280 likes | 434 Views
Quantum: What it is and Where it’s going. Lew Tucker VP/CTO Cloud Computing Cisco Systems, Inc. @lewtucker. + Quantum. OpenStack: open source software for building highly scalable public and private clouds Designed as a set of services forming the basis of a cloud platform
E N D
Quantum:What it is and Where it’s going • Lew Tucker • VP/CTO Cloud Computing • Cisco Systems, Inc. • @lewtucker
+ Quantum • OpenStack: open source software for building highly scalable public and private clouds • Designed as a set of services forming the basis of a cloud platform • Evolving through community process in which all members may contribute • Quantum is a community project to build a “Network Service” for advanced networking capabilities
Open Source Is Where “Standard” Cloud Infrastructure Will Be Defined • Open standards [require] multiple providers, access to code and data, and interoperability of services. • The obvious solution is an open source reference model as the standard. • Potential examples of such would be the OpenStack effort. • Simon Wardley, CSC • From “A Question of Standards” • http://blog.gardeviance.org/2011/04/question-of-standards.html
Cloud Computing Paradox I’m a Cloud. I don’t need you! But I can help (sigh) Current Cloud Computing model is great for application development, self-service, and automation, but is missing the potential programmability of the infrastructure • Applications and infrastructure could interact with each other to provide the best performance, experience and reliability • What is missing is the right mechanism to expose networking infrastructure capabilities without bringing all the complexity into the application layer
Network Technologies in the Data Center and Internet Application Software Virtual Machine VSwitch Storage and SAN Compute Access Aggregation Core Peering IP NGNBackbone Virtual Device Contexts Let’s abstract all this Internet Fabric-Hosted Storage Virtualization Firewall Services Virtual Device Contexts 10G Ethernet 10G FCoE 4G FC 1G Ethernet VM to vSwitch vSwitch to HW App to HW / VM Storage Media Encryption Secure Domain Routing IP NGN Service Profiles Port Profiles and VN-Link Virtual Machine Optimization Global Site Selection Line-Rate NetFlow Partners Fibre Channel Forwarding Port Profiles and VN-Link Intrusion Detection Fabric Extension Application Control (SLB+) Service Control Virtual Contexts for FW and SLB Nexus 5000 w/ Nexus 2000 Fabric Extender Applications VMWareXenHyper-V Nexus 1000v MDS 9000 + Consolidated Storage Arrays (EMC, etc.) UCS, MCS 7800 (or Generic Rack or Blade Servers) Nexus 7000 (w/ Cat 6500 as Services Chassis) Nexus 7000 CRS-1 7600 6500 CRS-1 ASR 9000 ASR 1000 7600
App Svr OS OpenStack Design Summit April 2011 VM • Compute service (EC2): virtual machines • Specify vCPU, Memory, Disk • Launch instance (image, mem_size, disk) • Suspend, clone, migrate • Storage service (S3, EBS): virtual disks • Specify storage amount, access rights • Store object • Create/attach block • What to do about networks? Networking ??
OpenStack Today: Nova Compute – Swift Storage Nova and Swift API Nova Compute Service Virtual Machines Swift Storage Service Object Store Networking is embedded inside of Nova compute, and un-accessible to application developers Details and differences associated with network provisioning complicates a simple compute service Difficult to track changes in networking as Software-defined Networking (SDN) comes into play Servers Disks Basic Network Connectivity
With Quantum - Networking becomes a Service Nova, Swift, and Quantum API Nova Compute Service Virtual Machines Swift Storage Service Object Store Nova becomes simpler, easier to maintain and extend Developers have ability to create multiple networks for their own purposes (multi-tier apps) May support provisioning of both virtual and physical networks – differences captured through plugin’s Quantum Service Virtual Networks Servers Disks Basic Network Connectivity Networks
Virtualization in a multi-tenant environment • Servers are virtualized through partitioning Storage through aggregation Networks through slicing/tunnels/tagging… • Networks are a shared resource carrying traffic for all tenants across shared links • Network overlays and virtualization create private networks through tagging, routing, encapsulation (tunneling), and separation of control (openflow, etc.) • VLANS, NVGRE, VXLAN, STT, LISP • Quantum is designed to support private networks
But wait…..Don’t security groups, and firewalls provide isolation?
