SlideShare ist ein Scribd-Unternehmen logo

CloudStack Networking Overview - Jan 28, 2014

Sheng Yang
Sheng Yang

Used at CloudStack Bay Area Meetup, Jan 28, 2014

Technologie
1 von 15
Downloaden Sie, um offline zu lesen
Apache CloudStack Networking Overview Sheng Yang Jan 28, 2014
Outline ● Network models – Basic network – Advanced network ● Network Offering ● Virtual Router ● And more
Basic Networking ● EC2 Classic-style network – L3 Isolation – Segmentation done by security group – Easy to setup and easy to scale – EIP/ELB supported ● With Netscaler devices
Advanced Networking ● Virtual Private Cloud(VPC) supported ● L2 isolation – VLAN by default ● IP Address Management, DNS, Firewall, NAT, VPN, LB ● External hardware firewall/LB supported ● Traffic accounting ● Access control(ACL) ● Software Defined Network(SDN) ● Redundant Virtual Router support – For isolated network only
Basic vs Advanced Networking ● Basic: – – Easier to deploy – ● L3 isolation Scalability Advanced: – L2 isolation – Feature rich
Basic Networking Public network L2/L3 Core Switch Guest Network Pod L2 Switch Pod L2 Switch Web VM 1 Web VM 2 App VM 2 DB Master Web VM 3 App VM 1 DHCP Server VM Web VM 4 DB Slave DHCP server VM Web security group CloudStack Appliance App security group DB security group
Isolated network Road Warrior Remote Access VPN Public network Virtual router VM VLAN 1000 Web 1 App 1 Redundant Virtual router VM Master VLAN 1001 Load Balancing Redundant Virtual router VM Backup CloudStack Appliance App 2 Web 1 Web 2 Web 3 Redundant Virtual Router Firewall, NAT, Remote Access VPN, Load balancing, Password/Userdata
Isolated network with external devices Side-by-Side Mode Public network VLAN 1001 Juniper SRX Web 1 Netscaler Load Balancer Web 2 DHCP server VM Load Balancing Inline Mode Public network VLAN 1001 Juniper SRX Netscaler Load Balancer Web 1 Load Balancing CloudStack Appliance Web 2 DHCP server VM Firewall, NAT, Load balancing, Password/Userdata
Virtual Private Cloud Road Warrior Web Tier: 10.1.0.1/24 VLAN 1001 Web 1 Remote Access VPN Public network 10.1.0.1/16 VPC router VM Web 2 Web 3 Public Load balancing App Tier: 10.1.1.1/24 VLAN 1000 App 1 App 2 Internal LB VM Internal Load balancing Site-to-site VPN DB Tier: 10.1.2.1/24 VLAN 1002 Remote Network Router CloudStack Appliance DB Master DB Slave ACL, NAT, Load balancing, Remote Access VPN, Site-to-Site VPN, Password/Userdata
Virtual Private Cloud with shared network Road Warrior 10.10.10.1/24 Web Tier: 10.1.0.1/24 VLAN 1001 Web 1 Remote Access VPN Public network 10.1.0.1/16 VPC router VM Web 2 App Tier: 10.1.1.1/24 VLAN 1000 App 1 Site-to-site VPN Web 3 App 2 DB Tier: 10.1.2.1/24 VLAN 1002 Remote Network Router DB Master DB Slave Monitor VM DHCP Server VM CloudStack Appliance VLAN 1010
Network Offering ● How would user want to define a network ● Type of the network – ● Service needed – ● External network devices e.g. Netscaler can be used for certain services Virtual Router's system offering – ● DHCP, DNS, source NAT, static NAT, port forwarding, load balancing, VPN, etc. The provider of the services – ● VPC, Isolated or Shared network CPU, memory, etc. And various capabilities: – Redundant router, in-line mode or side-by-side mode, etc.
Virtual Router ● ● ● A key component of CloudStack networking infrastructure A CloudStack generated VM acting as DHCP server or router in the network Created/destroyed with network/VPC – Automatically shutdown if there is no active VM in the network
Virtual Router Internal ● Based on latest Debian stable release – Debian 7 “Wheezy” at this point ● Dnsmasq: DNS, DHCP ● IPtables: firewall, ACL, NAT ● HAproxy: load balancing ● OpenSwan: VPN ● Apache HTTP server: user data, password ● Keepalived: redundant virtual router
Virtual Router Mechanism ● All commands to VR would be executed by some scripts in the VR ● NICs: – – Control NIC – ● Public NIC Guest network NIC Configure when VR is booting up – – ● IP of the nics Default state and configuration for services Automatically update the scripts when rebooting – Through a mounted iso file(systemvm.iso)
What's more ● IPv6 support ● SDN – ● External Network Devices – ● OpenVSwitch, Nicira NVP, MidoNet, Big Switch VNS, Juniper Contrail, etc. Netscaler, Juniper SRX, F5 Big-IP, Palo Alto Firewall, etc. More and more is coming from community

