Embed Size (px)
Citation preview
OpenStack Installation and Deployment with Cisco ACI using OpFlexLTRACI-2225Rafael Muller([email protected]), Principal Services EngineerLuis Flores([email protected]), Customer Solution Architect
Cesar Obediente([email protected]), Principal Systems Engineer
http://openstack.ciscolive.com
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
OpFlex+OVS Implementation• APIC VMM Domain support for OpenStack• Endpoint statistics, health, faults in APIC
• Hypervisor local enforcement security policies• Security Groups (ML2 driver) via IP Tables• Group-Based Policies via OpenFlow in Open
vSwitch• VXLAN or VLAN integration• NAT support
• Floating IP NAT (via hypervisor host IP)• Source NAT (SNAT) for each hypervisor
• Multiple OpenStack Driver Options:• ACI native Group-Based Policy• Neutron ML2• ACI Integration Module
• Distributed services : DHCP, L3 agent and NAT
Hypervisor Integration for OpenStack
APIC
x86Hypervisor
Open vSwitch Opflex Agent
VM
APIC Driver
x86
VM VM
VLAN/VXLAN
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
• Neutron-OpFlex-agent• Receives updates from OpenStack
about new endpoints
• OpFlex agent• Runs OpFlex protocol with ACI leaf
proxy. Programs Open vSwitch via OpenFlow
• Endpoint File• located in /var/lib/opflex-agent-ovs.
Storage for host local endpoint information
• Open vSwitch• Policies pushed by OpFlex agent
OpenFlow implemented on kernel data-path.
OpFlex Agent Architecture
x86Hypervisor
Open vSwitch
OpFlexAgent
Neutron OpFlexAgent
VM VMEP File
OpenFlow
OpFlex Protocol(infra-VLAN)
Data-plane Traffic(VLAN/VXLAN)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 5Presentation ID
Cisco OpFlex Release Date OpenStack Release ACI Release
1.3 May 2016Kilo
Liberty 1.1/1.2
2.0 July 2016Kilo
Liberty 1.2/2.0
2.1 December 2016LibertyMitaka 2.0/2.1
2.2 February2017
MitakaNewton 2.1/2.2
2.3 June 2017MitakaNewton 2.3
The Lab
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Lab Agenda
APIC/ML2OpFlex
Integration
Part 2
ValidateInstall
done byPackStack
Part 1
GBPOpFlex
Integration
Part 4
OpenStackML2
Integration
Part 3
OpenStackGBP
Integration
Part 5
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Lab Manual
8
• Each POD has a unique document that is specific to your equipment.
• A built in COPY function for most of the steps assists in the process of configuring OpenStack
• This is to avoid syntax mistakes for the small amount of time the lab provides to complete
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Lab ManualMany GUI forms are presented withthe proper values as seen below!
Added visual cue’s to help you knowwhat to click on the GUI
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Connectivity dmz-rdesktop.cisco.com:3390
Microsoft RDP
USER: ECATSRTPDMZ\osuserPASS: CiscoLive2017!
Controller
USER: rootPASS: cisco.123
PUTTYChrome
USER: adminPASS: cisco.123
ACI APIChttp://10.0.226.X
USER: adminPASS: cisco.123
OpenStack Dashboardhttp://10.0.236.X
Make nochanges please
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Multiple Screens
11
Terminal Chrome
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
• Give us your feedback to be entered into a Daily Survey Drawing. A daily winner will receive a $750 gift card.
• Complete your session surveys through the Cisco Live mobile app or on www.CiscoLive.com/us.
Complete Your Online Session Evaluation
Don’t forget: Cisco Live sessions will be available for viewing on demand after the event at www.CiscoLive.com/Online.
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Continue Your Education• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• Lunch & Learn
• Meet the Engineer 1:1 meetings
• Related sessions
13Presentation ID
Thank you
