How the Quantum network service in OpenStack realizes the potential for true virtual data centers

1. Building Multi-Tenant
Virtual Data Centers
with Quantum
Lew Tucker
VP/CTO Cloud Computing
Cisco Systems, Inc.
Twitter: @lewtucker
OpenStack Design Summit and Conference – San Francisco 2012
1

2. Healthcare Government
HYBRID
Individuals PUBLIC PRIVATE Business
Media Others
2

3. VM VM
Public IP Address
Private IP Address
VM
VM
VM
VM
VM
VM This is
VM Great!
Cloud Provider
Internet
My
Startup
3

4. VM VM
VM
VM
VM
VM
VM
Uh, which is
VM
VM MY cloud?
Cloud Provider
Internet
My
Startup
4

5. Acme
Pepsi Coke
Shazam!
Cloud Provider
Internet
My
Startup
5

6. 6

7. Provider Provider
Carrier
A B
Shazam! Shazam!
(west) (east)
My
Startup
7

8. Provider Provider
Carrier
A B
Shazam! Shazam!
(west) (east)
Shazam!
My Data Center
8

9. 9

10. • Physical Plant
• Power
• Cooling
• Isolation
• Lot’s of Servers
• Lot’s of Storage
• Lot’s of Cables, Networks
• Lot’s of complexity
10

11. Technologies Used in the Data Center
Application Virtual Storage IP NGN
VSwitch Compute Access Aggregation Core Peering
Software Machine and SAN Backbone
App
App
OS
App
OS
OS
Virtual Device
Contexts
Fabric-Hosted
Internet
App
App
Storage Firewall Virtual Device
App
OS
OS
Virtualization Services Contexts
OS
Storage Media Secure
App
App Encryption Domain
App
OS
OS
Routing
OS
IP NGN
Service
Profiles
Port Profiles
Virtual and VN-Link
Machine Global Site Line-Rate
Optimization Selection NetFlow
Fibre Channel
Forwarding Partners
Port Profiles Intrusion
and VN-Link Detection
Fabric
App Extension
App
App
OS
OS
Application
OS Control (SLB+) 10G Ethernet
10G FCoE
Service 4G FC
Control 1G Ethernet
App
VM to vSwitch
App
OS Virtual
App
OS Contexts for vSwitch to HW
OS
FW and SLB App to HW / VM
Applications VMWare Nexus 1000v MDS 9000 + UCS, MCS 7800 Nexus 5000 Nexus 7000 Nexus 7000 CRS-1 CRS-1
Xen Consolidated (or Generic w/ Nexus 2000 (w/ Cat 6500 7600 ASR 9000
Hyper-V Storage Arrays Rack or Fabric Extender as Services 6500 ASR 1000
KVM (EMC, etc.) Blade Servers) Chassis) 7600
11

12. • What do we really want in a Virtual Data Center
• Can we achieve the benefits without the complexity?
• What are the important abstractions?
• What is exposed to application developers, what is hidden?
• Specialized processor capabilities, e.g. GPUs?
• Networks, subnets, routing?
• VM Placement, Geographic location, region?
• Access to physical network services (load balancers, firewalls, etc.)?
• How can we plan for future innovation in infrastructure?
12

13. 13

14. 14

15. Objective: create what the application developer wants
Application “B”
Application “A”
App App
Web Svr Web Svr Web Svr OS OS
OS OS OS VM VM
10.0.1.0/24
VM VM VM
DataBase
OS
App Svr App Svr MemCach MemCach VM
10.0.1.0/24
OS OS OS OS
VM VM VM VM
Application “C”
DataBase DataBase App DataBase
OS OS OS OS
VM VM VM VM
10.0.0.0/24
Internet Access, Management Network
Internet
and Multi-tenant Services
VPN
Gatewa
Service Provider Network Service
y
15

