evolution of openstack networking at cern
play

Evolution of OpenStack Networking at CERN Nova Network, Neutron and - PowerPoint PPT Presentation

Jun 10, 2023 •111 likes •428 views

Evolution of OpenStack Networking at CERN Nova Network, Neutron and SDN Belmiro Moreira @belmiromoreira belmiro.moreira@cern.ch Ricardo Rocha @ahcorporto ricardo.rocha@cern.ch Fundamental Science Founded in 1954 What is 96% of the universe

  2. Evolution of OpenStack Networking at CERN Nova Network, Neutron and SDN Belmiro Moreira @belmiromoreira belmiro.moreira@cern.ch Ricardo Rocha @ahcorporto ricardo.rocha@cern.ch

  3. Fundamental Science Founded in 1954 What is 96% of the universe made of? What was the state of matter just after the Big Bang? Why isn’t there anti-matter in the universe?

  6. 6

  7. Capabilities GPU TOP CELL N Neutron CPU Pinning Huge Pages SMP Compute GPU CELL 2 Neutron ... CELL 1 Compute Configuration Nova Network Neutron vs Nova Network Scalability & Flexibility Allowed Projects ... Moving from CellsV1 to CellsV2 at CERN, Mon 21 11:35 7

  8. VN CELL NODE 1 V2 V3 V1 Hypervisors Virtual Machines V2 V3 NODE 2 V1 Order of ~10s of cells (currently 70), with ~200 hypervisors per cell ● Number of virtual machines per hypervisor varies per use case ● From 4 to 30 VMs per hypervisor ○ 8

  9. VN CELL NODE 1 V2 V3 V1 Hypervisors Virtual Machines S513-V-IP123 S513-V-VM908 V2 137.1XX.43.0/24 V3 188.1XX.191.0/24 NODE 2 ( Primary Service ) ( Secondary Service ) V1 Flat but segmented network, with multiple broadcast domains ● Scalability ○ Segmentation done on Primary Services ○ Primary Services can have multiple Secondaries ● No route if Secondary is in a different Primary ● VM IP allocation must belong to the hypervisor’s Primary ○ 9

  10. LanDB Source of Truth Primary Services Secondary Services Virtual Machines Hypervisors IPv4 IPv6 DNS Aliases Aliases IPv6 Readiness Ownership ... All devices must be present ● ● Used for different purposes ○ Security checks ○ DNS/DHCP Configuration Switch/router configuration ○ Active Directory, … ○ 10

  11. Phase 1. Phase 2. Phase 3. Nova Network Neutron SDN 11

  12. Phase 1. Nova Network Custom NetworkManager ● Late IP allocation - after scheduling to compute nodes ● Patching done directly in the Nova code ● NOVA DB NOVA COMPUTE LanDB Nova Network is being deprecated... ● Quantum is the new thing… Neutron is the new thing... ○ 12

  13. Phase 2. Neutron Linuxbridge, Flat / Provider networks ● Better integration using ML2, mechanism driver and extensions ● Quickly became possible to have it out of tree ○ Our extensions have a similar role to Neutron Segments ○ Gradual enroll, cell by cell ● Vanilla upstream packages for Neutron, much smaller patch on Nova ● More split pieces, potential points of failure ● Periodic consistency checks ○ 2 3 4b 1 NOVA COMPUTE Neutron LanDB 4a https://gitlab.cern.ch/cloud-infrastructure/openstack-neutron-cern 13

  14. Phase 2. Neutron Subnet Cluster Which subnets belong to this cluster? neutron cluster-list +--------+----------------------+-------------------------------------------------------+ | id | name | subnets | +--------+----------------------+-------------------------------------------------------+ | ... | VMPOOL SXXXX-C-IPZZZ | ... 188.xxx.yy.zz/22 | | ... | VMPOOL SBBBB-C-IPWWW | ... 137.aaa.bb.ccc/25 | | | | ... 137.bbb.cc.0/25 | | | | ... 137.bbb.dd.0/25 | +--------+----------------------+-------------------------------------------------------+ 14

  15. Phase 2. Neutron Host Restrictions Which subnets can i use for this hypervisor? neutron host p06253927y321a1 +----------------------------+--------------------------------------+ | Field | Value | +----------------------------+--------------------------------------+ | all_subnets | 4ca09148-32b5-4da4-95f9-35e83e2e1984 | | available_random_subnet | 4ca09148-32b5-4da4-95f9-35e83e2e1984 | | available_subnets | 4ca09148-32b5-4da4-95f9-35e83e2e1984 | | least_available_subnet | 4ca09148-32b5-4da4-95f9-35e83e2e1984 | | most_available_subnet | 4ca09148-32b5-4da4-95f9-35e83e2e1984 | +----------------------------+--------------------------------------+ 15

