SlideShare ist ein Scribd-Unternehmen logo

Multi tier-app-network-topology-neutron-final

Als PPTX, PDF herunterladen
Sadique Puthen
Sadique Puthen

How Neutron Builds Network Topology For Your Multi Tier Application.

Ingenieurwesen
1 von 31
How Neutron Builds Network Topology For Your Multi-tier Application Sadique Puthen Principal Technical Support Engineer, Red Hat 20 May 2015, Openstack Summit, Vancouver
Agenda ❖Neutron Overview ➢Native and External components ➢Network Namespace ❖Application Network Topology. ➢How to build application network topology. ❖Correlate application topology with Neutron ➢What happens inside neutron when we build it? ➢Explore with Native HA available in neutron. ❖Why am I doing this?
Neutron Overview and Components
❖Neutron is a project with in Openstack that delivers Networking-as-a-Service. ➢Create/manage/remove Networks, Routers, Load Balancers, Firewalls, VPNs, Layer 2 flow, etc on demand. ➢Involves multiple neutron native components. ➢Depends highly on external components. Neutron Overview
❖Native Components Involves: ➢Neutron API ➢Neutron DHCP Agent ➢Neutron Layer 3 Agent ➢Neutron LbaaS Agent ➢Neutron FWaaS Agent ➢Neutron VPNaaS Agent ➢Metadata Agent. ➢Neutron Layer 2 Agent. ◆eg. Neutron Openvswitch Agent. ◆Other third party Agents. Neutron Components Database Messagequeue Neutron API Servers lbaas Agents dhcp Agents l3 Agents Metadata Agents layer 2 agents fwaas Agents vpn Agents
❖External Components. ➢Network Namespace ➢Openvswitch ➢Dnsmasq ➢Libreswan/Openswan ➢Keepalived ➢Haproxy or a third party HA daemon ➢Iptables firewall ◆DNAT/SNAT ➢Networking userspace components. ➢kernel Neutron External Components Layer 2 Agent Metadata Agent VPN Agent L3 AgentDHCP Agent fwaas Agent API Server Openvswitch dnsmasq openswan iptables haproxy kernel networking tools keepalived DNAT/SNAT LBaaS Agent Neutron
❖A namespace allows isolation of a group of resources to its own space. ➢These resources in the group run with the illusion that they are the only processes on the system. ➢Multiple such groups can run on a system without knowing each other. ■ This facilitates using same parameters. Namespace and Network Namespace namespace1 namespace2 namespace3 httpd 192.168.1.1 iptables routing Port 80 httpd 192.168.1.1 iptables routing Port 80 httpd 192.168.1.1 iptables routing Port 80interface interface interface Operating System/ Kernel ➢Grouping network related resources in such a way forms network namespaces. ■ Neutron uses this to support overlapping ip addressing
Neutron Physical Topology ❖Neutron components are usually spread into three types of physical systems. ➢Controllers. ■ Usually more than one node is deployed for high availability. ■ Runs neutron API server. ➢Network Nodes. ■ Usually more than one node is deployed for high availability. ■ Runs l3, dhcp, lbaas, vpn and layer 2 agents ➢Compute nodes run layer 2 agent. dhcp-agent l3-agent lbaas-agent vpn-agent layer 2 agen metadata-agent neutron-serverneutron-server Controller Nodes Network Nodes Compute Nodes Layer 2 agents Layer 2 agents dhcp-agent l3-agent lbaas-agent vpn-agent layer 2 agen metadata-agent
Application Network Topology
Multi-Tier Application Network Topology Instance Instance Instance Instance Instance Instance Instance Instance DatabaseNetwork WebserverNetwork Floating IP Instance Instance Instance Instance ApplicationServer Network RemoteNetwork Tenant X Openstack Site B Openstack Site ALoadBalancer Internet 192.168.1.0/24 192.168.2.0/24 192.168.3.0/24192.168.4.0/24
Example multi-tier application ❖ On Site A ➢Application that we are going to build involves ■ A web tier with a load balancer in the front. ■ An application tier. ■ A database tier. ➢Each tier is isolated to its own private network. ■ Connected together using separate virtual routers. ■ Webserver network is also connected to internet. ■ There is a firewall between each network. TenantA has two sites siteA and siteB. DatabaseNetwork WebserverNetwork Floating IP ApplicationServer Network LoadBalancer 192.168.1.0/24 192.168.2.0/24 192.168.3.0/24 Instance Instance Instance Instance Instance Instance Instance Instance Instance Internet ➢HTTP requests from end user is listening on a floating ip that forwards requests to the private VIP for the load balancer.
Example multi-tier application ❖On Site B ➢ Tenant has one private network connected to Internet. ➢Web server private network and this private network need to be connected together using a VPN for secure data transfer and enable direct network communication. TenantA has two sites siteA and siteB. Instance Instance Instance Remote Network Internet 192.168.4.0/24
How To Build It? What Happens Inside Neutron?
How to build it? Neutron Topology. ❖There are multiple ways to build it. ➢Use horizon dashboard. ➢Use CLI. ➢Via API. ➢Use a heat template to automate them. br-int br-tun br-int br-tun br-ex br-ex Intenet ❖Neutron topology that I am going to correlate with has two network nodes. ➢Each neutron agent runs with HA using HA tool (Not discussed here). ➢Tenant virtual routers and dhcp processes for each network run with native HA available in neutron.
Create Networks ❖On Site A, create three networks and spawn instances to them. ➢Specify name, subnet, gateway, allocation pool, etc during creation. 1 2 3
Create Networks - Spawn instances to networks ❖Create Networks and spawn instances to it. ➢neutron-api service accepts the request and moves to AMQP for further processing. ➢For dhcp-agent. ■ create qdhcp-xx namespace. ■ Create a port in the namespace, tag it using internal vlan id and attach to br-int. ■ spawns dnsmasq process to serve the network bound to the port. ➢On Network node. ■ Add required ovs flows to map internal vlan id for each network to tunnel id and vice-versa. ■ Tag associated ports for each networks using its internal vlan id. Webservernetwork Applicationservernetwork Databsenetwork qdhcp-web dns masq qdhcp-appqdhcp-db dns masq dns masq br-intbr-tun br-intbr-tun qdhcp-webqdhcp-appqdhcp-db dns masq dns masq dns masq Instanc e Instanc e Instanc e Instanc e Instanc e Instanc e Instanc e Instanc e Instanc e 5 6 7 6 7 5
Spawn Instances to Networks - Compute node ❖Associate each private network with an internal ovs vlan id. ➢This vlan id is translated to a gre/vxlan tunnel id or external vlan id before transporting the packet using a physical shared device and vice-versa. ➢For each instance nic: ■ Create a linux bridge. ● Connect instance nic to it. Security group rules are applied here. ● Connect it to br-int using patch-peer. ● When the packet reaches patch-peer end on br-int, tag the packet using internal vlan id for that network. ■ The packet is then moved to br-tun where a flow in ovs removes vlan id and adds tunnel id associated with the network and moved to the physical network devices. ■ Return packet does this in the reverse order. 65