Empfohlen

Implementing CloudStack's VPC feature
Implementing CloudStack's VPC featureImplementing CloudStack's VPC feature
Implementing CloudStack's VPC featureMarcus L Sorensen
 
Network Simulation using Mikrotik Router OS CHR (MUM Presentation)
Network Simulation using Mikrotik Router OS CHR (MUM Presentation)Network Simulation using Mikrotik Router OS CHR (MUM Presentation)
Network Simulation using Mikrotik Router OS CHR (MUM Presentation)Arif Hossen
 
Openstack Neutron Insights
Openstack Neutron InsightsOpenstack Neutron Insights
Openstack Neutron InsightsAtul Pandey
 
MTCNA
MTCNAMTCNA
MTCNAgurubelajarmandiri
 
VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX
VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX
VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX VMworld
 
Mtcna outline
Mtcna outlineMtcna outline
Mtcna outlinegaliya1810
 
What's new in Neutron Juno
What's new in Neutron JunoWhat's new in Neutron Juno
What's new in Neutron JunoJaume Devesa Gomez
 
Cloud Computing as Innovation Hub - Mohammad Fairus Khalid
Cloud Computing as Innovation Hub - Mohammad Fairus KhalidCloud Computing as Innovation Hub - Mohammad Fairus Khalid
Cloud Computing as Innovation Hub - Mohammad Fairus KhalidOpenNebula Project
 

Empfohlen

Implementing CloudStack's VPC feature
Implementing CloudStack's VPC featureImplementing CloudStack's VPC feature
Implementing CloudStack's VPC featureMarcus L Sorensen
 
Network Simulation using Mikrotik Router OS CHR (MUM Presentation)
Network Simulation using Mikrotik Router OS CHR (MUM Presentation)Network Simulation using Mikrotik Router OS CHR (MUM Presentation)
Network Simulation using Mikrotik Router OS CHR (MUM Presentation)Arif Hossen
 
Openstack Neutron Insights
Openstack Neutron InsightsOpenstack Neutron Insights
Openstack Neutron InsightsAtul Pandey
 
MTCNA
MTCNAMTCNA
MTCNAgurubelajarmandiri
 
VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX
VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX
VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX VMworld
 
Mtcna outline
Mtcna outlineMtcna outline
Mtcna outlinegaliya1810
 
What's new in Neutron Juno
What's new in Neutron JunoWhat's new in Neutron Juno
What's new in Neutron JunoJaume Devesa Gomez
 
Cloud Computing as Innovation Hub - Mohammad Fairus Khalid
Cloud Computing as Innovation Hub - Mohammad Fairus KhalidCloud Computing as Innovation Hub - Mohammad Fairus Khalid
Cloud Computing as Innovation Hub - Mohammad Fairus KhalidOpenNebula Project
 