  16. Phase 2. Neutron Single control plane, no partitioning (as with Nova cells) ● Scaling RabbitMQ wasis a challenge 3 Virtual Machines < 1000 Nodes →5x 64GB Virtual Machines ~default rabbit configuration ~default neutron configuration ~looking ok(ish) 16

  17. Phase 2. Neutron Single control plane, no partitioning (as with Nova cells) ● Scaling RabbitMQ wasis a challenge Cluster crashes once, crashes constantly 1200 Nodes Cannot allocate 1318267840 bytes of memory (of type "heap"). Statistics db issues → collect_statistics_interval = 60000 Agents (too) aggressively trying to reconnect → rabbit_retry_backoff = 60 Agents not re-connecting properly → restart neutron servers Scale up Rabbit nodes, larger VMs 17

  18. Phase 2. Neutron Single control plane, no partitioning (as with Nova cells) ● Scaling RabbitMQ wasis a challenge Cluster crashes periodically 2000 Nodes Lots of queued messages, until it goes ( neutron server ) →rpc_thread_pool_size = 2048 →rpc_conn_pool_size = 60 →rpc_response_timeout = 120 →rpc_workers = 4 ( rabbit ) →tcp_backlog: 4096 →tcp_listen_options { reuseaddr: true, keepalive, true } →tcp_keepalive = true →rabbitmq_server_erl_args = '+K +A128 +P 1048576' →vm_memory_high_watermark = 0.8 →ulimits (65536 for nofile/nproc soft and hard) →cluster_partition_handling = autoheal 18

  19. Phase 2. Neutron Single control plane, no partitioning (as with Nova cells) ● Scaling RabbitMQ wasis a challenge Cluster crashes less, but still happens 2400 Nodes Lots of queued messages, until it goes ( rabbit virtual machines ) →ip link set %k txqueuelength 10000 ( neutron agent ) →report_interval=43200 ( neutron server ) →agent_downtime=86500 Other Considerations ( not done, not helpful ) →increase rpc_state_report_workers →heartbeat timeouts on the rabbit cluster 19

  20. Phase 2. Neutron Single control plane, no partitioning (as with Nova cells) ● Scaling RabbitMQ wasis a challenge Stable cluster ~5000 Nodes →5x 64GB Virtual Machines Ocasional network partitions →recovering most times, but not always →procedure for a quick cluster rebuild (~10min downtime) 20

  21. Phase 2. Neutron Single control plane, no partitioning (as with Nova cells) ● Scaling RabbitMQ wasis a challenge Stable cluster ~5000 Nodes →5x 64GB Virtual Machines Ocasional network partitions →recovering most times, but not always →procedure for a quick cluster rebuild (~10min downtime) 21

  22. Phase 2. Neutron Single control plane, no partitioning (as with Nova cells) ● Scaling RabbitMQ wasis a challenge ~5000 Nodes 22

  23. Phase 2. Neutron Migrating existing cells from Nova Network https://gitlab.cern.ch/cloud-infrastructure/python-neutronclient-cern Puppet for reconfiguration ● Custom command for the live VM changes ● $ openstack network cluster migrate --dry-run --host p06146676a327ab $ openstack network cluster migrate --host p06146676a327ab $ openstack network cluster migrate --cluster ‘VMPOOL SXXXX-C-IPZZZ’ for instance in instances: commands.extend([ ip = instance.addresses['CERN_NETWORK'][0] "brctl delif %s %s " % (NOVA_BRIDGE, raw_device), mac = ip['OS-EXT-IPS-MAC:mac_addr'] "ip link set %s down" % NOVA_BRIDGE, nova_tap = nova_interfaces[mac] "ip link set %s name %s " % (NOVA_BRIDGE, CERN_NETWORK_BRIDGE), neutron_tap = nova_interfaces[mac] "brctl addif %s %s " % (CERN_NETWORK_BRIDGE, raw_device), commands.extend([ "ip link set %s up" % CERN_NETWORK_BRIDGE, "brctl delif %s %s " % (NOVA_BRIDGE, nova_tap), "ip route add default via %s dev %s " % (gw, CERN_NETWORK_BRIDGE), "ip link set %s name %s " % (nova_tap, neutron_tap), ]) ]) 23

