Open Networking for Your OpenStack

v

Open Networking for Your OpenStack Automate Networking and Compute

Nolan Leake - CTO, cofounder

3rd June, 2015

Matt Peterson - Office of the CTO

What Cumulus Networks Is About

cumulusnetworks.com 2

§ Disaggregating Networking

§ Simplifying Networking

§ Network As a Platform §  Collaboration,

customization & innovation

hardware

operating system

app app

hardware

operating system

app app

Single Vendor Blob Multi Vendor Ecosystem

app app

What is Cumulus ® Linux®


§  Traditional IPv4/v6 routing, bridging, VxLAN overlays

§  Linux tools run natively

§  Transparent, simple pricing: includes license and updates

§  Full support – single throat

§  No assembly required

Industry-Standard Hardware

Ecosystem Network Applications and Operations

Linux OS Hardware-Accelerated Packet Forwarding

Open Network Install Environment (ONIE)

Linux distribution for open networking switches. We don’t sell hardware.

Broad Set of Hardware Platforms on HCL


CL 1.5 CL 2.2

# Pl

atfo

rms

Timeline CL 2.0

Hardware Agnostic OS

x86 CPU architectures •  16 Platforms •  5 Hardware Vendors •  6 Switch Silicon •  2 CPU architectures 40G Fixed Platforms

Trident II switches •  13 Platforms •  5 Hardware Vendors •  6 Switch Silicon

1G Fixed Platforms 10G Fixed Platforms •  6 Platforms •  4 Hardware Vendors •  4 Switch Silicon

CL 2.5

10G Trident II Platforms 18 Platforms •  5 Hardware Vendors •  6 Switch Silicon •  2 CPU architectures

Broad portfolio of next gen leaf/spine switches •  VXLAN-capable •  x86 architectures

100G Platforms

Reuse Server Management Toolkit

5 cumulusnetworks.com

Network Automation Orchestration Monitoring

Cumulus® Linux® Architecture


CPU, RAM, Flash, etc. Switch Silicon

Front Panel Ports

User

Spa

ce

Lin

ux K

erne

l

switchd

Switch HAL

Switch Driver Routing

Tables ARP

Table Bridge Table

Ethernet Interfaces

Automation Monitoring

Third Party/Customer Applications

Network Orchestration Routing

Suite Bridging VXLAN

Quagga

v

OpenStack Overview

What is OpenStack?


§ Suite of Software for Building Clouds §  Flexible: Many options/plugins/extensions.

OpenStack


OpenStack Components

§ Nova (Compute) §  Starts/stops/manages VMs

§ Neutron (Networking) §  Optional: Many production deployments are still nova-net §  Manages virtual networks

•  Virtual L2 Networks •  Virtual Routers •  Advanced services: LBaaS, FWaaS, VPNaaS, IDSaaS, etc

§ Others §  Cinder (storage), Glance (image management), Horizon (UI) §  100’s of more specialized sub-projects


v

OpenStack Networking

Neutron: Logical View


§ Every VM gets a “Fixed IP” §  Private L2 network for tenant §  From a per-tenant subnet

§ Some VMs are assigned a “Floating IP” §  From the global, public subnet §  1:1 DNAT Fixed <-> Floating

§ The rest of the VMs get SNATed through one public IP §  AKA Masquerading

AKA: L3agent

Neutron + VLAN

§ One VLAN per tenant §  MLAG in physical network

§ L3agent: x86 server §  Tenant-tenant router §  Fixed to Floating IP NAT §  Services: DHCP, DNS, etc


Neutron + VXLAN

§ VXLAN encap/decap in hypervisor vSwitch §  Physical Network: IP Fabric

§ L3agent: x86 server §  Tenant-tenant router §  Fixed to Floating IP NAT §  Services: DHCP, DNS, etc


Neutron + Overlay Controller

§ No L3agent Needed! §  Routing, NAT and Services handled in Overlay §  Advanced services: Firewalls, Load Balancing, VPNs,

etc


§ Proprietary § Open Source

Neutron + Router VM

§ No L3agent Needed! §  Routing, NAT and Services handled by VMs §  Advanced services: Firewalls, Load Balancing, VPNs,

etc

§ Strong Isolation §  1 (or more) VM per tenant §  No sharing!


v

Network Automation

ONIE: Bare Metal Switch Provisioning

§ Network OS installation framework §  Supported hardware from HCL (preloaded with ONIE) §  Network OS installation image


bare metal server

Server OS

app app app

BIOS and PXE

bare metal switch

Network OS

app app app

Boot Loader and ONIE

Similar to installing a server OS using PXE

Network OS Boot Loader and ONIE

boot into

Boot Loader and ONIE

boot into

ONIE looks for and installs network OS image

Post Cumulus Linux Installation: Zero Touch Provisioning

§ Cumulus Linux initial boot runs Zero Touch Provisioning


OS image

Provisioning script

Cumulus Linux installation

Configuration Management

§ Converged Administration §  Same automation tools and processes configure

network and install/configure OpenStack on servers


Servers

Switches

v

OpenStack Automation Demo

Goal

§ MLAG + OpenStack under Cumulus Linux

§  Geared for quick proof of concept

§  MLAG (common L2 between switches)


Architecture


Architecture


Architecture

Setup

§ Requirements §  2 (or N) Cumulus Linux switches §  2 (or N) compute servers §  1 Out-of-band switch (all switches & servers attached) §  1 USB stick to source environment (no external Internet needed)

§ Cabling §  Dual connections between MLAG peers (2x 40G, last 2 ports) §  Single tails between spine & leafs (1x 40G) §  Single connection for hosts (1x 10G) §  Single OOB / provisioning (1x 1G)

Implementation

§  ONIE USB install on ‘genesis’ switch Initial config (license, hostname, interfaces, pkg’s) to ‘spine-01’ genesis Offers an provisioning infrastructure for switches & servers (PXE, ONIE, etc)

§  Remaining switches & all compute hosts network install ZTP network script ‘phone home’, responds with hostname, interfaces, .. LLDP as a cabling detection

§  Puppet to provision OpenStack Same as Cumulus workbench, many ordering dependencies, conf files, etc.

Video

Cumulus customer example

§ Summary §  Dell HW §  Standardized tools §  VMware NSX overlay

https://www.openstack.org/summit/vancouver-2015/summit-videos/presentation/openstack-vmware-enabling-the-evolution-of-enterprise-applications-at-adobe

© 2015 Cumulus Networks. Cumulus Networks, the Cumulus Networks Logo, and Cumulus Linux are trademarks or registered trademarks of Cumulus Networks, Inc. or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. The registered trademark Linux® is used pursuant to a sublicense from LMI, the exclusive licensee of Linus Torvalds, owner of the mark on a world-wide basis.

§ Thank You!


http://cumulusnetworks.com/get-started/test-drive-open-networking/

Technology

Open Networking for Your OpenStack