Create Routers, Connect Network Together ❖Create routers. ➢Attach ports from subnets to respective routers. 1 2
Create Routers, Connect networks together ❖Create routers to connect networks together. ➢neutron-api service accepts the request and moves to AMQP for further processing. ➢ Each l3 agent, ■ creates qrouter-xx namespace for each router. ■ Create an port for VRRP traffic and assign it ip from pre- created VRRP network. ■ Spawn keepalived process bound to the namespace to facilitate HA of the router. ■ Creates two or more ports in the namespace, tag it using internal vlan id and attach to br-int ■ Keepalived elects one of the namespace as master and binds default gateway of the associated networks to it. ■ kernel ip forwarding is enabled between the ports and routing between them starts working. br-intbr-tun br-intbr-tun Instanc e Webservernetwork Instanc e Instanc e Instanc e Instanc e Instanc e Instanc e Instanc e Instanc e Applicationservernetwork Databsenetwork qrouter-app qrouter-app qrouter-db Keepa lived Keepa lived Keepa lived Keepa lived qr-xxqr-xxtapx qrouter-db qr-xxtapxqr-xx qr-xxqr-xxtapxqr-xxqr-xxtapx 5 6 8 7 6 8 5 6 7 6 8 8
Create Load Balancer For Webservers ❖Create Load Balancer. ➢Create health monitor, pool, add members (instances) to pools, create and associate VIP and with pool to create a load balancer. 1 2 3 4
Create Load Balancer for Webservers ❖Place load balancer for web server network. ➢neutron-api service accepts the request and moves to AMQP for further processing. ➢On lbaas agent. ■ Create qlbaas-xx namespace for each load balancer. ■ Create a port in the namespace, tag it using internal vlan id for the network, bind VIP to the port and attach to br-int. ■ Spawn haproxy process on the port to listen for the service on VIP and load balance among the back end instances. br-intbr-tun br-intbr-tun Webservernetwork Applicationservernetwork Databsenetwork qlbaas-web LoadBalancer tapxx Instance Instance Instance Instance Instance Instance Instance Instance Instance hapro xy 8
External network and floating ip ❖Associate floating ip with VIP ➢Create a router, Set external network as gateway, Attach webserver network to it. ➢Allocate a floating ip and associate with VIP1 2 3
External network and floating ip ❖Floating ips and routing to external network. ➢On l3_agent ■ Create qrouter-xx namespace for the external router. ■ Creates two ports in the namespace (qr-xx and qg-xx), tag it using internal vlan id, bind default gateway of the tenant network on qr-xx and an ip from external network on qg-xxx. ■ Binds floating ips as aliases on qg-xx port and adds appropriate DNAT and SNAT rules to nat table to forward them to the correct private ip of the instance. ● In our case, DNAT/SNAT is done to the VIP of the load balancer. Webservernetwork Applicationservernetwork Databsenetwork LoadBalancer Intenet Instance Instance Instance Instance Instance Instance Instance Instance Instance RemoteNetwork Instance Instance Instance br-int br-tun br-intbr-tun br-ex br-ex Intenet qrouter-webqlbaas-web tapxx floating IP keepali ved keepali ved floating IP qr-xxqg-xxtapx qrouter-web qr-xxtapxqg-xx 5 8 5 7 8 8 7
Create firewalls ❖Create firewalls. ➢ Create firewall rules, policies and then firewalls so they are automatically associated with routers. 1 2 3
Create firewalls ❖Floating ips and routing to external network. ➢neutron-api service accepts the request and moves to AMQP. fwaas_agent gets the request that need to be processed from AMQP. ➢On fwaas_agent. ■ Creation of firewall rules and policies has nothing to do except updating database. ■ Creating firewall translates firewall rules and policies to corresponding iptables rules and is applied on all active routers. ■ Running iptables -nL inside namespace will show us the list of rules. ■ It also adds a REJECT rule at the end to drop everything not allowed explicitly. Webservernetwork Applicationservernetwork Databsenetwork LoadBalancer Intenet Instance Instance Instance Instance Instance Instance Instance Instance Instance RemoteNetwork Instance Instance Instance br-intbr-tun br-intbr-tun qrouter-db qrouter-db qrouter-appqrouter-web qrouter-web iptables rules applied here iptables rules applied here iptables rules applied here iptables rules applied here iptables rules applied here qrouter-app qr-xxqr-xxqg-xxqr-xx qr-xxqr-xxqr-xxqr-xxqr-xxqg-xx qr-xxqr-xx 5 6 5 6 7 7 iptables rules applied here 5 6 7 7 6 5
Create VPN and Connect remote network. ❖Create VPN. ➢Create IKE policy, IPsec Policy and VPN Service. ➢Ceate a Site-to-Site connection using above details and peer router ip and remote private network. 1 2 43
Create VPN and connect remote network ❖Floating ips and routing to external network. ➢vpn_agent when a site-to-site connection is created: ■ Spawns a libreswan/openvpn process to the qrouter-xxx namespace using a configuration file generated with details of tunnel to be created between web server private network and remote private network. ■ This process on the source qrouter-xx gateway captures packets to the remote private network, encapsulates it, sends it over internet to the gateway on remote site via a tunnel. ■ On the remote end, a similar process decapsulates it and routes to the destination private network. Webservernetwork Applicationservernetwork Databsenetwork LoadBalancer Intenet Instance Instance Instance Instance Instance Instance Instance Instance Instance RemoteNetwork Instance Instance Instance br-int br-tun br-intbr-tun br-ex br-ex Intenet qrouter-web qrouter-web External vpn gw ip keepali ved keepali ved libreswan/vpn libreswan/vpn External vpn gw ip qr-xxqg-xxtapx qr-xxqg-xxtapx 5 6 8 5 6 8
Why This Talk?
Applicaton topology - Simple to create. Instance Instance Instance Instance Instance Instance Instance Instance DatabaseNetwork WebserverNetwork Floating IP Instance Instance Instance Instance ApplicationServer Network RemoteNetwork Tenant X Openstack Site B Openstack Site ALoadBalancer Internet
Network node 1 Site ANetwork node 1 Network node 2 qrouter- web qrouter-appqrouter-dbqrouter-web qlbaas-web qdhcp-webqdhcp-appqdhcp-db br-int qdhcp-webqdhcp-appqdhcp-db patch peer qrouter-appqrouter-dbqrouter-web br-tun br-tun libreswan/vpn libreswan/vpn br-ex patch peerbr-ex patch peer dns masq dns masq dns masq hapr oxy patch peer br-int dns masq qdhcp-remote patch peer patch peerbr-tun libreswan/vpnlibreswan/vpn br-ex br-tun br-ex libreswan/vpnqrouter-remote patch peer patch peer qdhcp-remote Network node 2Site B Internet br-int Corresponding Neutron topology - Simple to create? qrouter-remote dns masq qr-xxqg-xxtapxqr-xxqg-xxtapx qr-xxqg-xxtapxqr-xxqg-xxtapxqr-xxqg-xxtapx qr-xxqg-xxtapx qr-xxqg-xxtapx qr-xxqg-xxtapx dns masq dns masq dns masq 6 7 5 6 7 5 4 br-int 5 7 8 5 7 8 7 6 8 7 6 8 5 6 8 5 6 8 8 1 2 3 2 3 1 4
Thank You Questions? sputhenp@redhat.com twitter: @sadiquepp