16. A lot may actually need to be done when you
are ready to deploy
Application Virtual Virtual Storage Aggregation IP NGN
Compute Access Peering
Software Machine Access and SAN and Core Backbone
App 1
App
Subscriber “A”
App
OS
App
OS
Application 1 OS
Internet
App
Subscriber “B”
App
OS
App
OS
Application 1 OS
App
App 1 App
OS
Subscriber “A”
App
OS
OS
Application 2
App 2
IP NGN
Subscriber “B”
Application 2 Partners
App 2
App
App
App
OS
Services
OS
OS
Core 10G Ethernet
ACE 10G FCoE
4G FC
FW 1G Ethernet
App
App
VM to vSwitch
App App
OS
SSL vSwitch to HW
OS
OS
App to HW / VM
App
Cisco and VMWare Nexus 1000V 3rd Party SAN + Generic Nexus 5000 Nexus 7000 7600 CRS-1
Third-Party Xen Consolidated Rack or w/ Nexus 2000 (w/ Cat 6500 ASR 9000
Applications Hyper-V Storage Arrays Blade Servers Fabric Extender as Services ASR 1000
KVM Chassis) 7600
16

17. • Compute service (EC2): virtual machines
App Svr
• Specify vCPU, Memory, Disk OS
• Launch instance (image, mem_size, disk) VM
• Suspend, clone, migrate
• Storage service (S3, EBS): virtual disks
• Specify storage amount, access rights
• Store object
• Create/attach block
• What to do about networks?
17

18. 2011 Design Summit
- community-driven merger of proposals
… more
NetworkService NaaS Core Design
NetworkServicePOC NetworkContainers
Citrix/Rackspace/Ni Intel
NTT/Midokura Cisco
cira
Quantum
18

19. • Compute service (EC2): virtual machines
• Launch instance (image, mem_size, disk) App Svr
• Suspend, clone, migrate OS
VM
• Storage service (S3, EBS): virtual disks
• Store object
• Create/attach block
• Network service (Quantum): virtual networks App Svr App Svr
OS OS
• Create/delete private network VM VM
• Attach VM to network resource
• Maintain compatibility with Nova networking model
• Work with different networking environments
• Address in next release (Folsom)
• Routing
• IP address management
• Service attachment
19

20. Quantum Service API
API Extensions
• API for creating and managing virtual
networks and services
• Called by “tenants” and other
OpenStack services
Quantum Plug-in Framework
Vendor/User Plug-In
• Maps abstraction to implementation on physical network
• Makes all decisions about *how* a network is implemented
20

21. User Application
User API User API
Network
Compute Service
Service Sys API Sys API System
(Quantum)
(Nova) Admin
Plug-In
Compute
Data Center Network
Node(s)
Network Services
(vSwitch)
Data Center Mgmt
21

22. Portal
(Horizon)
Applications Other
Services
Cloud Platform - Developer API
Compute Storage Network Identity
(Keystone)
(Nova) (Swift) (Quantum)
Servers Disks Networks Images
(Glance)
Folsom Release
22

23. “Innovation above and below the line”
IaaS PaaS XaaS Auto-scaling apps
Innovation in the design of cloud-based applications
Cloud Platform – API Interface – Resource Abstractions
Compute, Storage and Networking Infrastructure
23

24. Massive Scale Applications
Cloud Platform – API Interface – Resource Abstractions
Unified computing, virtual switches,
overlay networks, and software
defined networking
KVM, Xen, ESXi, N1Kv, Open vSwitch, LISP, VXLAN, STT, OpenFlow
24

25. Application, “I would like certain resources (of type …)
certain virtual topologies, specific services”
OpenStack Quantum Service
Lower levels provision physical or virtual resources, setup
configuration, and provide information back
Network Service is very new – still lots to be done – and keep it simple
• Span multiple data centers? • Best placement of VMs?
• Network security, policies? • Quality of service?
• Notion of a network container? • SLA guarantees?
25

26. • Advantages of cloud computing
• On-demand virtualized resources, self-
service, lower cost
• Resources managed by others
• Ability to create your own isolated
private networks
• Extensible
• Challenge!! Quantum
• Easy-to-use Network Service
• Minus the complexity of the traditional
data center
• Work work with different networking
infrastructure
26

27. • Incubation during this past period (Essex)
• Voted to go into core with Folsom release
• Publicly available implementations (plugins):
• Open vSwitch, Linux Bridge, Cisco UCS/Nexus, Nicira NVP, Ryu OpenFlow
• Still quite basic – but evolving quickly
• L3 IP address management, subnets, routing, services
• Extensions mechanism for exposing new capabilities
• Stay for the following talks on Quantum
• OpenStack Quantum for Cloud Operators
• Panel on OpenStack Networking
• http://wiki.openstack.org/Quantum
27

28. Thank You