MTCNA - MikroTik Certified Network Associate - v2
MTCNA - MikroTik Certified Network Associate - v2MTCNA - MikroTik Certified Network Associate - v2
MTCNA - MikroTik Certified Network Associate - v2Yaser Rahmati
 
WSO2 Message Broker - Product Overview
WSO2 Message Broker - Product OverviewWSO2 Message Broker - Product Overview
WSO2 Message Broker - Product OverviewWSO2
 
Presentation v mware v-sphere distributed switch—technical deep dive
Presentation v mware v-sphere distributed switch—technical deep divePresentation v mware v-sphere distributed switch—technical deep dive
Presentation v mware v-sphere distributed switch—technical deep divesolarisyourep
 
VMware NSX primer 2014
VMware NSX primer 2014VMware NSX primer 2014
VMware NSX primer 2014Sanjay Basu
 
Window server editions
Window server editionsWindow server editions
Window server editionsFiji National University
 
Network virtualization
Network virtualizationNetwork virtualization
Network virtualizationDamian Parniewicz
 
Chapter9ccna
Chapter9ccnaChapter9ccna
Chapter9ccnaLakshan Perera
 
Choosing MikroTik for Your Network
Choosing MikroTik for Your NetworkChoosing MikroTik for Your Network
Choosing MikroTik for Your NetworkFaisal Reza
 
Citrix Day 2015 Net Scaler Release 10.5 Update v10
Citrix Day 2015 Net Scaler Release 10.5 Update v10Citrix Day 2015 Net Scaler Release 10.5 Update v10
Citrix Day 2015 Net Scaler Release 10.5 Update v10Digicomp Academy Suisse Romande SA
 
Modular Quantum L2 Plugin and Agent
Modular Quantum L2 Plugin and AgentModular Quantum L2 Plugin and Agent
Modular Quantum L2 Plugin and AgentBob Kukura
 
Intro to Multi-WAN - pfSense Hangout April 2014
Intro to Multi-WAN - pfSense Hangout April 2014Intro to Multi-WAN - pfSense Hangout April 2014
Intro to Multi-WAN - pfSense Hangout April 2014Netgate
 
PPPoE With Mikrotik and Radius
PPPoE With Mikrotik and RadiusPPPoE With Mikrotik and Radius
PPPoE With Mikrotik and RadiusDashamir Hoxha
 
Pub/Sub Messaging
Pub/Sub MessagingPub/Sub Messaging
Pub/Sub MessagingPeter Hanzlik
 
1.2 build cloud_fabric_final
1.2 build cloud_fabric_final1.2 build cloud_fabric_final
1.2 build cloud_fabric_finalPaulo Freitas
 
Nicolas Vazquez - Open vSwitch with DPDK on CloudStack
Nicolas Vazquez - Open vSwitch with DPDK on CloudStackNicolas Vazquez - Open vSwitch with DPDK on CloudStack
Nicolas Vazquez - Open vSwitch with DPDK on CloudStackShapeBlue
 
CloudStack NYC Meetup: Networking
CloudStack NYC Meetup: NetworkingCloudStack NYC Meetup: Networking
CloudStack NYC Meetup: NetworkingJeff Moody
 
cyfuture-dc-services
cyfuture-dc-services cyfuture-dc-services
cyfuture-dc-services Vishal Yadav
 
Cumulus Linux 2.2 Overview
Cumulus Linux 2.2 OverviewCumulus Linux 2.2 Overview
Cumulus Linux 2.2 OverviewCumulus Networks
 
Java Middleware Surgery
Java Middleware Surgery Java Middleware Surgery
Java Middleware Surgery C2B2 Consulting
 
VMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep DiveVMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep DiveVMworld
 
CloudKC: Evolution of Network Virtualization
CloudKC: Evolution of Network VirtualizationCloudKC: Evolution of Network Virtualization
CloudKC: Evolution of Network VirtualizationCynthia Thomas
 
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...Dan Mihai Dumitriu
 

Weitere ähnliche Inhalte

Was ist angesagt?