Empfohlen

Openstack on Fedora, Fedora on Openstack: An Introduction to cloud IaaS
Openstack on Fedora, Fedora on Openstack: An Introduction to cloud IaaSOpenstack on Fedora, Fedora on Openstack: An Introduction to cloud IaaS
Openstack on Fedora, Fedora on Openstack: An Introduction to cloud IaaSSadique Puthen
 
How to Troubleshoot OpenStack Without Losing Sleep
How to Troubleshoot OpenStack Without Losing SleepHow to Troubleshoot OpenStack Without Losing Sleep
How to Troubleshoot OpenStack Without Losing SleepSadique Puthen
 
Troubleshooting containerized triple o deployment
Troubleshooting containerized triple o deploymentTroubleshooting containerized triple o deployment
Troubleshooting containerized triple o deploymentSadique Puthen
 
Anatomy of neutron from the eagle eyes of troubelshoorters
Anatomy of neutron from the eagle eyes of troubelshoortersAnatomy of neutron from the eagle eyes of troubelshoorters
Anatomy of neutron from the eagle eyes of troubelshoortersSadique Puthen
 
L3HA-VRRP-20141201
L3HA-VRRP-20141201L3HA-VRRP-20141201
L3HA-VRRP-20141201Manabu Ori
 
Debugging Distributed Systems - Velocity Santa Clara 2016
Debugging Distributed Systems - Velocity Santa Clara 2016Debugging Distributed Systems - Velocity Santa Clara 2016
Debugging Distributed Systems - Velocity Santa Clara 2016Donny Nadolny
 
Commication Framework in OpenStack
Commication Framework in OpenStackCommication Framework in OpenStack
Commication Framework in OpenStackSean Chang
 
Neutron Network Namespaces and IPtables--A Technical Deep Dive
Neutron Network Namespaces and IPtables--A Technical Deep DiveNeutron Network Namespaces and IPtables--A Technical Deep Dive
Neutron Network Namespaces and IPtables--A Technical Deep DiveMirantis
 

Empfohlen

Openstack on Fedora, Fedora on Openstack: An Introduction to cloud IaaS
Openstack on Fedora, Fedora on Openstack: An Introduction to cloud IaaSOpenstack on Fedora, Fedora on Openstack: An Introduction to cloud IaaS
Openstack on Fedora, Fedora on Openstack: An Introduction to cloud IaaSSadique Puthen
 
How to Troubleshoot OpenStack Without Losing Sleep
How to Troubleshoot OpenStack Without Losing SleepHow to Troubleshoot OpenStack Without Losing Sleep
How to Troubleshoot OpenStack Without Losing SleepSadique Puthen
 
Troubleshooting containerized triple o deployment
Troubleshooting containerized triple o deploymentTroubleshooting containerized triple o deployment
Troubleshooting containerized triple o deploymentSadique Puthen
 
Anatomy of neutron from the eagle eyes of troubelshoorters
Anatomy of neutron from the eagle eyes of troubelshoortersAnatomy of neutron from the eagle eyes of troubelshoorters
Anatomy of neutron from the eagle eyes of troubelshoortersSadique Puthen
 
L3HA-VRRP-20141201
L3HA-VRRP-20141201L3HA-VRRP-20141201
L3HA-VRRP-20141201Manabu Ori
 
Debugging Distributed Systems - Velocity Santa Clara 2016
Debugging Distributed Systems - Velocity Santa Clara 2016Debugging Distributed Systems - Velocity Santa Clara 2016
Debugging Distributed Systems - Velocity Santa Clara 2016Donny Nadolny
 
Commication Framework in OpenStack
Commication Framework in OpenStackCommication Framework in OpenStack
Commication Framework in OpenStackSean Chang
 
Neutron Network Namespaces and IPtables--A Technical Deep Dive
Neutron Network Namespaces and IPtables--A Technical Deep DiveNeutron Network Namespaces and IPtables--A Technical Deep Dive
Neutron Network Namespaces and IPtables--A Technical Deep DiveMirantis
 
OpenStack networking juno l3 h-a, dvr
OpenStack networking juno l3 h-a, dvrOpenStack networking juno l3 h-a, dvr
OpenStack networking juno l3 h-a, dvrSim Janghoon
 
Testing Wi-Fi with OSS Tools
Testing Wi-Fi with OSS ToolsTesting Wi-Fi with OSS Tools
Testing Wi-Fi with OSS ToolsAll Things Open
 
LXC on Ganeti
LXC on GanetiLXC on Ganeti
LXC on Ganetikawamuray
 
debugging openstack neutron /w openvswitch
debugging openstack neutron /w openvswitchdebugging openstack neutron /w openvswitch
debugging openstack neutron /w openvswitch어형 이
 
Docker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversDocker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversBrent Salisbury
 
Acus08 Advanced Load Balancing Apache2.2
Acus08 Advanced Load Balancing Apache2.2Acus08 Advanced Load Balancing Apache2.2
Acus08 Advanced Load Balancing Apache2.2Jim Jagielski
 
(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014
(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014
(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014Amazon Web Services
 
Kubernetes networking - basics
Kubernetes networking - basicsKubernetes networking - basics
Kubernetes networking - basicsJuraj Hantak
 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Diverajdeep
 
Linux-HA with Pacemaker
Linux-HA with PacemakerLinux-HA with Pacemaker
Linux-HA with PacemakerKris Buytaert
 
Control Your Network ASICs, What Benefits switchdev Can Bring Us
Control Your Network ASICs, What Benefits switchdev Can Bring UsControl Your Network ASICs, What Benefits switchdev Can Bring Us
Control Your Network ASICs, What Benefits switchdev Can Bring UsHungWei Chiu
 
Debugging Network Issues
Debugging Network IssuesDebugging Network Issues
Debugging Network IssuesApcera
 
Percon XtraDB Cluster in a nutshell
Percon XtraDB Cluster in a nutshellPercon XtraDB Cluster in a nutshell
Percon XtraDB Cluster in a nutshellFrederic Descamps
 
Defeating The Network Security Infrastructure V1.0
Defeating The Network Security Infrastructure V1.0Defeating The Network Security Infrastructure V1.0
Defeating The Network Security Infrastructure V1.0Philippe Bogaerts
 
How happy they became with H2O/mruby and the future of HTTP
How happy they became with H2O/mruby and the future of HTTPHow happy they became with H2O/mruby and the future of HTTP
How happy they became with H2O/mruby and the future of HTTPIchito Nagata
 
Nova: Openstack Compute-as-a-service
Nova: Openstack Compute-as-a-serviceNova: Openstack Compute-as-a-service
Nova: Openstack Compute-as-a-servicePratik Bandarkar
 
Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking ExplainedThomas Graf
 
Troubleshooting common oslo.messaging and RabbitMQ issues
Troubleshooting common oslo.messaging and RabbitMQ issuesTroubleshooting common oslo.messaging and RabbitMQ issues
Troubleshooting common oslo.messaging and RabbitMQ issuesMichael Klishin
 
[233] level 2 network programming using packet ngin rtos
[233] level 2 network programming using packet ngin rtos[233] level 2 network programming using packet ngin rtos
[233] level 2 network programming using packet ngin rtosNAVER D2
 
Enable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zunEnable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zunheut2008
 
OpenStack Neutron Dragonflow l3 SDNmeetup
OpenStack Neutron Dragonflow l3 SDNmeetupOpenStack Neutron Dragonflow l3 SDNmeetup
OpenStack Neutron Dragonflow l3 SDNmeetupEran Gampel
 
OpenStack and the Transformation of the Data Center - Lew Tucker
OpenStack and the Transformation of the Data Center - Lew TuckerOpenStack and the Transformation of the Data Center - Lew Tucker
OpenStack and the Transformation of the Data Center - Lew TuckerLew Tucker
 

Weitere ähnliche Inhalte

Was ist angesagt?