YesBut that’s a topic for another time…..Rest assured, Nova with Quantum supports both
2011 Design Summit - community-driven merger of proposals … and others NetworkService Citrix/Rackspace/Nicira NaaS Core Design Intel NetworkServicePOC NTT/Midokura NetworkContainers Cisco Quantum
App Svr App Svr App Svr OS OS OS Abstractions and APIs VM VM VM • Compute service (EC2): virtual machines • Launch instance (image, mem_size, disk) • Suspend, clone, migrate • Storage service (S3, EBS): virtual storage • Store object • Create/attach block • Network service (Quantum): virtual networks • Create/delete private network • Create “ports” and attach VM’s • Assign IP address blocks (DHCP)
With a simple RESTful API POST /v1.1/tenants/abc/networks.json Request: { “network”: { “name”:”my_db_network” } } Response: { “network”: { “id”: “98bd8391-199f-4440-824d-8659e4906786” } }
Quantum in Horizon GUI My Private Network
What you can do with Quantum service • Create multiple, virtual, isolated networks per tenant (FE-Net, DB-Net) • Multiple network interfaces per VM (in-line services) • Create ports on networks (QoS, profiles) and attach VM’s • Have control over your own “private” IP addresses • Access through a user-friendly CLI and GUI (Horizon) • Invoke additional capabilities through extensions • Support different underlying networking implementations (VLANS, L2/L3 tunnels, etc.)
Quantum is built using a plug-in architecture to support different networking technologies Quantum API API Extensions: For controlled innovation and experimentation • Quantum Service • Network abstraction definition and management • Does NOT do any actual implementation of abstraction • Vendor/User Plug-In • Maps abstraction to implementation on physical network • Can provide additional features through API extensions Quantum Plug-in API
Quantum API interactions User Application – CLI - Horizon Dashboard - Tools Tenant API Tenant API Network Service (Quantum) Compute Service (Nova) System Admin Internal API Admin API Plug-In Compute Node Hypervisor vSwitch Physical Network Router/Switch Clustered Network Controller
Plug-in’s available today • Open vSwitch • Linux bridge • Nicira NVP • Cisco (Nexus switches and UCS VM-FEX) • WIP: VXLAN • NTT Labs Ryu OpenFlow controller • NEC OpenFlow • Big Switch Floodlight
What application developers want • Keep it simple - hide complexity while exposing capabilities • Provision their own, abstracted networking resources and topologies • Potential to create their own networking services • Isolation and non-interference • Ability to experiment while leveraging all that is provided by lower-level protocols
Architecture grows as you scale-out, some components move to be closer to the internet, others move to the back-end
DataBase DataBase DataBase DataBase App App MemCach Web Svr App App Svr App Svr MemCach Web Svr Web Svr OS OS OS OS OS OS OS OS OS OS OS OS OS OS Different tenants and applications have different needs VM Tenant “B” VM VM VM VM VM VM VM VM Tenant “A” VM VM VM VM VM 10.0.1.0/24 10.0.1.0/24 Tenant “C” 198.133.219.10 Internet Access, Management Network and Multi-tenant Services Internet Gateway VPN Service Service Provider Network
Quantum today and in the near future • Quantum 1.0 is available today for Essex as an incubation project • Supports isolated L2 networks • Multiple plug-in’s available • Folsom release – moving into Core • Quantum V2 API (in development) • Support tenant-created subnets • Integrated with Horizon (dashboard) and Keystone (identity/token/policy) • Includes “Melange” IPAM for IP address management • Includes DHCP/Dnsmasq functionality
Quantum V2:Introduces Subnets, IP addrmgmt, Gateways, DNS POST /v2.0/subnets Request: { "network_id": "98bd8391-…", "cidr": "10.0.0.0/24", } Response { "id": "e76a23fe-…", "network_id": "98bd8391-..", "cidr": "10.0.0.0/24", "gateway_ip": "10.0.0.1", "dns_nameservers": ["8.8.8.8"], "reserved_ranges": [ { "start" : "10.0.0.1", "end": "10.0.0.1"}, { "start": "10.0.0.255", "end" : "10.0.0.255"}], "additional_host_routes": [], }
Where we will take Quantum in the future? Purposely started simple with basic abstraction, but with many blueprints expect to see rapid innovation, while maintaining backward compatibility • More plug-in’s for other networking paradigms • Extensions for QoS, port profiles, etc. • Used in the development of new network services • Applied to create virtual data centers spanning multiple sites • New uses in network service provider networks, mobile networks, sensor networks, HPC networks
For more information… • Quantum API • http://docs.openstack.org/api/openstack-network/1.0/content/ • Quantum Admin Guide (Essex): • http://docs.openstack.org/trunk/openstack-network/admin/content/ • Code on Github: • https://github.com/openstack/quantum • Quantum V2: • http://wiki.openstack.org/QuantumV2APIIntro Quantum Network Service Lew Tucker, Cisco Systems @lewtucker