Meetup 23 - 02 - OVN - The future of networking in OpenStack
Download as PPTX, PDF1 like2,258 views
This document discusses OVN (Open Virtual Network) and its integration with OpenStack Neutron. It provides an overview of OVN, how it integrates with Neutron, deployment models, and performance comparisons with ML2/OVS. Some key advantages of ML2/OVN include native support for DHCP, distributed routing, load balancing, and DPDK support. Disadvantages include lack of firewall and VPN support and some quality of service limitations.
Meetup 23 - 02 - OVN - The future of networking in OpenStack
- 1. OVN - The future of networking in OpenStack 1 Ha Noi, 01/2020 ĐỖ XUÂN SƠN BizFly Cloud Engineer
- 2. Contents 2 I. OVN Overview II. Introduce netwoking-ovn in OpenStack III. OpenStack-OVN deployment model IV. Compare performance of ML2/OVN with ML2/OVS V. Advantages and disadvantages of networking-ovn
- 3. I. OVN Overview • OVN (Open Virtual Network) is a subproject in Open vSwitch. In addition to the existing features of Open vSwitch, OVN supports additional features such as virtual L2, L3 overlay and security groups. • OVN is written by C language. 3
- 4. 4 OVN Overview - Features • Some high-level features of OVN include: 1. Provides virtual networking abstraction for OVS 2. Supports flexible ACLs (security policies) implemented using flows 3. Native support for distributed L3 routing using OVS flows 4. Supports L3 gateways from logical to physical networks 5. ARP and IPv6 Neighbor Discovery suppression for known IP-MAC bindings 6. Native support for NAT and load balancing 7. Native fully distributed support for DHCP
- 5. 5 OVN Overview – Architecture • OVN includes 3 basic components: 1. OVN Central: OVN-Northd + OVN Northbound DB and OVN Soundbound DB 2. OVN Controller: connect to south db and config "Integration Bridge br-int" 3. ovs-vswitchd: Open vSwitch daemon for bridges
- 6. 6 OVN Overview - Architecture
- 7. 7 OVN Overview – Physical Model
- 8. 8 II. Introduce netwoking-ovn in OpenStack • The networking-ovn project provides integration between OpenStack Neutron and OVN. • networking-ovn offers features: 1. Layer-2 (switching) 2. Layer-3 (routing) 3. DHCP 4. DPDK 5. Trunk driver 6. VLAN tenant networks (OVN version 2.11 (or higher).)
- 10. 10 QoS in networking-ovn • Currently, QoS is implemented by TC command. This solution has many drawbacks such as: oOnly supports the bandwidth limitation of egress directions on the tunnel interface of the Compute node. oNot supported VLAN network. • In the future, Meter is a comfortable solution, which is implemented in OpenFlow as an action, so it is flexible and exact. oBy meter action, we can implement QoS from both directions, also, we can support DSCP.
- 11. Several differences between ML2/OVN and ML2/OVS • DHCP service: • ML2/OVS use DHCP agent. • ML2/OVN use the DHCP allocation mechanism of OVN • L2 population and ARP Responder • ML2/OVS: • L2 population is implemented at table 20 of OVS br-tun. • ARP Responder is implemented at table 21 of OVS br- tun. • ML2/OVN: • L2 population is implemented at table 24 and 32 of br-int. • ARP Responder is implemented at table 19 of br-int. 11
- 12. Several differences between ML2/OVN and ML2/OVS • Metadata service: • ML2/OVS uses metadata services to listen on dhcp namespace or router namespace. • ML2/OVN use metadata namespace on each Compute node. 12
- 13. Several differences between ML2/OVN and ML2/OVS • ML2/OVS supports VXLAN/GRE/GENEVE protocol for tenant networks. • ML2/OVN supports GENEVE protocol for tenant network. • The cost for overlay of GENEVE in ML2/OVN is 58 bytes. • The segmentation_id field of the network ML2/OVN does not correspond to the actual GENEVE VNI of the tenant network. Because GENEVE VNI of the tenant network is managed by OVN. 13
- 14. III. OpenStack-OVN deployment model • Deployment model includes: • 1 Controller node • 3 Database nodes (OVN Central) • 3 node Network nodes • 2 Compute nodes 14
- 15. Routing - Non distributed FIP 15
- 16. Routing - Distributed Floating IP 16
- 17. HA for router • HA for router uses Bidirectional Forwarding Detection (BFD) protocol. 17
- 18. High Availability for OVN Central • OVN Central has 3 models: 1. standalone 2. active-backup 3. clustered 18
- 19. HA for OVN Central : active-backup model • Support from OVS version 2.6. • We can use pacemaker tool to manage this. 19
- 20. HA for OVN Central : clustered model • Support from OVS version 2.9. • Clustered running on 3 servers or 5 servers or more. Servers in the cluster automatically synchronize the database modifications in the cluster. 20
- 21. HA for OVN Central : clustered model 21
- 22. HA for OVN Central : clustered model • When all nodes of the cluster are failed, we can regenerate OVN DB by using the command Controller node: neutron-ovn-db-sync-util --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini -- ovn-neutron_sync_mode repair 22
- 23. IV. Compare performance of ML2/OVN with ML2/OVS • In this lab, we compare the bandwidth performance between ML2/OVS and ML2/OVN in two cases: 1. Virtual machines is attached to a private network 2. Virtual machines is attached to a provider network 23
- 24. Virtual machines is attached to a private network • Looking at the chart, we see that the bandwidth of traffic between virtual machines and the public network when using ML2/OVN is better. 24
- 25. Virtual machines is attached to a provider network • The bandwidth performance, in this case, is the same. 25
- 26. V. Advantages and disadvantages of networking-ovn • Advantages: • Native support for NAT • Native support for distributed L3 routing using OVS flows, with support for both IPv4 and IPv6 • Native distributed implementation for DHCP. • Native support L2 population and ARP Responder • Native support for load balancing • Support DPDK, SR-IOV 26
- 27. V. Advantages and disadvantages of networking-ovn • Disadvantages: • No support FWaaS, VPNaaS. • QoS feature has many drawbacks. 27
- 28. Reference • https://docs.openstack.org/networking- ovn/train/ • https://next.redhat.com/2017/08/15/understandi ng-the-open-virtual-network/ • https://docs.openstack.org/releasenotes/networ king-ovn/ 28
- 29. 2 9