OpenStack networking juno l3 h-a, dvr
OpenStack networking juno l3 h-a, dvrOpenStack networking juno l3 h-a, dvr
OpenStack networking juno l3 h-a, dvrSim Janghoon
 
Testing Wi-Fi with OSS Tools
Testing Wi-Fi with OSS ToolsTesting Wi-Fi with OSS Tools
Testing Wi-Fi with OSS ToolsAll Things Open
 
LXC on Ganeti
LXC on GanetiLXC on Ganeti
LXC on Ganetikawamuray
 
debugging openstack neutron /w openvswitch
debugging openstack neutron /w openvswitchdebugging openstack neutron /w openvswitch
debugging openstack neutron /w openvswitch어형 이
 
Docker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversDocker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversBrent Salisbury
 
Acus08 Advanced Load Balancing Apache2.2
Acus08 Advanced Load Balancing Apache2.2Acus08 Advanced Load Balancing Apache2.2
Acus08 Advanced Load Balancing Apache2.2Jim Jagielski
 
(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014
(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014
(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014Amazon Web Services
 
Kubernetes networking - basics
Kubernetes networking - basicsKubernetes networking - basics
Kubernetes networking - basicsJuraj Hantak
 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Diverajdeep
 
Linux-HA with Pacemaker
Linux-HA with PacemakerLinux-HA with Pacemaker
Linux-HA with PacemakerKris Buytaert
 
Control Your Network ASICs, What Benefits switchdev Can Bring Us
Control Your Network ASICs, What Benefits switchdev Can Bring UsControl Your Network ASICs, What Benefits switchdev Can Bring Us
Control Your Network ASICs, What Benefits switchdev Can Bring UsHungWei Chiu
 
Debugging Network Issues
Debugging Network IssuesDebugging Network Issues
Debugging Network IssuesApcera
 
Percon XtraDB Cluster in a nutshell
Percon XtraDB Cluster in a nutshellPercon XtraDB Cluster in a nutshell
Percon XtraDB Cluster in a nutshellFrederic Descamps
 
Defeating The Network Security Infrastructure V1.0
Defeating The Network Security Infrastructure V1.0Defeating The Network Security Infrastructure V1.0
Defeating The Network Security Infrastructure V1.0Philippe Bogaerts
 
How happy they became with H2O/mruby and the future of HTTP
How happy they became with H2O/mruby and the future of HTTPHow happy they became with H2O/mruby and the future of HTTP
How happy they became with H2O/mruby and the future of HTTPIchito Nagata
 
Nova: Openstack Compute-as-a-service
Nova: Openstack Compute-as-a-serviceNova: Openstack Compute-as-a-service
Nova: Openstack Compute-as-a-servicePratik Bandarkar
 
Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking ExplainedThomas Graf
 
Troubleshooting common oslo.messaging and RabbitMQ issues
Troubleshooting common oslo.messaging and RabbitMQ issuesTroubleshooting common oslo.messaging and RabbitMQ issues
Troubleshooting common oslo.messaging and RabbitMQ issuesMichael Klishin
 
[233] level 2 network programming using packet ngin rtos
[233] level 2 network programming using packet ngin rtos[233] level 2 network programming using packet ngin rtos
[233] level 2 network programming using packet ngin rtosNAVER D2
 
Enable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zunEnable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zunheut2008
 

Was ist angesagt? (20)

OpenStack networking juno l3 h-a, dvr
OpenStack networking juno l3 h-a, dvrOpenStack networking juno l3 h-a, dvr
OpenStack networking juno l3 h-a, dvr
 
Testing Wi-Fi with OSS Tools
Testing Wi-Fi with OSS ToolsTesting Wi-Fi with OSS Tools
Testing Wi-Fi with OSS Tools
 
LXC on Ganeti
LXC on GanetiLXC on Ganeti
LXC on Ganeti
 
debugging openstack neutron /w openvswitch
debugging openstack neutron /w openvswitchdebugging openstack neutron /w openvswitch
debugging openstack neutron /w openvswitch
 
Docker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversDocker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan Drivers
 
Acus08 Advanced Load Balancing Apache2.2
Acus08 Advanced Load Balancing Apache2.2Acus08 Advanced Load Balancing Apache2.2
Acus08 Advanced Load Balancing Apache2.2
 
(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014
(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014
(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014
 
Kubernetes networking - basics
Kubernetes networking - basicsKubernetes networking - basics
Kubernetes networking - basics
 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Dive
 
Linux-HA with Pacemaker
Linux-HA with PacemakerLinux-HA with Pacemaker
Linux-HA with Pacemaker
 
Control Your Network ASICs, What Benefits switchdev Can Bring Us
Control Your Network ASICs, What Benefits switchdev Can Bring UsControl Your Network ASICs, What Benefits switchdev Can Bring Us
Control Your Network ASICs, What Benefits switchdev Can Bring Us
 
Debugging Network Issues
Debugging Network IssuesDebugging Network Issues
Debugging Network Issues
 
Percon XtraDB Cluster in a nutshell
Percon XtraDB Cluster in a nutshellPercon XtraDB Cluster in a nutshell
Percon XtraDB Cluster in a nutshell
 
Defeating The Network Security Infrastructure V1.0
Defeating The Network Security Infrastructure V1.0Defeating The Network Security Infrastructure V1.0
Defeating The Network Security Infrastructure V1.0
 
How happy they became with H2O/mruby and the future of HTTP
How happy they became with H2O/mruby and the future of HTTPHow happy they became with H2O/mruby and the future of HTTP
How happy they became with H2O/mruby and the future of HTTP
 
Nova: Openstack Compute-as-a-service
Nova: Openstack Compute-as-a-serviceNova: Openstack Compute-as-a-service
Nova: Openstack Compute-as-a-service
 
Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking Explained
 
Troubleshooting common oslo.messaging and RabbitMQ issues
Troubleshooting common oslo.messaging and RabbitMQ issuesTroubleshooting common oslo.messaging and RabbitMQ issues
Troubleshooting common oslo.messaging and RabbitMQ issues
 
[233] level 2 network programming using packet ngin rtos
[233] level 2 network programming using packet ngin rtos[233] level 2 network programming using packet ngin rtos
[233] level 2 network programming using packet ngin rtos
 
Enable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zunEnable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zun
 

Andere mochten auch

OpenStack Neutron Dragonflow l3 SDNmeetup
OpenStack Neutron Dragonflow l3 SDNmeetupOpenStack Neutron Dragonflow l3 SDNmeetup
OpenStack Neutron Dragonflow l3 SDNmeetupEran Gampel
 
OpenStack and the Transformation of the Data Center - Lew Tucker
OpenStack and the Transformation of the Data Center - Lew TuckerOpenStack and the Transformation of the Data Center - Lew Tucker
OpenStack and the Transformation of the Data Center - Lew TuckerLew Tucker
 
Mining Your Logs - Gaining Insight Through Visualization
Mining Your Logs - Gaining Insight Through VisualizationMining Your Logs - Gaining Insight Through Visualization
Mining Your Logs - Gaining Insight Through VisualizationRaffael Marty
 
20150509 unix v6로 배우는 커널의 원리와 구조 4 김지은
20150509 unix v6로 배우는 커널의 원리와 구조 4 김지은20150509 unix v6로 배우는 커널의 원리와 구조 4 김지은
20150509 unix v6로 배우는 커널의 원리와 구조 4 김지은jieun kim
 
OpenStack Tokyo Talk Application Data Protection Service
OpenStack Tokyo Talk Application Data Protection ServiceOpenStack Tokyo Talk Application Data Protection Service
OpenStack Tokyo Talk Application Data Protection ServiceEran Gampel
 
20150525 open flow1.3_ryu_sdn_link aggregation 1_김지은
20150525 open flow1.3_ryu_sdn_link aggregation 1_김지은20150525 open flow1.3_ryu_sdn_link aggregation 1_김지은
20150525 open flow1.3_ryu_sdn_link aggregation 1_김지은jieun kim
 