  24. Phase 3. SDN Current network deployment has significant limitations ● Limited IP Mobility ● Segmented broadcast domains ○ Live migration limited to single cluster ○ Ad-hoc tunnels for hardware retirement campaigns ○ Hardware Repurposing ● Multiple network domains (General, Services, …) ○ Services dedicated to a single domain ○ No Floating IPs ● No Tenant/Private Networks ● 24

  25. Phase 3. SDN Small prototype setups to evaluate functionality ● Neutron/OpenVSwitch OpenDaylight OVN DHCP Neutron Neutron/Built-in Built-in Floating IPs Yes Yes Yes Distributed Routing Only with DVR Yes Yes Tunneling Protocols vxlan / GRE / geneve vxlan / GRE / geneve vxlan / geneve Security Groups IPTables OpenFlow Native OpenFlow Native + Logging Load Balancing Octavia Octavia Octavia / OVN Native Acceleration Limited DPDK DPDK DPDK Tracing tcpdump tcpdump ovn-trace Physical Switch Integr. L2 / L3 L2 / L3 L2 / L3 25

  26. Phase 3. SDN In the end we picked OpenContrail / Tungsten ● 26

  27. Phase 3. SDN In the end we picked OpenContrail / Tungsten ● CONTROLLER OPENSTACK CONTROLLER NETCONF/EVPN OVSDB XMPP BGP VROUTER HYPERVISOR PHYSICAL PHYSICAL HYPERVISOR VXLAN MPLSoUDP/GRE WAN GATEWAY 27

Recommend

CERN OpenStack Cloud Control Plane *From VMs to K8s* OpenStack Summit - Shanghai 2019 Belmiro

CERN OpenStack Cloud Control Plane *From VMs to K8s* OpenStack Summit - Shanghai 2019 Belmiro

CERN OpenStack Cloud Control Plane *From VMs to K8s* OpenStack Summit - Shanghai 2019 Belmiro Moreira - @belmiromoreira Spyridon Trigazis - @strigazi CERN - Large Hadron Collider (LHC) CERN - Large Hadron Collider (LHC) CERN: Compact Muon

697 views • 35 slides
Brings OpenStack networking and storage to containers Kubernetes Neutron Networking

Brings OpenStack networking and storage to containers Kubernetes Neutron Networking

Brings OpenStack networking and storage to containers Kubernetes Neutron Networking Native OpenStack infrastructure for mixed workloads spec: podSelector: matchLabels: role: db policyTypes: -

773 views • 8 slides
Deep D Dive ve i into t the C CERN C N Cloud I Infrastruct cture Openstack D Design S

Deep D Dive ve i into t the C CERN C N Cloud I Infrastruct cture Openstack D Design S

Deep D Dive ve i into t the C CERN C N Cloud I Infrastruct cture Openstack D Design S Summi mmit Ho Hong K Kong, 2 2013 Belmiro Moreira belmiro.moreira@cern.ch @belmiromoreira What i is C CERN? N? Conseil Europen

490 views • 48 slides
OpenStack Networking Project Update, OpenStack Summit Sydney Miguel Lavalle, IRC mlavalle

OpenStack Networking Project Update, OpenStack Summit Sydney Miguel Lavalle, IRC mlavalle

November 2017 OpenStack Networking Project Update, OpenStack Summit Sydney Miguel Lavalle, IRC mlavalle Armando Migliaccio, IRC armax Miguel Lavalle Armando Migliaccio Huawei SUSE Q Neutron PTL M-N-O Neutron PTL What is OpenStack

378 views • 18 slides
OpenStack and OVN Whats New with OVS 2.7 OpenStack Summit -- Boston 2017 Russell Bryant

OpenStack and OVN Whats New with OVS 2.7 OpenStack Summit -- Boston 2017 Russell Bryant

OpenStack and OVN Whats New with OVS 2.7 OpenStack Summit -- Boston 2017 Russell Bryant (@russellbryant) Justin Pettit (@Justin_D_Pettit) Ben Pfaff (@Ben_Pfaff) Virtual Networking Overview Provides a logical network abstraction on top of a

660 views • 26 slides
CF Computing Facilities CERN Computer Facilities Evolution Wayne Salter / Vincent Dor HEPiX

CF Computing Facilities CERN Computer Facilities Evolution Wayne Salter / Vincent Dor HEPiX

CF Computing Facilities CERN Computer Facilities Evolution Wayne Salter / Vincent Dor HEPiX October 2011 CERN IT Department CH-1211 Geneva 23 Switzerland www.cern.ch/i t CF Overview Reminder of the various evolution projects