MTCNA - MikroTik Certified Network Associate - v2
MTCNA - MikroTik Certified Network Associate - v2MTCNA - MikroTik Certified Network Associate - v2
MTCNA - MikroTik Certified Network Associate - v2Yaser Rahmati
 
WSO2 Message Broker - Product Overview
WSO2 Message Broker - Product OverviewWSO2 Message Broker - Product Overview
WSO2 Message Broker - Product OverviewWSO2
 
Presentation v mware v-sphere distributed switch—technical deep dive
Presentation v mware v-sphere distributed switch—technical deep divePresentation v mware v-sphere distributed switch—technical deep dive
Presentation v mware v-sphere distributed switch—technical deep divesolarisyourep
 
VMware NSX primer 2014
VMware NSX primer 2014VMware NSX primer 2014
VMware NSX primer 2014Sanjay Basu
 
Choosing MikroTik for Your Network
Choosing MikroTik for Your NetworkChoosing MikroTik for Your Network
Choosing MikroTik for Your NetworkFaisal Reza
 
Modular Quantum L2 Plugin and Agent
Modular Quantum L2 Plugin and AgentModular Quantum L2 Plugin and Agent
Modular Quantum L2 Plugin and AgentBob Kukura
 
Intro to Multi-WAN - pfSense Hangout April 2014
Intro to Multi-WAN - pfSense Hangout April 2014Intro to Multi-WAN - pfSense Hangout April 2014
Intro to Multi-WAN - pfSense Hangout April 2014Netgate
 
PPPoE With Mikrotik and Radius
PPPoE With Mikrotik and RadiusPPPoE With Mikrotik and Radius
PPPoE With Mikrotik and RadiusDashamir Hoxha
 
1.2 build cloud_fabric_final
1.2 build cloud_fabric_final1.2 build cloud_fabric_final
1.2 build cloud_fabric_finalPaulo Freitas
 
Nicolas Vazquez - Open vSwitch with DPDK on CloudStack
Nicolas Vazquez - Open vSwitch with DPDK on CloudStackNicolas Vazquez - Open vSwitch with DPDK on CloudStack
Nicolas Vazquez - Open vSwitch with DPDK on CloudStackShapeBlue
 
CloudStack NYC Meetup: Networking
CloudStack NYC Meetup: NetworkingCloudStack NYC Meetup: Networking
CloudStack NYC Meetup: NetworkingJeff Moody
 
cyfuture-dc-services
cyfuture-dc-services cyfuture-dc-services
cyfuture-dc-services Vishal Yadav
 
Cumulus Linux 2.2 Overview
Cumulus Linux 2.2 OverviewCumulus Linux 2.2 Overview
Cumulus Linux 2.2 OverviewCumulus Networks
 
Java Middleware Surgery
Java Middleware Surgery Java Middleware Surgery
Java Middleware Surgery C2B2 Consulting
 
VMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep DiveVMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep DiveVMworld
 

Was ist angesagt? (20)

MTCNA - MikroTik Certified Network Associate - v2
MTCNA - MikroTik Certified Network Associate - v2MTCNA - MikroTik Certified Network Associate - v2
MTCNA - MikroTik Certified Network Associate - v2
 
WSO2 Message Broker - Product Overview
WSO2 Message Broker - Product OverviewWSO2 Message Broker - Product Overview
WSO2 Message Broker - Product Overview
 
Presentation v mware v-sphere distributed switch—technical deep dive
Presentation v mware v-sphere distributed switch—technical deep divePresentation v mware v-sphere distributed switch—technical deep dive
Presentation v mware v-sphere distributed switch—technical deep dive
 
VMware NSX primer 2014
VMware NSX primer 2014VMware NSX primer 2014
VMware NSX primer 2014
 