Dragon flow neutron lightning talk
Dragon flow neutron lightning talkDragon flow neutron lightning talk
Dragon flow neutron lightning talkEran Gampel
 
20150502 unix v6로 배우는 커널의 원리와 구조 1 김지은
20150502 unix v6로 배우는 커널의 원리와 구조 1 김지은20150502 unix v6로 배우는 커널의 원리와 구조 1 김지은
20150502 unix v6로 배우는 커널의 원리와 구조 1 김지은jieun kim
 
OpenStack Dragonflow shenzhen and Hangzhou meetups
OpenStack Dragonflow shenzhen and Hangzhou meetupsOpenStack Dragonflow shenzhen and Hangzhou meetups
OpenStack Dragonflow shenzhen and Hangzhou meetupsEran Gampel
 
Dragonflow 01 2016 TLV meetup
Dragonflow 01 2016 TLV meetup Dragonflow 01 2016 TLV meetup
Dragonflow 01 2016 TLV meetup Eran Gampel
 
KrDAG 오픈소스를 활용하여 웹블로그 만들기_김지은_201603
KrDAG 오픈소스를 활용하여 웹블로그 만들기_김지은_201603 KrDAG 오픈소스를 활용하여 웹블로그 만들기_김지은_201603
KrDAG 오픈소스를 활용하여 웹블로그 만들기_김지은_201603 jieun kim
 
150416 OpenStack Networking with Neutron Jieun, Kim
150416 OpenStack Networking with Neutron Jieun, Kim150416 OpenStack Networking with Neutron Jieun, Kim
150416 OpenStack Networking with Neutron Jieun, Kimjieun kim
 
Build the OpenStack Cloud with Neutron Networing, IceHouse
Build the OpenStack Cloud with Neutron Networing, IceHouseBuild the OpenStack Cloud with Neutron Networing, IceHouse
Build the OpenStack Cloud with Neutron Networing, IceHousejieun kim
 
Dragonflow Austin Summit Talk
Dragonflow Austin Summit Talk Dragonflow Austin Summit Talk
Dragonflow Austin Summit Talk Eran Gampel
 
집단지성프로그래밍 05. 최적화(optimization) 김지은_20150522
집단지성프로그래밍 05. 최적화(optimization) 김지은_20150522집단지성프로그래밍 05. 최적화(optimization) 김지은_20150522
집단지성프로그래밍 05. 최적화(optimization) 김지은_20150522jieun kim
 
Kernel vm#9 powerkvm-dist-20131208
Kernel vm#9 powerkvm-dist-20131208Kernel vm#9 powerkvm-dist-20131208
Kernel vm#9 powerkvm-dist-20131208Manabu Ori
 
150625 마이크로커널 운영체제 김지은
150625 마이크로커널 운영체제 김지은150625 마이크로커널 운영체제 김지은
150625 마이크로커널 운영체제 김지은jieun kim
 
OpenStack Neutron Liberty Updates
OpenStack Neutron Liberty UpdatesOpenStack Neutron Liberty Updates
OpenStack Neutron Liberty Updatesmestery
 
Open stack icehouse microsoftupdate
Open stack icehouse microsoftupdateOpen stack icehouse microsoftupdate
Open stack icehouse microsoftupdateKamesh Pemmaraju
 

Andere mochten auch (20)

OpenStack Neutron Dragonflow l3 SDNmeetup
OpenStack Neutron Dragonflow l3 SDNmeetupOpenStack Neutron Dragonflow l3 SDNmeetup
OpenStack Neutron Dragonflow l3 SDNmeetup
 
OpenStack and the Transformation of the Data Center - Lew Tucker
OpenStack and the Transformation of the Data Center - Lew TuckerOpenStack and the Transformation of the Data Center - Lew Tucker
OpenStack and the Transformation of the Data Center - Lew Tucker
 
Mining Your Logs - Gaining Insight Through Visualization
Mining Your Logs - Gaining Insight Through VisualizationMining Your Logs - Gaining Insight Through Visualization
Mining Your Logs - Gaining Insight Through Visualization
 
20150509 unix v6로 배우는 커널의 원리와 구조 4 김지은
20150509 unix v6로 배우는 커널의 원리와 구조 4 김지은20150509 unix v6로 배우는 커널의 원리와 구조 4 김지은
20150509 unix v6로 배우는 커널의 원리와 구조 4 김지은
 
OpenStack Tokyo Talk Application Data Protection Service
OpenStack Tokyo Talk Application Data Protection ServiceOpenStack Tokyo Talk Application Data Protection Service
OpenStack Tokyo Talk Application Data Protection Service
 
20150525 open flow1.3_ryu_sdn_link aggregation 1_김지은
20150525 open flow1.3_ryu_sdn_link aggregation 1_김지은20150525 open flow1.3_ryu_sdn_link aggregation 1_김지은
20150525 open flow1.3_ryu_sdn_link aggregation 1_김지은
 
Dragon flow neutron lightning talk
Dragon flow neutron lightning talkDragon flow neutron lightning talk
Dragon flow neutron lightning talk
 
20150502 unix v6로 배우는 커널의 원리와 구조 1 김지은
20150502 unix v6로 배우는 커널의 원리와 구조 1 김지은20150502 unix v6로 배우는 커널의 원리와 구조 1 김지은
20150502 unix v6로 배우는 커널의 원리와 구조 1 김지은
 
OpenStack Dragonflow shenzhen and Hangzhou meetups
OpenStack Dragonflow shenzhen and Hangzhou meetupsOpenStack Dragonflow shenzhen and Hangzhou meetups
OpenStack Dragonflow shenzhen and Hangzhou meetups
 
Dragonflow 01 2016 TLV meetup
Dragonflow 01 2016 TLV meetup Dragonflow 01 2016 TLV meetup
Dragonflow 01 2016 TLV meetup
 
KrDAG 오픈소스를 활용하여 웹블로그 만들기_김지은_201603
KrDAG 오픈소스를 활용하여 웹블로그 만들기_김지은_201603 KrDAG 오픈소스를 활용하여 웹블로그 만들기_김지은_201603
KrDAG 오픈소스를 활용하여 웹블로그 만들기_김지은_201603
 
150416 OpenStack Networking with Neutron Jieun, Kim
150416 OpenStack Networking with Neutron Jieun, Kim150416 OpenStack Networking with Neutron Jieun, Kim
150416 OpenStack Networking with Neutron Jieun, Kim
 
Build the OpenStack Cloud with Neutron Networing, IceHouse
Build the OpenStack Cloud with Neutron Networing, IceHouseBuild the OpenStack Cloud with Neutron Networing, IceHouse
Build the OpenStack Cloud with Neutron Networing, IceHouse
 
Dragonflow Austin Summit Talk
Dragonflow Austin Summit Talk Dragonflow Austin Summit Talk
Dragonflow Austin Summit Talk
 
집단지성프로그래밍 05. 최적화(optimization) 김지은_20150522
집단지성프로그래밍 05. 최적화(optimization) 김지은_20150522집단지성프로그래밍 05. 최적화(optimization) 김지은_20150522
집단지성프로그래밍 05. 최적화(optimization) 김지은_20150522
 
Kernel vm#9 powerkvm-dist-20131208
Kernel vm#9 powerkvm-dist-20131208Kernel vm#9 powerkvm-dist-20131208
Kernel vm#9 powerkvm-dist-20131208
 
