"Networking Quality of Service was introduced in Neutron in the Liberty cycle, the initial work included API additions and implementation of an extendable mechanism. The thought was to be able to accommodate all the crazy ideas network engineers have. We started with basic bandwidth limiting rule and then enhanced the mechanism to support upgrades, RBAC (Role Based Access Control), DSCP marking and more In this session we would cover the the work that was done for supporting Networking QoS in Neutron as well as the near future plans in this domain."

1. Networking QoS,
Liberty, Mitaka and Newton
Livnat Peer,
Senior Engineering Manager,
Red Hat
June, 2016

2. QoS
● No industry standard
○ Multiple ways to express bandwidth guarantees
■ OVS - min, max
■ Linux tc - rate, crate, burst, cburst

3. The Noisy Neighbor Problem
add image

4. Sprint in Red Hat’s TLV office - July 2015

5. QoS Model
Network
QoSPolicy A
Rule 1
Rule 2
Rule 3
….
QoSPolicy B
Rule 1
Rule 2
….

6. QoS Model
Network
QoSPolicy A
Rule 1
Rule 2
Rule 3
….
QoSPolicy B
Rule 1
Rule 2
….

7. QoS Model
Network
QoSPolicy A
Rule 1
Rule 2
Rule 3
….
QoSPolicy B
Rule 1
Rule 2
….

8. QoS - Usage
# neutron qos-policy-create ‘platinum’
--description ‘platinum QoS - charge a lot of $$’
# neutron port-update <port id> --qos-policy ‘platinum’
# neutron net-update <net name> --qos-policy ‘platinum’
# neutron qos-bandwidth-limit-rule-create
--max-kbps 3000
--max-burst-kbps 300
platinum

9. ● Bandwidth Limit Rule
○ Liberty: OVS (ovs-vsctl) SR-IOV (ip link), Mitaka: Linux Bridge (tc)
Rule Types
# neutron qos-bandwidth-limit-rule-create <policy name>
--max-kbps 3000
--max-burst-kbps 300

10. ● DSCP Marking Rule
○ value: even number between 0 and 56, except 2-6, 42, 44, and 50-54
● Bandwidth Limit Rule
○ Liberty: OVS (ovs-vsctl) SR-IOV (ip link), Mitaka: Linux Bridge (tc)
Rule Types
# neutron qos-bandwidth-limit-rule-create <policy name>
--max-kbps 3000
--max-burst-kbps 300
# neutron qos-dscp-marking-limit-rule-create <policy name>
--dscp_mark <value>

11. ● DSCP Marking Rule
○ value: even number between 0 and 56, except 2-6, 42, 44, and 50-54
● Bandwidth Limit Rule
○ Liberty: OVS (ovs-vsctl) SR-IOV (ip link), Mitaka: Linux Bridge (tc)
Rule Types
# neutron qos-bandwidth-limit-rule-create <policy name>
--max-kbps 3000
--max-burst-kbps 300
# neutron qos-dscp-marking-limit-rule-create <policy name>
--dscp_mark <value>
● There is an option to see all supported Rule types
# Neutron qos-available-rule-types

12. Policy propagation
● Changes to the Policy immediately propagate to the ports

13. Policy propagation
● Changes to the Policy immediately propagate to the ports
Attach a policy to a
port

14. Policy propagation
Update Policy

15. Role Based Access Control (RBAC)
● QoS permission model (Liberty)
○ By default only cloud admin can create a QoS policy
○ Shared QoS policy
○ The default behaviour managed in policy.json file
● RBAC mechanism - introduced in Liberty
○ A policy framework that allows both operators and users to grant access to resources for
specific projects
○ The generic mechanism was added in Liberty with ‘Network’ as the first resource
supporting this mechanism

16. QoS Policy - RBAC Support
Support was added in Mitaka
# neutron rbac-create --target-tenant <tenant-uuid>
--action access_as_shared
--type qos-policy
<qos-policy-uuid>
# neutron qos-policy-create secret_policy

17. What’s
Next?

18. Future - Min Bandwidth guarantee
● Seems like a simple change
● Challenges
○ Support ‘borrowing’
○ Requires influencing VM placements
# neutron qos-bandwidth-limit-rule-create <policy name>
--max-kbps 3000 --max-burst-kbps 300
--min-kbps 1000

