=0x0, duration=14.404s, table=80, n_packets=1, n_bytes=70, priority=0 actions=goto_table:90 cookie=0x0, duration=13.896s, table=90, n_packets=0, n_bytes=0, priority=0 actions=goto_table:100 cookie=0x0, duration=13.387s, table=100, n_packets=0, n_bytes=0, priority=0 actions=goto_table:110 cookie=0x0, duration=12.875s, table=110, n_packets=0, n_bytes=0, priority=0 actions=drop
www.opendaylight.org
High Level Control Flow : Create Network/Subnet/Port
www.opendaylight.org
Openstack-setup-compute# ovs-vsctl show4575bb26-b73b-4e0a-a62a-9b3ff06e19af Manager "tcp:192.168.57.1:6640" is_connected: true Bridge br-int Controller "tcp:192.168.57.1:6633" is_connected: true fail_mode: secure Port br-int Interface br-int Port "vxlan-192.168.201.128" Interface "vxlan-192.168.201.128" type: vxlan options: {key=flow, local_ip="192.168.201.129", remote_ip="192.168.201.128"} Port "tap860039e7-9b" Interface "tap860039e7-9b" ovs_version: "2.0.2"
High Level Control Flow : Bridge configuration changes
www.opendaylight.org
High Level Control Flow : Programmed Flows - L2 Routing (First VM Created)Openstack-setup-compute# ovs-ofctl dump-flows br-int -O OpenFlow13table=0, dl_type=0x88cc actions=CONTROLLER:65535table=0, priority=0 actions=goto_table:20table=20, priority=0 actions=goto_table:30table=30, priority=0 actions=goto_table:40table=40, priority=0 actions=goto_table:50table=50, priority=0 actions=goto_table:60table=60, priority=0 actions=goto_table:70table=70, priority=0 actions=goto_table:80table=80, priority=0 actions=goto_table:90table=90, priority=0 actions=goto_table:100table=100, priority=0 actions=goto_table:110table=110, priority=0 actions=drop
table=110, tun_id=0x1,dl_dst=fa:16:3e:e5:e2:e1 actions=output:2 (Incoming traffic for VM)table=0, tun_id=0x1,in_port=1 actions=load:0x2->NXM_NX_REG0[],goto_table:20 (Other Incoming Traffic)table=110, priority=16384,reg0=0x2,tun_id=0x1,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=output:2 (If Broadcast, send it VM port-- that's the only port related to network with vxlan-id = 0x1)table=110, priority=8192,tun_id=0x1 actions=drop (Else drop it)
table=0, in_port=2,dl_src=fa:16:3e:e5:e2:e1 actions=set_field:0x1->tun_id,load:0x1->NXM_NX_REG0[],goto_table:20 (Tag outgoing VM Traffic)table=110, priority=16383,reg0=0x1,tun_id=0x1,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=output:2,output:1 (If broadcast, sent it on all port)table=110, tun_id=0x1,dl_dst=fa:16:3e:e3:35:86 actions=output:1 (DHCP traffic of the network– send it out)
table=0, priority=8192,in_port=2 actions=drop (Drop rest all traffic from VM)
www.opendaylight.org
High Level Control Flow : Programmed Flows - L2 Routing (Second VM Created)Openstack-setup-compute# ovs-ofctl dump-flows br-int -O OpenFlow13table=0, dl_type=0x88cc actions=CONTROLLER:65535table=0, priority=0 actions=goto_table:20table=20, priority=0 actions=goto_table:30table=30, priority=0 actions=goto_table:40table=40, priority=0 actions=goto_table:50table=50, priority=0 actions=goto_table:60table=60, priority=0 actions=goto_table:70table=70, priority=0 actions=goto_table:80table=80, priority=0 actions=goto_table:90table=90, priority=0 actions=goto_table:100table=100, priority=0 actions=goto_table:110table=110, priority=0 actions=drop
table=110, tun_id=0x1,dl_dst=fa:16:3e:e5:e2:e1 actions=output:2 (Incoming traffic for VM)table=0, tun_id=0x1,in_port=1 actions=load:0x2->NXM_NX_REG0[],goto_table:20 (Other Incoming Traffic)table=110, priority=16384,reg0=0x2,tun_id=0x1,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=output:2 (If Broadcast, send it VM port-- that's the only port related to network with vxlan-id = 0x1)table=110, priority=8192,tun_id=0x1 actions=drop (Else drop it)table=0, in_port=2,dl_src=fa:16:3e:e5:e2:e1 actions=set_field:0x1->tun_id,load:0x1->NXM_NX_REG0[],goto_table:20 (Tag outgoing VM Traffic)table=110, priority=16383,reg0=0x1,tun_id=0x1,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=output:2,output:1 (If broadcast, sent it on all port)table=110, tun_id=0x1,dl_dst=fa:16:3e:e3:35:86 actions=output:1 (DHCP traffic of the network– send it out)table=0, priority=8192,in_port=2 actions=drop (Drop rest all traffic from VM)
table=110, tun_id=0x1,dl_dst=fa:16:3e:49:e9:5a actions=output:2 (VM1-->VM2)
www.opendaylight.org
...will talk about :
What OVSDB Project offers? Why it's Center of Attraction? Brief Overview of Open vSwitch & Management Protocol High Level Architecture and Control Flow Past : Initial Architecture, Open Flow 1.3 Support, L2 Support Present : MD-SAL Migration, Southbound Plugin, L3 Support Future : Southbound Plugin Migration, LBaaS & FWaaS Support Want to do hands on? Looking for Contribution?