150625 마이크로커널 운영체제 김지은
150625 마이크로커널 운영체제 김지은150625 마이크로커널 운영체제 김지은
150625 마이크로커널 운영체제 김지은
 
kamesh Videos
kamesh Videoskamesh Videos
kamesh Videos
 
OpenStack Neutron Liberty Updates
OpenStack Neutron Liberty UpdatesOpenStack Neutron Liberty Updates
OpenStack Neutron Liberty Updates
 
Open stack icehouse microsoftupdate
Open stack icehouse microsoftupdateOpen stack icehouse microsoftupdate
Open stack icehouse microsoftupdate
 

Ähnlich wie Multi tier-app-network-topology-neutron-final

Dockerizing the Hard Services: Neutron and Nova
Dockerizing the Hard Services: Neutron and NovaDockerizing the Hard Services: Neutron and Nova
Dockerizing the Hard Services: Neutron and Novaclayton_oneill
 
Neutron high availability open stack architecture openstack israel event 2015
Neutron high availability open stack architecture openstack israel event 2015Neutron high availability open stack architecture openstack israel event 2015
Neutron high availability open stack architecture openstack israel event 2015Arthur Berezin
 
Livnat Peer & Arthur Berezin, Red Hat - Neutron High Availability - OpenStack...
Livnat Peer & Arthur Berezin, Red Hat - Neutron High Availability - OpenStack...Livnat Peer & Arthur Berezin, Red Hat - Neutron High Availability - OpenStack...
Livnat Peer & Arthur Berezin, Red Hat - Neutron High Availability - OpenStack...Cloud Native Day Tel Aviv
 
Open stack networking_101_update_2014
Open stack networking_101_update_2014Open stack networking_101_update_2014
Open stack networking_101_update_2014yfauser
 
Introduction openstack-meetup-nov-28
Introduction openstack-meetup-nov-28Introduction openstack-meetup-nov-28
Introduction openstack-meetup-nov-28Sadique Puthen
 
Secure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrailSecure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrailPriti Desai
 
Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...
Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...
Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...Cloud Native Day Tel Aviv
 
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...Công TÔ
 
Netforce: extending neutron to support routed networks at scale in ebay
Netforce: extending neutron to support routed networks at scale in ebayNetforce: extending neutron to support routed networks at scale in ebay
Netforce: extending neutron to support routed networks at scale in ebayAliasgar Ginwala
 
Scalable Enterprise Ready Neutron Networking with Nuage Networks
Scalable Enterprise Ready Neutron Networking with Nuage NetworksScalable Enterprise Ready Neutron Networking with Nuage Networks
Scalable Enterprise Ready Neutron Networking with Nuage NetworksScott Sneddon
 
Open stack networking_101_part-2_tech_deep_dive
Open stack networking_101_part-2_tech_deep_diveOpen stack networking_101_part-2_tech_deep_dive
Open stack networking_101_part-2_tech_deep_diveyfauser
 
Neutron-to-Neutron: interconnecting multiple OpenStack deployments
Neutron-to-Neutron: interconnecting multiple OpenStack deploymentsNeutron-to-Neutron: interconnecting multiple OpenStack deployments
Neutron-to-Neutron: interconnecting multiple OpenStack deploymentsThomas Morin
 
Quantum - Virtual networks for Openstack
Quantum - Virtual networks for OpenstackQuantum - Virtual networks for Openstack
Quantum - Virtual networks for Openstacksalv_orlando
 
Network and Service Virtualization tutorial at ONUG Spring 2015
Network and Service Virtualization tutorial at ONUG Spring 2015Network and Service Virtualization tutorial at ONUG Spring 2015
Network and Service Virtualization tutorial at ONUG Spring 2015SDN Hub
 
Virtualization & Network Connectivity
Virtualization & Network Connectivity Virtualization & Network Connectivity
Virtualization & Network Connectivity itplant
 
Understanding network and service virtualization
Understanding network and service virtualizationUnderstanding network and service virtualization
Understanding network and service virtualizationSDN Hub
 
DragonFlow sdn based distributed virtual router for openstack neutron
DragonFlow sdn based distributed virtual router for openstack neutronDragonFlow sdn based distributed virtual router for openstack neutron
DragonFlow sdn based distributed virtual router for openstack neutronEran Gampel
 
Openstack Networking Internals - first part
Openstack Networking Internals - first partOpenstack Networking Internals - first part
Openstack Networking Internals - first partlilliput12
 
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'OpenStack Korea Community
 

Ähnlich wie Multi tier-app-network-topology-neutron-final (20)

Dockerizing the Hard Services: Neutron and Nova
Dockerizing the Hard Services: Neutron and NovaDockerizing the Hard Services: Neutron and Nova
Dockerizing the Hard Services: Neutron and Nova
 
Neutron high availability open stack architecture openstack israel event 2015
Neutron high availability open stack architecture openstack israel event 2015Neutron high availability open stack architecture openstack israel event 2015
Neutron high availability open stack architecture openstack israel event 2015
 
Livnat Peer & Arthur Berezin, Red Hat - Neutron High Availability - OpenStack...
Livnat Peer & Arthur Berezin, Red Hat - Neutron High Availability - OpenStack...Livnat Peer & Arthur Berezin, Red Hat - Neutron High Availability - OpenStack...
Livnat Peer & Arthur Berezin, Red Hat - Neutron High Availability - OpenStack...
 
Open stack networking_101_update_2014
Open stack networking_101_update_2014Open stack networking_101_update_2014
Open stack networking_101_update_2014
 
Introduction openstack-meetup-nov-28
Introduction openstack-meetup-nov-28Introduction openstack-meetup-nov-28
Introduction openstack-meetup-nov-28
 
Secure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrailSecure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrail
 
Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...
Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...
Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...
 
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
 
Netforce: extending neutron to support routed networks at scale in ebay
Netforce: extending neutron to support routed networks at scale in ebayNetforce: extending neutron to support routed networks at scale in ebay
Netforce: extending neutron to support routed networks at scale in ebay
 
Scalable Enterprise Ready Neutron Networking with Nuage Networks
Scalable Enterprise Ready Neutron Networking with Nuage NetworksScalable Enterprise Ready Neutron Networking with Nuage Networks
Scalable Enterprise Ready Neutron Networking with Nuage Networks
 
Open stack networking_101_part-2_tech_deep_dive
Open stack networking_101_part-2_tech_deep_diveOpen stack networking_101_part-2_tech_deep_dive
Open stack networking_101_part-2_tech_deep_dive
 
Neutron-to-Neutron: interconnecting multiple OpenStack deployments
Neutron-to-Neutron: interconnecting multiple OpenStack deploymentsNeutron-to-Neutron: interconnecting multiple OpenStack deployments
Neutron-to-Neutron: interconnecting multiple OpenStack deployments
 
Quantum - Virtual networks for Openstack
Quantum - Virtual networks for OpenstackQuantum - Virtual networks for Openstack
Quantum - Virtual networks for Openstack
 
Network and Service Virtualization tutorial at ONUG Spring 2015
Network and Service Virtualization tutorial at ONUG Spring 2015Network and Service Virtualization tutorial at ONUG Spring 2015
Network and Service Virtualization tutorial at ONUG Spring 2015
 
Virtualization & Network Connectivity
Virtualization & Network Connectivity Virtualization & Network Connectivity
Virtualization & Network Connectivity
 
Understanding network and service virtualization
Understanding network and service virtualizationUnderstanding network and service virtualization
Understanding network and service virtualization
 
DragonFlow sdn based distributed virtual router for openstack neutron
DragonFlow sdn based distributed virtual router for openstack neutronDragonFlow sdn based distributed virtual router for openstack neutron
DragonFlow sdn based distributed virtual router for openstack neutron
 
