Embed Size (px)
Citation preview
OpenStackでのダウンタイム・ゼロへの挑戦 OpenStack NeutronのHAとは
Rossella Sblendido Software Engineer
SUSE
Ryo Murakawa Evangelist
Novell Japan
2
What is SUSE® OpenStack Cloud?
SUSE will change the name from SUSE Cloud to SUSE OpenStack Cloud as same as the release of next version OpenStack product.
SUSE OpenStack Cloud 5
Before, we called our product SUSE Cloud.
Name Based OpenStack
SUSE Cloud 2 Grizzly
SUSE Cloud 3 Havana
SUSE Cloud 4 Icehouse
3
OpenStack Distribution
Billling
VM Mgmt Image Tool
Portal
App Monitor Sec & Perf
Cloud
Management
Orchestration
(Heat)
Dashboard
(Horizon)
Cloud APIs
(OpenStack and
EC2)
Required
Services
Message Q
Database
Identity
(Keystone)
Images
(Glance)
Hypervisor
Compute
(Nova)
Operating System
Physical Infrastructure: x86-64, Switches, Storage
OpenStack Icehouse Management Tools OS and Hypervisor
Object
(Swift) Network
(Neutron)
Adapters Adapters
Telemetry
(Ceilometer)
Ins
tall
Fra
me
wo
rk
Physical Infrastructure
Block
(Cinder)
SUSE Cloud Adds
Required
Services
RabbitMQ
Postgresql
Ins
tall
Fra
me
wo
rk
(Cro
wb
ar,
Che
f, T
FT
P,D
NS
,
DH
CP
) SUSE® OpenStack Cloud
4
SUSE® OpenStack Cloud Feature
Crowbar based Installation Framework
5
Days
Parameters
Components
>1400 11 2
Deploying OpenStack Manually
6
Hours
Parameters
Components
>1400 11 2
Deploying OpenSack with SUSE OpenStack Cloud
7
Multi Hyper Visor Support
Supported Hyper Visor
KVM
Xen
vSphere
Hyper-V
8
High Availability for Control Node
High Availability for Control Node
OpenStack Component High Availability type
Data Base Active/Standby
Messaging Service Active/Standby
Keystone Active/Active
Glance Active/Active
Cinder Active/Active
Neutron Active/Active
Nova-Service Active/Active
Horizon Active/Active
Ceilometer Active/Active
High Availability in Neutron
10
What's Neutron?
• Neutron is an OpenStack project to provide
“networking as a service” between interface devices
(e.g., vNICs) managed by other Openstack services
(e.g., nova)
• provides a powerful API to define the network
connectivity
11
Neutron abstractions
• Network: L2 broadcast domain
• Subnet: a block of v4 or v6 IP addresses and
associated configuration state.
• Port: a connection point for attaching a single device,
such as the NIC of a virtual server, to a virtual network.
Also describes the associated network configuration,
such as the MAC and IP addresses to be used on that
port.
• Router: interconnects networks
12
Modular architecture
• Plugin: custom back-end implementation of the Networking API
• Neutron-server: exposes the API
• Several agents (L2, L3, DHCP, Metadata, etc)
13
Plugin
• Monolithic plugin (direct control of core resources)
• ML2 • Modular, delegates calls to proper drivers
• Two kind of drives: • Type drivers (support specific network type)
• Mechanism drivers (ensure the information established by the TypeDriver is
properly applied)
• 2 default implementations: OpenVSwitch and LinuxBridge
14
Different kind of nodes
15
L2 Agent
• Runs on hypervisor
• Configure the local vswitch
• Communicates with the server over RPC
• Wires new devices
• Security Group Rules
16
L3 Agent
• Provides L3/NAT
• Runs network node
• Uses namespaces
• External network access
17
DHCP agent
• Provides DHCP services
• Communication over RPC
• Isolation through namespaces
• dnsmasq
18
Metadata Agent
• Proxies Metadata requests to Nova
• Routed Networks • Process embedded in router
• Non-routed Networks • Static routes redirect traffic running in the DHCP namespace
High Availability
20
What HA means
• Minimize two things:
• System downtime — occurs when a user-facing
service is unavailable beyond a specified maximum
amount of time
• Data loss — accidental deletion or destruction of data
21
Stateless vs. Stateful services
• A stateless service is one that provides a response
after your request, and then requires no further
attention
• A stateful service is one where subsequent requests to
the service depend on the results of the first request
22
Active/passive Active/active
• Active/passive (one instance is only receiving
notification but not processing requests):
• Active/active: there's a backup but both the main and
redundant systems run concurrently
How to make Neutron HA
24
How to make Neutron HA
• L2 agent runs on every compute node, no need of HA
• Neutron server, DHCP and L3 agent need HA
25
HA Neutron server
• It's stateless
26
HA DHCP agent
• OpenStack Networking service has a scheduler that lets you
run multiple agents across nodes.
• The DHCP agent can be natively highly available.
27
HA L3 agent
• It is scalable thanks to the scheduler that allows
distribution of virtual routers across multiple nodes.
• But no native HA, routers need to be migrated if a L3
agent fails
28
L3 agent fails...
29
HA upstream solutions
• VRRP (Virtual Router Redundancy Protocol)
• DVR (Distributed Virtual Router)
30
VRRP
31
Without DVR
32
With DVR
Real world example
34
Neutron configuration - Real world
scenario • SUSE Cloud 4 (Icehouse) and tests for Cloud 5 (Juno)
• ML2, OVS with VLAN or LinuxBridge (multi-hypervisor
support)
• HA!
35
L3 Agent HA
• Active/active
• Migration tools that monitors the agents • Migrates routers from dead agents to alive ones
• Replicates networks to all DHCP agents running
36
Network cluster
37
Failure...
38
Failover
Thank you.
If you have questions...come to our booth!
Unpublished Work of SUSE. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary and trade secret information of SUSE.
Access to this work is restricted to SUSE employees who have a need to know to perform tasks within the scope of their assignments. No part of
this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, col lected, or adapted
without the prior written consent of SUSE.
Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to
deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. SUSE makes no representations or
warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness
for any particular purpose. The development, release, and timing of features or functionality described for SUSE products remains at the sole
discretion of SUSE. Further, SUSE reserves the right to revise this document and to make changes to its content, at any time, without obligation to
notify any person or entity of such revisions or changes. All SUSE marks referenced in this presentation are trademarks or registered trademarks
of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.
