Mastering OpenStack - Episode 14 - Network Design

Presentation By: Roozbeh Shafiee

Winter 2016

IRAN OpenStack Users Group

MASTERING OPENSTACK

(Episode 14)

Network Design

IRAN Community| OpenStack.ir

Agenda:

• Network Topology

• Flat Networking Deployment

• FlatDHCP Networking Deployment

• VLAN Manager Networking Deployment

• FlatDHCP Multi Host with HA Networking Deployment

• Iran OpenStack Community

OpenStack Network Design


Network Topology



Network Topology

• OpenStack Compute with nova-network provides predefined network deployment models, each with its own strengths and weaknesses.

• The selection of a network manager changes your network topology, so the choice should be made carefully.

• You also have a choice between the tried-and-true legacy nova-network settings or the neutron project for OpenStack Networking.



Network Topology

For OpenStack Networking with the neutron project, typical configurations are documented with the idea that any setup you can configure with real hardware you can recreate with a software-defined equivalent.

Each tenant can contain typical network elements such as routers, and services such as DHCP.



Flat Networking Deployment



Flat Networking Deployment

• Strengths: - Extremely simple topology - No DHCP overhead

• Weaknesses:- Requires file injection into the instance to configure network interfaces

• Neutron Equivalent: - Configure a single bridge as the integration bridge (br-int) - Connect bridge to a physical network interface with the Modular Layer 2 plug-in - Uses Open vSwitch by default



FlatDHCP Networking Deployment




• Strengths: - Relatively simple to deploy- Standard networking- Works with all guest operating systems

• Weaknesses:- Requires its own DHCP broadcast domain



• Neutron Equivalent: - Configure DHCP agents and routing agents - Network Address Translation (NAT) performed outside of compute nodes - Typically on one or more network nodes




VLAN Manager Networking Deployment




• Strengths: - Each tenant is isolated to its own VLANs

• Weaknesses:- More complex to set up- Requires its own DHCP broadcast domain - Requires many VLANs to be trunked onto a single port - Standard VLAN number limitation - Switches must support 802.1q VLAN tagging



• Neutron Equivalent: - Isolated tenant networks implement some form of isolation of layer 2 traffic between distinct networks. - VLAN tagging is key concept, where traffic is tagged with an ordinal identifier for the VLAN.- Isolated network implementations may or may not include additional services like DHCP, NAT, and routing.




FlatDHCP Multi Hostwith HA Networking Deployment



FlatDHCP MultiHost with HA Networking Deployment

• Strengths: - Networking failure is isolated to the VMs running on the a affected hypervisor. - DHCP traffic can be isolated within an individual host. - Network traffic is distributed to the compute nodes.

• Weaknesses:- More complex to set up. - Compute nodes typically need IP addresses accessible by external networks. - Options must be carefully con gured for live migration to work with networking services.



• Neutron Equivalent: - Configure neutron with multiple DHCP and layer-3 agents. - Network nodes are not able to failover to each other, so the controller runs networking services, such as DHCP. - Compute nodes run the ML2 plug-in with support for agents such as Open vSwitch or Linux Bridge.


FlatDHCP MultiHost with HA Networking Deployment


Iran OpenStack Community



Stay in Touch and Join Us:

• Home Page: OpenStack.ir

• Meetup Page: Meetup.com/Iran-OpenStack

• Mailing List: [email protected]

• Twitter: @OpenStackIR , #OpenStackIRAN

• IRC Channel on FreeNode: #OpenStack-ir


Roozbeh Shafiee

Iran OpenStack Community Manager

[email protected]

OpenStack.ir

Thank You

We need to work together to build a better community

Technology

Mastering OpenStack - Episode 14 - Network Design