Openstack Networking Internals - first part
Openstack Networking Internals - first partOpenstack Networking Internals - first part
Openstack Networking Internals - first part
 
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
 
Simplify Networking for Containers
Simplify Networking for ContainersSimplify Networking for Containers
Simplify Networking for Containers
 

Kürzlich hochgeladen

(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).pptssuser5c9d4b1
 
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Serviceranjana rawat
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxupamatechverse
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )Tsuyoshi Horigome
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingrakeshbaidya232001
 
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLCurrent Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLDeelipZope
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxupamatechverse
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxpurnimasatapathy1234
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130Suhani Kapoor
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130Suhani Kapoor
 

Kürzlich hochgeladen (20)

(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
 
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptx
 
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCRCall Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writing
 
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLCurrent Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCL
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptx
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
 

Multi tier-app-network-topology-neutron-final

  • 1. How Neutron Builds Network Topology For Your Multi-tier Application Sadique Puthen Principal Technical Support Engineer, Red Hat 20 May 2015, Openstack Summit, Vancouver
  • 2. Agenda ❖Neutron Overview ➢Native and External components ➢Network Namespace ❖Application Network Topology. ➢How to build application network topology. ❖Correlate application topology with Neutron ➢What happens inside neutron when we build it? ➢Explore with Native HA available in neutron. ❖Why am I doing this?
  • 3. Neutron Overview and Components
  • 4. ❖Neutron is a project with in Openstack that delivers Networking-as-a-Service. ➢Create/manage/remove Networks, Routers, Load Balancers, Firewalls, VPNs, Layer 2 flow, etc on demand. ➢Involves multiple neutron native components. ➢Depends highly on external components. Neutron Overview
  • 5. ❖Native Components Involves: ➢Neutron API ➢Neutron DHCP Agent ➢Neutron Layer 3 Agent ➢Neutron LbaaS Agent ➢Neutron FWaaS Agent ➢Neutron VPNaaS Agent ➢Metadata Agent. ➢Neutron Layer 2 Agent. ◆eg. Neutron Openvswitch Agent. ◆Other third party Agents. Neutron Components Database Messagequeue Neutron API Servers lbaas Agents dhcp Agents l3 Agents Metadata Agents layer 2 agents fwaas Agents vpn Agents
  • 6. ❖External Components. ➢Network Namespace ➢Openvswitch ➢Dnsmasq ➢Libreswan/Openswan ➢Keepalived ➢Haproxy or a third party HA daemon ➢Iptables firewall ◆DNAT/SNAT ➢Networking userspace components. ➢kernel Neutron External Components Layer 2 Agent Metadata Agent VPN Agent L3 AgentDHCP Agent fwaas Agent API Server Openvswitch dnsmasq openswan iptables haproxy kernel networking tools keepalived DNAT/SNAT LBaaS Agent Neutron
  • 7. ❖A namespace allows isolation of a group of resources to its own space. ➢These resources in the group run with the illusion that they are the only processes on the system. ➢Multiple such groups can run on a system without knowing each other. ■ This facilitates using same parameters. Namespace and Network Namespace namespace1 namespace2 namespace3 httpd 192.168.1.1 iptables routing Port 80 httpd 192.168.1.1 iptables routing Port 80 httpd 192.168.1.1 iptables routing Port 80interface interface interface Operating System/ Kernel ➢Grouping network related resources in such a way forms network namespaces. ■ Neutron uses this to support overlapping ip addressing
  • 8. Neutron Physical Topology ❖Neutron components are usually spread into three types of physical systems. ➢Controllers. ■ Usually more than one node is deployed for high availability. ■ Runs neutron API server. ➢Network Nodes. ■ Usually more than one node is deployed for high availability. ■ Runs l3, dhcp, lbaas, vpn and layer 2 agents ➢Compute nodes run layer 2 agent. dhcp-agent l3-agent lbaas-agent vpn-agent layer 2 agen metadata-agent neutron-serverneutron-server Controller Nodes Network Nodes Compute Nodes Layer 2 agents Layer 2 agents dhcp-agent l3-agent lbaas-agent vpn-agent layer 2 agen metadata-agent
  • 10. Multi-Tier Application Network Topology Instance Instance Instance Instance Instance Instance Instance Instance DatabaseNetwork WebserverNetwork Floating IP Instance Instance Instance Instance ApplicationServer Network RemoteNetwork Tenant X Openstack Site B Openstack Site ALoadBalancer Internet 192.168.1.0/24 192.168.2.0/24 192.168.3.0/24192.168.4.0/24
  • 11. Example multi-tier application ❖ On Site A ➢Application that we are going to build involves ■ A web tier with a load balancer in the front. ■ An application tier. ■ A database tier. ➢Each tier is isolated to its own private network. ■ Connected together using separate virtual routers. ■ Webserver network is also connected to internet. ■ There is a firewall between each network. TenantA has two sites siteA and siteB. DatabaseNetwork WebserverNetwork Floating IP ApplicationServer Network LoadBalancer 192.168.1.0/24 192.168.2.0/24 192.168.3.0/24 Instance Instance Instance Instance Instance Instance Instance Instance Instance Internet ➢HTTP requests from end user is listening on a floating ip that forwards requests to the private VIP for the load balancer.
  • 12. Example multi-tier application ❖On Site B ➢ Tenant has one private network connected to Internet. ➢Web server private network and this private network need to be connected together using a VPN for secure data transfer and enable direct network communication. TenantA has two sites siteA and siteB. Instance Instance Instance Remote Network Internet 192.168.4.0/24
  • 13. How To Build It? What Happens Inside Neutron?
  • 14. How to build it? Neutron Topology. ❖There are multiple ways to build it. ➢Use horizon dashboard. ➢Use CLI. ➢Via API. ➢Use a heat template to automate them. br-int br-tun br-int br-tun br-ex br-ex Intenet ❖Neutron topology that I am going to correlate with has two network nodes. ➢Each neutron agent runs with HA using HA tool (Not discussed here). ➢Tenant virtual routers and dhcp processes for each network run with native HA available in neutron.
  • 15. Create Networks ❖On Site A, create three networks and spawn instances to them. ➢Specify name, subnet, gateway, allocation pool, etc during creation. 1 2 3
  • 16. Create Networks - Spawn instances to networks ❖Create Networks and spawn instances to it. ➢neutron-api service accepts the request and moves to AMQP for further processing. ➢For dhcp-agent. ■ create qdhcp-xx namespace. ■ Create a port in the namespace, tag it using internal vlan id and attach to br-int. ■ spawns dnsmasq process to serve the network bound to the port. ➢On Network node. ■ Add required ovs flows to map internal vlan id for each network to tunnel id and vice-versa. ■ Tag associated ports for each networks using its internal vlan id. Webservernetwork Applicationservernetwork Databsenetwork qdhcp-web dns masq qdhcp-appqdhcp-db dns masq dns masq br-intbr-tun br-intbr-tun qdhcp-webqdhcp-appqdhcp-db dns masq dns masq dns masq Instanc e Instanc e Instanc e Instanc e Instanc e Instanc e Instanc e Instanc e Instanc e 5 6 7 6 7 5