Window server editions
Window server editionsWindow server editions
Window server editions
 
Network virtualization
Network virtualizationNetwork virtualization
Network virtualization
 
Chapter9ccna
Chapter9ccnaChapter9ccna
Chapter9ccna
 
Choosing MikroTik for Your Network
Choosing MikroTik for Your NetworkChoosing MikroTik for Your Network
Choosing MikroTik for Your Network
 
Citrix Day 2015 Net Scaler Release 10.5 Update v10
Citrix Day 2015 Net Scaler Release 10.5 Update v10Citrix Day 2015 Net Scaler Release 10.5 Update v10
Citrix Day 2015 Net Scaler Release 10.5 Update v10
 
Modular Quantum L2 Plugin and Agent
Modular Quantum L2 Plugin and AgentModular Quantum L2 Plugin and Agent
Modular Quantum L2 Plugin and Agent
 
Intro to Multi-WAN - pfSense Hangout April 2014
Intro to Multi-WAN - pfSense Hangout April 2014Intro to Multi-WAN - pfSense Hangout April 2014
Intro to Multi-WAN - pfSense Hangout April 2014
 
PPPoE With Mikrotik and Radius
PPPoE With Mikrotik and RadiusPPPoE With Mikrotik and Radius
PPPoE With Mikrotik and Radius
 
Pub/Sub Messaging
Pub/Sub MessagingPub/Sub Messaging
Pub/Sub Messaging
 
1.2 build cloud_fabric_final
1.2 build cloud_fabric_final1.2 build cloud_fabric_final
1.2 build cloud_fabric_final
 
Nicolas Vazquez - Open vSwitch with DPDK on CloudStack
Nicolas Vazquez - Open vSwitch with DPDK on CloudStackNicolas Vazquez - Open vSwitch with DPDK on CloudStack
Nicolas Vazquez - Open vSwitch with DPDK on CloudStack
 
CloudStack NYC Meetup: Networking
CloudStack NYC Meetup: NetworkingCloudStack NYC Meetup: Networking
CloudStack NYC Meetup: Networking
 
cyfuture-dc-services
cyfuture-dc-services cyfuture-dc-services
cyfuture-dc-services
 
Cumulus Linux 2.2 Overview
Cumulus Linux 2.2 OverviewCumulus Linux 2.2 Overview
Cumulus Linux 2.2 Overview
 
Java Middleware Surgery
Java Middleware Surgery Java Middleware Surgery
Java Middleware Surgery
 
VMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep DiveVMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep Dive
 

Ähnlich wie CloudStack Networking Overview - Jan 28, 2014

CloudKC: Evolution of Network Virtualization
CloudKC: Evolution of Network VirtualizationCloudKC: Evolution of Network Virtualization
CloudKC: Evolution of Network VirtualizationCynthia Thomas
 
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...Dan Mihai Dumitriu
 
OpenNebula Networking - Rubén S. Montero
OpenNebula Networking - Rubén S. MonteroOpenNebula Networking - Rubén S. Montero
OpenNebula Networking - Rubén S. MonteroOpenNebula Project
 
OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. Montero
OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. MonteroOpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. Montero
OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. MonteroOpenNebula Project
 
Network and Service Virtualization tutorial at ONUG Spring 2015
Network and Service Virtualization tutorial at ONUG Spring 2015Network and Service Virtualization tutorial at ONUG Spring 2015
Network and Service Virtualization tutorial at ONUG Spring 2015SDN Hub
 
SDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingSDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingThomas Graf
 
Network Virtualization & Software-defined Networking
Network Virtualization & Software-defined NetworkingNetwork Virtualization & Software-defined Networking
Network Virtualization & Software-defined NetworkingDigicomp Academy AG
 
VMworld 2013: Virtualized Network Services Model with VMware NSX
VMworld 2013: Virtualized Network Services Model with VMware NSX VMworld 2013: Virtualized Network Services Model with VMware NSX
VMworld 2013: Virtualized Network Services Model with VMware NSX VMworld
 