www.opendaylight.org
OVSDB Project : Past
www.opendaylight.org
OVSDB Project : Past
www.opendaylight.org
...will talk about :
What OVSDB Project offers? Why it's Center of Attraction? Brief Overview of Open vSwitch & Management Protocol High Level Architecture and Control Flow Past : Initial Architecture, Open Flow 1.3 Support, L2 Support Present : MD-SAL Migration, Southbound Plugin, L3 Support Future : Southbound Plugin Migration, LBaaS & FWaaS Support Want to do hands on? Looking for Contribution?
www.opendaylight.org
OVSDB Project : Present – Migration to MD-SAL & L3 Service
www.opendaylight.org
OVSDB Project : Present – Southbound Plugin
www.opendaylight.org
OVSDB Project : Present Migrated following AD-SAL based module to MD-SAL
Net-virt provider Plugin bundle
Implemented SAL compatibility layer to support backward compatibility for VTN project Implemented Yang based Southbound Plugin module Implemented L3 Service
East West Traffic Routing North South Traffic Routing : WIP
Improved integration tests / code coverage Cleaned up stale code
www.opendaylight.org
...will talk about :
What OVSDB Project offers? Why it's Center of Attraction? Brief Overview of Open vSwitch & Management Protocol High Level Architecture and Control Flow Past : Initial Architecture, Open Flow 1.3 Support, L2 Support Present : MD-SAL Migration, Southbound Plugin, L3 Support Future : Southbound Plugin Migration, LBaaS & FWaaS Support Want to do hands on? Looking for Contribution?
www.opendaylight.org
OVSDB Project : Future – Migration to Southbound Plugin
www.opendaylight.org
OVSDB Project : Future – Northbound MD-SAL Migration
www.opendaylight.org
OVSDB Project : Future – Migration to Neutron Yang Models
www.opendaylight.org
OVSDB Project : Future – Clustering and New L3 Service
www.opendaylight.org
...will talk about :
What OVSDB Project offers? Why it's Center of Attraction? Brief Overview of Open vSwitch & Management Protocol High Level Architecture and Control Flow Past : Initial Architecture, Open Flow 1.3 Support, L2 Support Present : MD-SAL Migration, Southbound Plugin, L3 Support Future : Southbound Plugin Migration, LBaaS & FWaaS Support Want to do hands on? Looking for Contribution?
www.opendaylight.org
Want to do hands on? Clone ovsdb code
git clone https://git.opendaylight.org/gerrit/ovsdb Build it
mvn clean install Setup one or two node openstack setup. Do following config on network node to connect it to OpenDaylight controller:
Stop neutron-plugin-openvswitch-agent (if running) Configure ml2_conf.ini for OpenDaylight
type_drivers = local,gre,vxlan tenant_network_types = vxlan mechanism_drivers = opendaylight
Configure ml2_conf_odl.ini url = http://<controller-ip>:8080/controller/nb/v2/neutron username = admin password = admin
Restart neutron server Set “local_ip” attribute for ovsdb on both control and compute node
OVSUUID=$(ovs-vsctl get Open_vSwitch . _uuid); ovs-vsctl set Open_vSwitch $OVSUUID other_config:local_ip=<local-ip>
Set manager for ovsdb instance on all the nodes ovs-vsctl set-manager tcp:<controller-ip>:6640
Setup is ready to create the network.
For Devstack based setup - https://wiki.opendaylight.org/view/OVSDB:Helium_and_Openstack_on_Fedora20
www.opendaylight.org
...will talk about :
What OVSDB Project offers? Why it's Center of Attraction? Brief Overview of Open vSwitch & Management Protocol High Level Architecture and Control Flow Past : Initial Architecture, Open Flow 1.3 Support, L2 Support Present : MD-SAL Migration, Southbound Plugin, L3 Support Future : Southbound Plugin Migration, LBaaS & FWaaS Support Want to do hands on? Looking for Contribution?
www.opendaylight.org
Start from here..
Pull the code and review documentation at - https://wiki.opendaylight.org/view/OVSDB_Integration:Main
Connect with active developers in the community on the #opendaylight-ovsdb IRC channel at freenode.net
Checkout OVSDB trello page : https://trello.com/odlovsdb Join the conversation through lists.opendaylight.org and
ask.opendaylight.org