Download
1 / 25
250 likes | 487 Views
Openstack 的网络组件 Quantum. 李玉顺 2013-5-30. 目录. Openstack. Quantum Introduction Quantum Core Quantum Plugins. Openstack Introduction Progress and Current Openstack Components. Quantum. 目录. Openstack. Openstack Introduction Progress and Current Openstack Components.
E N D
Openstack的网络组件Quantum 李玉顺 2013-5-30
目录 Openstack Quantum Introduction QuantumCore QuantumPlugins • OpenstackIntroduction • Progress and Current • OpenstackComponents Quantum
目录 Openstack • OpenstackIntroduction • Progress and Current • OpenstackComponents
Openstack-Introduction OpenStack是IaaS(基础设施即服务)组件,让任何人都可以自行建立和提供云端运算服务。 此外,OpenStack也用作建立防火墙内的“私有云”(Private Cloud),提供机构或企业内各部门共享资源。 目标:提供一个大规模的可扩展的云操作系统 开源、组件式开发、发展迅速
Openstack-Introduction 计算、存储和网络资源池 管理员与租户通过一个Web接口(Dashbaord)对这些资源进行管理和应用。
Openstack-Progress and Current • Grizzly(灰熊)的改进 • Openstack计算: 改善更大规模生产运营,通过Cells管理分布式集群;通过NoDB托管架构减少对中央数据库的依赖度;支持多种Hypervisor-ESX、Kvm、Xen和Hyper-V;附加功能-裸机配置、共享存储协议、联机联网功能如热插拔网络设备等 • OpenStack对象存储:利用配额自动控制对象存储环境的扩展;批操作能力改进部署和集群管理;跨域资源共享使浏览器直连到后端存储环境等等 • OpenStack块存储:对于管理异构存储环境交付了从单一集中接入点提供完全存储服务的能力;新的智能调度程序允许云终端用户基于工作负载来分配存储容量;各类后端存储设备驱动的开发等
Openstack-Progress and Current • Grizzly(灰熊)的改进 • OpenStack网络:网络即服务平台,允许用户自己控制对网络技术的选择;增加对网络技术和网络设备的支持;跨多台服务器分发L3/L4和动态主机配置协议(DHCP)服务;新的负载均衡即服务(LBaaS)框架和API则为进一步创新奠定了基础。 • OpenStack仪表盘:改进用户体验、更好的多语言支持,还有一些可跨越多个OpenStack云的新功能,例如网络和LBaaS。向后兼容Folsom版本,允许用户优先使用其Folsom云的附加功能。 • OpenStack身份管理:基于标准PKI功能的新的令牌格式提供了重大性能改进,允许客户端无须做身份服务呼叫便可获取离线令牌认证。OpenStack身份管理还针对多租户环境提供了更为系统化的管理能力,支持群组、角色扮演、角色接入控制(RBAC),赋予管理员更大的权力。
Openstack-Progress and Current • Grizzly(灰熊)的改进 • OpenStack镜像服务:该服务在云终端用户之间的镜像共享,基于镜像的通用性能集的创建上做了重大改进,在检索镜像时可提供更多可发现的镜像以及更好的性能。 支持者们声称,Grizzly版本的发布证明OpenStack已 然成熟。
Openstack-Components 目标:提供一个大规模的可扩展的云操作系统 七大核心组件
目录 Quantum Introduction QuantumCore QuantumPlugins Quantum
Quantum-Introduction Openstack的网络组件,能提供其他云栈所不能提供的网络技术。在“Folsom”版本正式发布 Networking as a service 虚拟网络的三种网络拓扑:Net方式、Bridge方式和Vlan方式。但它们都是死的 Quantum可以通过编程动态的调整拓扑,还可以动态定义网络QoS,并且基于一种openflow的标准协议,可以独立为一个单独的模块用在其他地方。
Quantum-Introduction • 云租户可以通过API创建复杂网络拓扑,并配置高级网络策略 • 比如: 创建多层Web应用拓扑结构等 • 集成开源或闭源的插件,以增强高级网络服务能力 • 比如:在L3层应用L2层解决Vlan的限制 • 任何租户都可以创建高级网络服务,并以插件方式应用于租户网络中 • 比如: LB-aaS, VPN-aaS, firewall-aaS, IDS-aaS, data-center-interconnect-aaS等。
Openstack-Architecture OpenStack Network API OpenStack Network API quantum-server REST Queue l3-agent plugin-agent quantum database dhcp-agent OpenStack Identity API
Components of Quantum • Quantum server • Implement Qauntum API and its extensions • Enforce network model • Network, subnet, and port • IP addressing to each port • Plugin agent • Run on each compute node • Connect instances to network port • DHCP agent • In multi-host mode, run on each compute node (deferred) • Start/stop dhcp server • Maintain dhcp configuration • L3-agent • To implement floating Ips and other L3 features, such as NAT • One per network • Queue • Enhance communication between each components of quantum • DB – persistent network model l3-agent Quantum server & plugin Plugin agent DHCPagent DB Queue Note: we can share DB service and Queue with other OpenStack stack services 16
Quantum Architecture External Manager API Clients Quantum Server DB Internal plugin communication. Quantum Plugin Create-net . . . Create-port Quantum API Create-net . . . Create-port Uniform API for all clients Tenant Scripts virtual switch Nova Compute Nova Compute Horizon Nova Compute Nova Compute Nova Interfaces from a service like Nova plug into a switch manages by the Quantum plugin. API Extensions DB API + Plugin = Quantum Service
Layers in Quantum Server vendor can add extensions to provide more features Quantum API and extensions Common service (Validation, Authn, Authz) Quantum Core Plugin API vendor specific plugin or open source plugin: linux bridge plugin openvswitch plugin nicira … Plugin DB device 18
Basic API Abstractions virtual server VM1 10.0.0.2 VM2 10.0.0.3 Nova virtual interface (VIF) virtual port Net1 10.0.0.0/24 Quantum virtual network “virtual networks” are fundamentally multi-tenant, just like virtual servers.
Old Model: Static Nova Networking TenantB-VM1 88.0.0.3 TenantA-VM2 88.0.0.4 TenantA-VM3 88.0.0.5 TenantA-VM1 88.0.0.2 Public Net 88.0.0.0/18 • Single network exists (per-project or global). • VMs automatically get a vNIC on that single network on boot. • Tenants have no control over IP addressing.
Quantum Model: Dynamic Network Creation + Association TenantA-VM3 9.0.0.2 TenantA-VM2 10.0.0.3 9.0.0.3 TenantA-VM1 10.0.0.2 Tenant-A Net1 10.0.0.0/24 Tenant-A Net2 9.0.0.0/24 Load Balancer Public Net 88.0.0.0/18 • Tenant can use API to create many networks. • When booting a VM, define which network(s) it should connect to. • Can even plug-in instances from other services (e.g., a load-balancing service).
QuantumsPlugins The set of plugins included in the main Quantum distribution and supported by the Quantum community include: Open vSwitchPlugin Cisco UCS/NexusPlugin Linux BridgePlugin Nicira Network Virtualization Platform (NVP)Plugin RyuOpenFlow ControllerPlugin NEC OpenFlowPlugin The following plugins are coming in Grizzly release as the main Quantum distribution: Big Switch Controller Plugin Cloudbase Hyper-VPlugin MidoNetPlugin Brocade Quantum Plugin Brocade Quantum Plugin PLUMgridPlugin Additional plugins are available from other sources: Extreme NetworksPlugin Ruijie NetworksPlugin Mellanox Quantum PluginMellanox Quantum Plugin Juniper Networks Quantum Plugin
Thanks! Questions?