Understanding network and service virtualization
Understanding network and service virtualizationUnderstanding network and service virtualization
Understanding network and service virtualizationSDN Hub
 
Tech Talk by John Casey (CTO) CPLANE_NETWORKS : High Performance OpenStack Ne...
Tech Talk by John Casey (CTO) CPLANE_NETWORKS : High Performance OpenStack Ne...Tech Talk by John Casey (CTO) CPLANE_NETWORKS : High Performance OpenStack Ne...
Tech Talk by John Casey (CTO) CPLANE_NETWORKS : High Performance OpenStack Ne...nvirters
 
OpenStack Networking and Automation
OpenStack Networking and AutomationOpenStack Networking and Automation
OpenStack Networking and AutomationAdam Johnson
 
CloudStack Networking Deepdive CCCEU13
CloudStack Networking Deepdive CCCEU13CloudStack Networking Deepdive CCCEU13
CloudStack Networking Deepdive CCCEU13Chiradeep Vittal
 
PLNOG 13: Nicolai van der Smagt: SDN
PLNOG 13: Nicolai van der Smagt: SDNPLNOG 13: Nicolai van der Smagt: SDN
PLNOG 13: Nicolai van der Smagt: SDNPROIDEA
 
From Nova-Network to Neutron and Beyond: A Look at OpenStack Networking
From Nova-Network to Neutron and Beyond: A Look at OpenStack NetworkingFrom Nova-Network to Neutron and Beyond: A Look at OpenStack Networking
From Nova-Network to Neutron and Beyond: A Look at OpenStack NetworkingCynthia Thomas
 
Midokura OpenStack Meetup Taipei
Midokura OpenStack Meetup TaipeiMidokura OpenStack Meetup Taipei
Midokura OpenStack Meetup TaipeiDan Mihai Dumitriu
 
[OpenStack Day in Korea 2015] Track 3-6 - Archiectural Overview of the Open S...
[OpenStack Day in Korea 2015] Track 3-6 - Archiectural Overview of the Open S...[OpenStack Day in Korea 2015] Track 3-6 - Archiectural Overview of the Open S...
[OpenStack Day in Korea 2015] Track 3-6 - Archiectural Overview of the Open S...OpenStack Korea Community
 
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'OpenStack Korea Community
 
Private cloud networking_cloudstack_days_austin
Private cloud networking_cloudstack_days_austinPrivate cloud networking_cloudstack_days_austin
Private cloud networking_cloudstack_days_austinChiradeep Vittal
 
NetScaler and advanced networking in cloudstack
NetScaler and advanced networking in cloudstackNetScaler and advanced networking in cloudstack
NetScaler and advanced networking in cloudstackDeepak Garg
 

Ähnlich wie CloudStack Networking Overview - Jan 28, 2014 (20)

CloudKC: Evolution of Network Virtualization
CloudKC: Evolution of Network VirtualizationCloudKC: Evolution of Network Virtualization
CloudKC: Evolution of Network Virtualization
 
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
 
OpenNebula Networking - Rubén S. Montero
OpenNebula Networking - Rubén S. MonteroOpenNebula Networking - Rubén S. Montero
OpenNebula Networking - Rubén S. Montero
 
OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. Montero
OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. MonteroOpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. Montero
OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. Montero
 
Network and Service Virtualization tutorial at ONUG Spring 2015
Network and Service Virtualization tutorial at ONUG Spring 2015Network and Service Virtualization tutorial at ONUG Spring 2015
Network and Service Virtualization tutorial at ONUG Spring 2015
 
SDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingSDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center Networking
 
Network Virtualization & Software-defined Networking
Network Virtualization & Software-defined NetworkingNetwork Virtualization & Software-defined Networking
Network Virtualization & Software-defined Networking
 