19. Min Bandwidth guarantee
● Seems like a simple change
● Challenges
○ Support ‘borrowing’
○ Requires influencing VM placements
# neutron qos-bandwidth-limit-rule-create <policy name>
--max-kbps 3000 --max-burst-kbps 300
--min-kbps 1000
comp1
10G
each
comp2

20. Min Bandwidth guarantee
● Seems like a simple change
● Challenges
○ Support ‘borrowing’
○ Requires influencing VM placements
# neutron qos-bandwidth-limit-rule-create <policy name>
--max-kbps 3000 --max-burst-kbps 300
--min-kbps 1000
comp1
10G
each
VM
1
comp2
min=7G

21. Min Bandwidth guarantee
● Seems like a simple change
● Challenges
○ Support ‘borrowing’
○ Requires influencing VM placements
# neutron qos-bandwidth-limit-rule-create <policy name>
--max-kbps 3000 --max-burst-kbps 300
--min-kbps 1000
comp1
10G
each
VM
1
comp2
min=7G

22. Min Bandwidth guarantee
● Seems like a simple change
● Challenges
○ Support ‘borrowing’
○ Requires influencing VM placements
# neutron qos-bandwidth-limit-rule-create <policy name>
--max-kbps 3000 --max-burst-kbps 300
--min-kbps 1000
comp1
10G
eachcomp2
VM
1
min=7G

23. Min Bandwidth guarantee
● Seems like a simple change
● Challenges
○ Support ‘borrowing’
○ Requires influencing VM placements
# neutron qos-bandwidth-limit-rule-create <policy name>
--max-kbps 3000 --max-burst-kbps 300
--min-kbps 1000
comp1
10G
each
VM
2
comp2
min=5G
VM
1
min=7G

24. Min Bandwidth guarantee
● Seems like a simple change
● Challenges
○ Support ‘borrowing’
○ Requires influencing VM placements
# neutron qos-bandwidth-limit-rule-create <policy name>
--max-kbps 3000 --max-burst-kbps 300
--min-kbps 1000
comp1
10G
each
VM
2
comp2
min=5G
VM
1
min=7G

25. Min Bandwidth guarantee
● Seems like a simple change
● Challenges
○ Support ‘borrowing’
○ Requires influencing VM placements
# neutron qos-bandwidth-limit-rule-create <policy name>
--max-kbps 3000 --max-burst-kbps 300
--min-kbps 1000
comp1 comp2
VM
1
VM
2
min=7G min=5G
10G
each

26. Min Bandwidth guarantee
● Nova scheduler
○ Resource Provider Framework =>
○ Bandwidth modeled as a resource
○ Reported to Nova generic resource pool API
resource-classes
resource-providers
compute-node-inventory
resource-providers-allocations

27. Traffic Classification
● Traffic classifiers
○ Apply rules to specific traffic flows
○ Use cases: Prioritize certain traffic, like control, realtime data, etc.
● Optional model
Policy
Rule Rule Rule
Traffic
Classifie
Traffic
Classifier
SSH HTTP

28. Additional Future Work
● Default policy per Tenant
● Shaping incoming traffic
● QoS VLAN 802.1p Support
● Many other ideas and requests - https://bugs.launchpad.
net/neutron/+bugs?field.tag=qos

29. Thank You

30. Resources
● Neutron QoS API Extension - Neutron spec
● Ajo’s Blog - Neutron Quality of Service coding sprint
● DSCP Marking - Neutron spec
● Add Classifier Resource - Neutron spec
● User Guide for QoS
● The noisy neighbor problem
● RBAC policy - OpenStack Manual Documentation

31. Resources
● Nova Resource Providers Framework
○ https://review.openstack.org/#/c/253187/14
○ https://review.openstack.org/#/c/271779/4/specs/newton/approved/resource-providers-
allocations.rst
○ https://review.openstack.org/#/c/225546/10/specs/mitaka/approved/resource-providers.rst
○ https://review.openstack.org/#/q/topic:bp/generic-resource-pools

32. QoS in Neutron - Liberty
● Adding generic infrastructure that would be
extensible for additional use cases
● Scope
○ Traffic within the hypervisor
○ Only traffic that leaves the VM (VM-egress)
○ No integration with Nova scheduler