666 views • 39 slides
networking-odl Syncing OpenDaylight with OpenStack Neutron Isaku Yamahata OpenDaylight Developer

networking-odl Syncing OpenDaylight with OpenStack Neutron Isaku Yamahata OpenDaylight Developer

networking-odl Syncing OpenDaylight with OpenStack Neutron Isaku Yamahata OpenDaylight Developer Design Forum Feb 29, 2016 This session goal To socialise whats happening in openstack side to OpenDaylight community whats coming,

307 views • 18 slides
Topics Why SDN? What is SDN? SDN in OpenStack and K8s Overview of SDN controllers

Topics Why SDN? What is SDN? SDN in OpenStack and K8s Overview of SDN controllers

Topics Why SDN? What is SDN? SDN in OpenStack and K8s Overview of SDN controllers Why SDN? Limitations of Traditional Networking Traditional networking It's hardware centric! Closed systems Vendor specific software

787 views • 54 slides
CERN and Science Clouds in Europe with TOSCA, OpenStack Heat and the Heat Translator Matt

CERN and Science Clouds in Europe with TOSCA, OpenStack Heat and the Heat Translator Matt

CERN and Science Clouds in Europe with TOSCA, OpenStack Heat and the Heat Translator Matt Rutkowski Mathieu Velten Sahdev Zala Ricardo Rocha Brad Topol mrutkows@us.ibm.com mathieu.velten@cern.ch spzala@us.ibm.com Ricardo.Rocha@cern.ch

570 views • 25 slides
Ideas for evolution of replication technology @ CERN Openlab Minor Review December 14 th , 2010

Ideas for evolution of replication technology @ CERN Openlab Minor Review December 14 th , 2010

Ideas for evolution of replication technology @ CERN Openlab Minor Review December 14 th , 2010 Zbigniew Baranowski, IT-DB CERN IT Department CH-1211 Geneva 23 Switzerland www.cern.ch/ i t Outline Replication use cases at CERN

321 views • 30 slides
Docker Networking Workshop Agenda 1. Detailed Overview 2. Docker Networking Evolution 3. Use

Docker Networking Workshop Agenda 1. Detailed Overview 2. Docker Networking Evolution 3. Use

Docker Networking Workshop Agenda 1. Detailed Overview 2. Docker Networking Evolution 3. Use Cases Single-host networking with the Bridge driver Multi-host networking with the Overlay driver Connecting to existing VLANs with the

1.32k views • 93 slides
Practical OVN: Architecture, Deployment, and Scale of OpenStack Networking Justin Pettit

Practical OVN: Architecture, Deployment, and Scale of OpenStack Networking Justin Pettit

Practical OVN: Architecture, Deployment, and Scale of OpenStack Networking Justin Pettit (@Justin_D_Pettit) Ben Pfaff (@Ben_Pfaff) Han Zhou (@zhouhanok) Ryan Moats (@regxboi) The Case for Network Virtualization Network provisioning needs

787 views • 33 slides
Facility-based Clouds using OpenStack John Hover, Xin Zhao OSG All-Hands Meeting 2013

Facility-based Clouds using OpenStack John Hover, Xin Zhao OSG All-Hands Meeting 2013

Facility-based Clouds using OpenStack John Hover, Xin Zhao OSG All-Hands Meeting 2013 Indianapolis, Indiana John Hover 13 Mar 2013 1 Outline Rationale/Benefits Limitations Openstack Overview Components Networking BNL Openstack

486 views • 19 slides
What is OpenStack ? Hello! I am Thierry Carrez I work for the OpenStack Foundation. You can

What is OpenStack ? Hello! I am Thierry Carrez I work for the OpenStack Foundation. You can

What is OpenStack ? Hello! I am Thierry Carrez I work for the OpenStack Foundation. You can find me at @tcarrez on Twitter And ttx on IRC No, really What is OpenStack ? An open source project A common goal A coalition of

672 views • 33 slides
Scaling Up OpenStack Networking with Routed Networks Carl Baldwin, Neutron Developer, IBM Cloud

Scaling Up OpenStack Networking with Routed Networks Carl Baldwin, Neutron Developer, IBM Cloud

Scaling Up OpenStack Networking with Routed Networks Carl Baldwin, Neutron Developer, IBM Cloud @CarlNBaldwin Miguel Lavalle, Neutron Development Lead, IBM Linux Technology Center Agenda Why Routed Networks Layer 2 and layer-3

397 views • 27 slides
Get a Python job, Work on OpenStack ! about:me Release Manager for OpenStack Chair of

Get a Python job, Work on OpenStack ! about:me Release Manager for OpenStack Chair of