VMworld 2013: Virtualized Network Services Model with VMware NSX
VMworld 2013: Virtualized Network Services Model with VMware NSX VMworld 2013: Virtualized Network Services Model with VMware NSX
VMworld 2013: Virtualized Network Services Model with VMware NSX
 
Understanding network and service virtualization
Understanding network and service virtualizationUnderstanding network and service virtualization
Understanding network and service virtualization
 
Tech Talk by John Casey (CTO) CPLANE_NETWORKS : High Performance OpenStack Ne...
Tech Talk by John Casey (CTO) CPLANE_NETWORKS : High Performance OpenStack Ne...Tech Talk by John Casey (CTO) CPLANE_NETWORKS : High Performance OpenStack Ne...
Tech Talk by John Casey (CTO) CPLANE_NETWORKS : High Performance OpenStack Ne...
 
OpenStack Networking and Automation
OpenStack Networking and AutomationOpenStack Networking and Automation
OpenStack Networking and Automation
 
CloudStack Networking Deepdive CCCEU13
CloudStack Networking Deepdive CCCEU13CloudStack Networking Deepdive CCCEU13
CloudStack Networking Deepdive CCCEU13
 
PLNOG 13: Nicolai van der Smagt: SDN
PLNOG 13: Nicolai van der Smagt: SDNPLNOG 13: Nicolai van der Smagt: SDN
PLNOG 13: Nicolai van der Smagt: SDN
 
Opencontrail network virtualization
Opencontrail network virtualizationOpencontrail network virtualization
Opencontrail network virtualization
 
From Nova-Network to Neutron and Beyond: A Look at OpenStack Networking
From Nova-Network to Neutron and Beyond: A Look at OpenStack NetworkingFrom Nova-Network to Neutron and Beyond: A Look at OpenStack Networking
From Nova-Network to Neutron and Beyond: A Look at OpenStack Networking
 
Midokura OpenStack Meetup Taipei
Midokura OpenStack Meetup TaipeiMidokura OpenStack Meetup Taipei
Midokura OpenStack Meetup Taipei
 
[OpenStack Day in Korea 2015] Track 3-6 - Archiectural Overview of the Open S...
[OpenStack Day in Korea 2015] Track 3-6 - Archiectural Overview of the Open S...[OpenStack Day in Korea 2015] Track 3-6 - Archiectural Overview of the Open S...
[OpenStack Day in Korea 2015] Track 3-6 - Archiectural Overview of the Open S...
 
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
 
Private cloud networking_cloudstack_days_austin
Private cloud networking_cloudstack_days_austinPrivate cloud networking_cloudstack_days_austin
Private cloud networking_cloudstack_days_austin
 
NetScaler and advanced networking in cloudstack
NetScaler and advanced networking in cloudstackNetScaler and advanced networking in cloudstack
NetScaler and advanced networking in cloudstack
 

Kürzlich hochgeladen

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 

Kürzlich hochgeladen (20)