  • 17. Spawn Instances to Networks - Compute node ❖Associate each private network with an internal ovs vlan id. ➢This vlan id is translated to a gre/vxlan tunnel id or external vlan id before transporting the packet using a physical shared device and vice-versa. ➢For each instance nic: ■ Create a linux bridge. ● Connect instance nic to it. Security group rules are applied here. ● Connect it to br-int using patch-peer. ● When the packet reaches patch-peer end on br-int, tag the packet using internal vlan id for that network. ■ The packet is then moved to br-tun where a flow in ovs removes vlan id and adds tunnel id associated with the network and moved to the physical network devices. ■ Return packet does this in the reverse order. 65
  • 18. Create Routers, Connect Network Together ❖Create routers. ➢Attach ports from subnets to respective routers. 1 2
  • 19. Create Routers, Connect networks together ❖Create routers to connect networks together. ➢neutron-api service accepts the request and moves to AMQP for further processing. ➢ Each l3 agent, ■ creates qrouter-xx namespace for each router. ■ Create an port for VRRP traffic and assign it ip from pre- created VRRP network. ■ Spawn keepalived process bound to the namespace to facilitate HA of the router. ■ Creates two or more ports in the namespace, tag it using internal vlan id and attach to br-int ■ Keepalived elects one of the namespace as master and binds default gateway of the associated networks to it. ■ kernel ip forwarding is enabled between the ports and routing between them starts working. br-intbr-tun br-intbr-tun Instanc e Webservernetwork Instanc e Instanc e Instanc e Instanc e Instanc e Instanc e Instanc e Instanc e Applicationservernetwork Databsenetwork qrouter-app qrouter-app qrouter-db Keepa lived Keepa lived Keepa lived Keepa lived qr-xxqr-xxtapx qrouter-db qr-xxtapxqr-xx qr-xxqr-xxtapxqr-xxqr-xxtapx 5 6 8 7 6 8 5 6 7 6 8 8
  • 20. Create Load Balancer For Webservers ❖Create Load Balancer. ➢Create health monitor, pool, add members (instances) to pools, create and associate VIP and with pool to create a load balancer. 1 2 3 4
  • 21. Create Load Balancer for Webservers ❖Place load balancer for web server network. ➢neutron-api service accepts the request and moves to AMQP for further processing. ➢On lbaas agent. ■ Create qlbaas-xx namespace for each load balancer. ■ Create a port in the namespace, tag it using internal vlan id for the network, bind VIP to the port and attach to br-int. ■ Spawn haproxy process on the port to listen for the service on VIP and load balance among the back end instances. br-intbr-tun br-intbr-tun Webservernetwork Applicationservernetwork Databsenetwork qlbaas-web LoadBalancer tapxx Instance Instance Instance Instance Instance Instance Instance Instance Instance hapro xy 8
  • 22. External network and floating ip ❖Associate floating ip with VIP ➢Create a router, Set external network as gateway, Attach webserver network to it. ➢Allocate a floating ip and associate with VIP1 2 3
  • 23. External network and floating ip ❖Floating ips and routing to external network. ➢On l3_agent ■ Create qrouter-xx namespace for the external router. ■ Creates two ports in the namespace (qr-xx and qg-xx), tag it using internal vlan id, bind default gateway of the tenant network on qr-xx and an ip from external network on qg-xxx. ■ Binds floating ips as aliases on qg-xx port and adds appropriate DNAT and SNAT rules to nat table to forward them to the correct private ip of the instance. ● In our case, DNAT/SNAT is done to the VIP of the load balancer. Webservernetwork Applicationservernetwork Databsenetwork LoadBalancer Intenet Instance Instance Instance Instance Instance Instance Instance Instance Instance RemoteNetwork Instance Instance Instance br-int br-tun br-intbr-tun br-ex br-ex Intenet qrouter-webqlbaas-web tapxx floating IP keepali ved keepali ved floating IP qr-xxqg-xxtapx qrouter-web qr-xxtapxqg-xx 5 8 5 7 8 8 7
  • 24. Create firewalls ❖Create firewalls. ➢ Create firewall rules, policies and then firewalls so they are automatically associated with routers. 1 2 3
  • 25. Create firewalls ❖Floating ips and routing to external network. ➢neutron-api service accepts the request and moves to AMQP. fwaas_agent gets the request that need to be processed from AMQP. ➢On fwaas_agent. ■ Creation of firewall rules and policies has nothing to do except updating database. ■ Creating firewall translates firewall rules and policies to corresponding iptables rules and is applied on all active routers. ■ Running iptables -nL inside namespace will show us the list of rules. ■ It also adds a REJECT rule at the end to drop everything not allowed explicitly. Webservernetwork Applicationservernetwork Databsenetwork LoadBalancer Intenet Instance Instance Instance Instance Instance Instance Instance Instance Instance RemoteNetwork Instance Instance Instance br-intbr-tun br-intbr-tun qrouter-db qrouter-db qrouter-appqrouter-web qrouter-web iptables rules applied here iptables rules applied here iptables rules applied here iptables rules applied here iptables rules applied here qrouter-app qr-xxqr-xxqg-xxqr-xx qr-xxqr-xxqr-xxqr-xxqr-xxqg-xx qr-xxqr-xx 5 6 5 6 7 7 iptables rules applied here 5 6 7 7 6 5
  • 26. Create VPN and Connect remote network. ❖Create VPN. ➢Create IKE policy, IPsec Policy and VPN Service. ➢Ceate a Site-to-Site connection using above details and peer router ip and remote private network. 1 2 43
  • 27. Create VPN and connect remote network ❖Floating ips and routing to external network. ➢vpn_agent when a site-to-site connection is created: ■ Spawns a libreswan/openvpn process to the qrouter-xxx namespace using a configuration file generated with details of tunnel to be created between web server private network and remote private network. ■ This process on the source qrouter-xx gateway captures packets to the remote private network, encapsulates it, sends it over internet to the gateway on remote site via a tunnel. ■ On the remote end, a similar process decapsulates it and routes to the destination private network. Webservernetwork Applicationservernetwork Databsenetwork LoadBalancer Intenet Instance Instance Instance Instance Instance Instance Instance Instance Instance RemoteNetwork Instance Instance Instance br-int br-tun br-intbr-tun br-ex br-ex Intenet qrouter-web qrouter-web External vpn gw ip keepali ved keepali ved libreswan/vpn libreswan/vpn External vpn gw ip qr-xxqg-xxtapx qr-xxqg-xxtapx 5 6 8 5 6 8
  • 29. Applicaton topology - Simple to create. Instance Instance Instance Instance Instance Instance Instance Instance DatabaseNetwork WebserverNetwork Floating IP Instance Instance Instance Instance ApplicationServer Network RemoteNetwork Tenant X Openstack Site B Openstack Site ALoadBalancer Internet
  • 30. Network node 1 Site ANetwork node 1 Network node 2 qrouter- web qrouter-appqrouter-dbqrouter-web qlbaas-web qdhcp-webqdhcp-appqdhcp-db br-int qdhcp-webqdhcp-appqdhcp-db patch peer qrouter-appqrouter-dbqrouter-web br-tun br-tun libreswan/vpn libreswan/vpn br-ex patch peerbr-ex patch peer dns masq dns masq dns masq hapr oxy patch peer br-int dns masq qdhcp-remote patch peer patch peerbr-tun libreswan/vpnlibreswan/vpn br-ex br-tun br-ex libreswan/vpnqrouter-remote patch peer patch peer qdhcp-remote Network node 2Site B Internet br-int Corresponding Neutron topology - Simple to create? qrouter-remote dns masq qr-xxqg-xxtapxqr-xxqg-xxtapx qr-xxqg-xxtapxqr-xxqg-xxtapxqr-xxqg-xxtapx qr-xxqg-xxtapx qr-xxqg-xxtapx qr-xxqg-xxtapx dns masq dns masq dns masq 6 7 5 6 7 5 4 br-int 5 7 8 5 7 8 7 6 8 7 6 8 5 6 8 5 6 8 8 1 2 3 2 3 1 4