Get a Python job, Work on OpenStack ! about:me Release Manager for OpenStack Chair of OpenStack Technical Committee Python Software Foundation member ttx @ tcarrez @ Cloud ? Buzzword Infrastructure as a service Compute,

700 views • 28 slides
BUILD YOUR FIRST OPENSTACK APPLICATION WITH OPENSTACK PYTHONSDK VICTORIA MARTINEZ DE LA CRUZ

BUILD YOUR FIRST OPENSTACK APPLICATION WITH OPENSTACK PYTHONSDK VICTORIA MARTINEZ DE LA CRUZ

BUILD YOUR FIRST OPENSTACK APPLICATION WITH OPENSTACK PYTHONSDK VICTORIA MARTINEZ DE LA CRUZ SOFTWARE ENGINEER AT RED HAT CO-FOUNDER LINUXCHIX ARGENTINA WHAT IS OPENSTACK? BRIEF OVERVIEW OPENSTACK OVERVIEW IAAS... AND MORE! + RUNNING

548 views • 36 slides
LHCONE status and future Alice workshop Tsukuba, 7 th March 2014 Edoardo.Martelli@cern.ch CERN

LHCONE status and future Alice workshop Tsukuba, 7 th March 2014 Edoardo.Martelli@cern.ch CERN

LHCONE status and future Alice workshop Tsukuba, 7 th March 2014 Edoardo.Martelli@cern.ch CERN IT Department CH-1211 Genve 23 Switzerland www.cern.ch/i t 1 Summary - Networking for WLCG - LHCOPN - LHCONE - services - how to join -

703 views • 52 slides
Future of OpenStack Looking Forward to 2019 Alan.Clark@suse.com What and Why OpenStack

Future of OpenStack Looking Forward to 2019 Alan.Clark@suse.com What and Why OpenStack

Future of OpenStack Looking Forward to 2019 Alan.Clark@suse.com What and Why OpenStack OpenStack is an open source software platform for cloud computing. Mostly deployed as infrastructure-as-a-service (IaaS), whereby virtual servers and

464 views • 25 slides
Overview of the SPS LLRF upgrade Gregoire Hagmann (CERN) Mattia Rizzi (CERN) Philippe

Overview of the SPS LLRF upgrade Gregoire Hagmann (CERN) Mattia Rizzi (CERN) Philippe

Overview of the SPS LLRF upgrade Gregoire Hagmann (CERN) Mattia Rizzi (CERN) Philippe Baudrenghien (CERN) Javier Serrano (CERN) Javier Galindo (CERN, UPC) Lorenz Schmid (CERN) Wolgang Hofle (CERN) Arthur Spierer (CERN) Gerd Kotzian (CERN)

429 views • 27 slides
OpenStack Summit Primer: The Who, What, Why, and How of OpenStack Presented by Ben Silverman,

OpenStack Summit Primer: The Who, What, Why, and How of OpenStack Presented by Ben Silverman,

OpenStack Summit Primer: The Who, What, Why, and How of OpenStack Presented by Ben Silverman, Cincinnati Bell Technology Services Monday, May 13, 2019 BS DETAILS 30+ years of IT experience 6+ years experience with OpenStack Former

376 views • 36 slides
ARC LOCAL submission plugin Implementation with aCT on an on-demand openstack cluster ATLAS

ARC LOCAL submission plugin Implementation with aCT on an on-demand openstack cluster ATLAS

ARC LOCAL submission plugin Implementation with aCT on an on-demand openstack cluster ATLAS qualification task Andrej Filipcic David Cameron The broad picture Site CERN ARC Client Pulls job frontend Submitter aCT Submission interface

372 views • 25 slides
Build your own Web Portal using OpenStack APIs and Services OpenStack Summit in Austin 2016

Build your own Web Portal using OpenStack APIs and Services OpenStack Summit in Austin 2016

Build your own Web Portal using OpenStack APIs and Services OpenStack Summit in Austin 2016 April 27, 2016 IBM Japan Systems Engineering Co.,Ltd. Machi Hoshino OpenStack Summit in Austin 2016 Outline Introduction What is OpenStack

685 views • 42 slides
High Performance Networking for Wide Area Data Grids Brian L. Tierney (bltierney@lbl.gov) Data

High Performance Networking for Wide Area Data Grids Brian L. Tierney (bltierney@lbl.gov) Data

High Performance Networking for Wide Area Data Grids Brian L. Tierney (bltierney@lbl.gov) Data Intensive Distributed Computing Group Lawrence Berkeley National Laboratory and CERN IT/PDP/TE CERN IT Seminar Overview The Problem

465 views • 27 slides

More recommend