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 

CloudStack Networking Overview - Jan 28, 2014

  • 2. Outline ● Network models – Basic network – Advanced network ● Network Offering ● Virtual Router ● And more
  • 3. Basic Networking ● EC2 Classic-style network – L3 Isolation – Segmentation done by security group – Easy to setup and easy to scale – EIP/ELB supported ● With Netscaler devices
  • 4. Advanced Networking ● Virtual Private Cloud(VPC) supported ● L2 isolation – VLAN by default ● IP Address Management, DNS, Firewall, NAT, VPN, LB ● External hardware firewall/LB supported ● Traffic accounting ● Access control(ACL) ● Software Defined Network(SDN) ● Redundant Virtual Router support – For isolated network only
  • 5. Basic vs Advanced Networking ● Basic: – – Easier to deploy – ● L3 isolation Scalability Advanced: – L2 isolation – Feature rich
  • 6. Basic Networking Public network L2/L3 Core Switch Guest Network Pod L2 Switch Pod L2 Switch Web VM 1 Web VM 2 App VM 2 DB Master Web VM 3 App VM 1 DHCP Server VM Web VM 4 DB Slave DHCP server VM Web security group CloudStack Appliance App security group DB security group
  • 7. Isolated network Road Warrior Remote Access VPN Public network Virtual router VM VLAN 1000 Web 1 App 1 Redundant Virtual router VM Master VLAN 1001 Load Balancing Redundant Virtual router VM Backup CloudStack Appliance App 2 Web 1 Web 2 Web 3 Redundant Virtual Router Firewall, NAT, Remote Access VPN, Load balancing, Password/Userdata
  • 8. Isolated network with external devices Side-by-Side Mode Public network VLAN 1001 Juniper SRX Web 1 Netscaler Load Balancer Web 2 DHCP server VM Load Balancing Inline Mode Public network VLAN 1001 Juniper SRX Netscaler Load Balancer Web 1 Load Balancing CloudStack Appliance Web 2 DHCP server VM Firewall, NAT, Load balancing, Password/Userdata
  • 9. Virtual Private Cloud Road Warrior Web Tier: 10.1.0.1/24 VLAN 1001 Web 1 Remote Access VPN Public network 10.1.0.1/16 VPC router VM Web 2 Web 3 Public Load balancing App Tier: 10.1.1.1/24 VLAN 1000 App 1 App 2 Internal LB VM Internal Load balancing Site-to-site VPN DB Tier: 10.1.2.1/24 VLAN 1002 Remote Network Router CloudStack Appliance DB Master DB Slave ACL, NAT, Load balancing, Remote Access VPN, Site-to-Site VPN, Password/Userdata
  • 10. Virtual Private Cloud with shared network Road Warrior 10.10.10.1/24 Web Tier: 10.1.0.1/24 VLAN 1001 Web 1 Remote Access VPN Public network 10.1.0.1/16 VPC router VM Web 2 App Tier: 10.1.1.1/24 VLAN 1000 App 1 Site-to-site VPN Web 3 App 2 DB Tier: 10.1.2.1/24 VLAN 1002 Remote Network Router DB Master DB Slave Monitor VM DHCP Server VM CloudStack Appliance VLAN 1010
  • 11. Network Offering ● How would user want to define a network ● Type of the network – ● Service needed – ● External network devices e.g. Netscaler can be used for certain services Virtual Router's system offering – ● DHCP, DNS, source NAT, static NAT, port forwarding, load balancing, VPN, etc. The provider of the services – ● VPC, Isolated or Shared network CPU, memory, etc. And various capabilities: – Redundant router, in-line mode or side-by-side mode, etc.
  • 12. Virtual Router ● ● ● A key component of CloudStack networking infrastructure A CloudStack generated VM acting as DHCP server or router in the network Created/destroyed with network/VPC – Automatically shutdown if there is no active VM in the network
  • 13. Virtual Router Internal ● Based on latest Debian stable release – Debian 7 “Wheezy” at this point ● Dnsmasq: DNS, DHCP ● IPtables: firewall, ACL, NAT ● HAproxy: load balancing ● OpenSwan: VPN ● Apache HTTP server: user data, password ● Keepalived: redundant virtual router
  • 14. Virtual Router Mechanism ● All commands to VR would be executed by some scripts in the VR ● NICs: – – Control NIC – ● Public NIC Guest network NIC Configure when VR is booting up – – ● IP of the nics Default state and configuration for services Automatically update the scripts when rebooting – Through a mounted iso file(systemvm.iso)
  • 15. What's more ● IPv6 support ● SDN – ● External Network Devices – ● OpenVSwitch, Nicira NVP, MidoNet, Big Switch VNS, Juniper Contrail, etc. Netscaler, Juniper SRX, F5 Big-IP, Palo Alto Firewall, etc. More and more is coming from community