Neutron and SDN integration status analysis
I. Summary of Neutron
In general, Neutron is one of the core projects in many OpenStack projects and represents its network services.
Since its birth, Neutron has been named by nova-network and changed to quantum. Due to its conflict with the name of a company, the tunnel has changed to Neutron. On the surface, the naming changes do not imply its profound development and evolution. With plug-in, advanced network service functions, and other outstanding applications, it fully shows that it is constantly enriched, just like the name of "neutron", it shows its bright glow in the vast universe.
Next, I will use the "Beijing-xiaowu" article "SDN-based Neutron" as a clue about what Neutron is and the main functions of Neutron to add my own knowledge.
1. What is Neutron?
Network Configuration management components in the Openstack Core Project
Neutron's network services feature a L2-L7 Layer
Neutron is used to manage the network used for VM configuration.
Neutron has many SDN controllers as ML2 Plugin and ML3 Plugin (Note: ONOS is under Planning)
2. Main Functions of Neutron
1) ML2 Functions
ML2 functions include Port, Subnet, Network, Qos, and Security Group. Linux bridge is an implementation of virtual switches, the ML2 layer uses VLAN and VXLAN (the L3 layer is used to expand the channel technology of the ML2 layer) to achieve physical isolation.
The ML2 layer is implemented by a vswitch. Vswitches have the following:
L Linux bridge, which is based on the Linux kernel. A bridge represents a vswitch, such as a common br-int in OpenStack.
L OpenvSwitch (OVS): OVS has two modes: one is used as a common virtual switch, and the other is used as an SDN switch in collaboration with the OpenFlow controller.
L some SDN implementations based on Overlay Technology, such as VXLAN.
L some non-open-source commercial switches.
Shows the ML2-layer Drivers implemented by Neutron (Liberty code ).
Linuxbridge implements the Linux kernel bridge, and openvswitch driver implements the openvswitch bridge. hyperv driver is used to interact with Microsoft's Hyper-V virtualization product, brocade drivers are used to interact with brocade's SDN products. Others are similar. Ml2 is a general, core, and basic plug-in. These L2 plug-ins are mainly divided into the plugin part of the database and the agent part running on the computing node. In Neutron, ML2 is its Core Plugin. For more information, see the Neutron/setup. cfg configuration file. The Code is as follows:
Neutron. core_plugins =
Bigswitch = neutron. plugins. bigswitch. plugin: NeutronRestProxyV2
Brocade = neutron. plugins. brocade. NeutronPlugin: BrocadePluginV2
Ml2 = neutron. plugins. ml2.plugin: Ml2Plugin
Nuage = neutron. plugins. nuage. plugin: NuagePlugin
Because the code of ML2 plugin has many similarities, it uses syntax such as the import and decorator between modules. ml2 can be understood as a public plugin. Each plug-in basically implements several topologies, such as FLAT, local, VLAN, VXLAN, and GRE. For more information, see the Neutron/setup. cfg (neutron. ml2.type _ drivers) configuration file. The Code is as follows:
Neutron. ml2.type _ drivers =
Flat = neutron. plugins. ml2.drivers. type_flat: FlatTypeDriver
Local = neutron. plugins. ml2.drivers. type_local: LocalTypeDriver
Vlan = neutron. plugins. ml2.drivers. type_vlan: VlanTypeDriver
Geneve = neutron. plugins. ml2.drivers. type_geneve: GeneveTypeDriver
Gre = neutron. plugins. ml2.drivers. type_gre: GreTypeDriver
Vxlan = neutron. plugins. ml2.drivers. type_vxlan: VxlanTypeDriver
2) L3 Functions
L3 functions, including Router/DVR, DCHP, and other services. L3 performs static route forwarding through the ipv4 forward function, use the SNAT and DNAT rules of iptables to enable virtual machines (Floating IP) in the Intranet to access the Internet and the Internet ). Use L2 layer label technology to expand L3 MPLS (generally used on WAN routers ).
3) L4-L7 Function
L4-L7 features, including FWaas, LBaas, VPNaas, DNSaas-Designate and other services.
From the network function and the implementation of the corresponding underlying network device, the Port corresponds to the VNIC's corresponding TAP/TUN device mounted by the VM, And the Subnet is only a data set of IP address pools, the Network must correspond to the assigned Network type and the corresponding isolation domain ID. Qos functions can be implemented based on OVS, while security groups are implemented based on iptables on linux bridge.
Router on L3 is implemented through linux Namespace, Dragonflow is implemented through the stream table of OpenvSwitch, DHCP and DNS services are implemented through Dnsmasq; in the Open Source implementation solution of L4-L7 services, FWaas uses Iptables In the Router, LBaas uses Haproxy, and VPNaas uses Openswan, of course, many device manufacturers such as Juniper, Cisco, Huawei, brocade and F5 provide their own equipment and driver for L2-L7 Service implementation.
Neutron is integrated with different network devices through plugin/driver/agent (the server is used to interact with APIs of other component services). The L2-L3 in plugin is called core plugin, the L4-L7 becomes the service plugin.
The driver is the method of integrating different plug-ins in plugin, while the agent is the corresponding Driver agent deployed on the other side to control the virtual machines on the computing node.
Various plug-ins in Neutron are complicated, such as Dragonflow and OVN. The future of Neutron is to unify service plugin, leaving only Neutron's northbound API and Neutron server.
2. Integration of Neutron and SDN Controller
In the entire SDN (Controller here) and OpenStack integrated big frameworks, individuals tend to understand through layers. That is, Neutron is integrated with SDN Controller. It is understood as "Application Layer (north direction)", SDN Controller is integrated with hardware and software network devices, and "management layer (south direction )". Here we will discuss the application layer (northbound ).
In Neutron, the SDN controller (using the OpenFlow protocol) can be used to control traffic forwarding to achieve traffic load of different virtual routers (DVRs). By matching Flow Table items (Match Flow Table) to implement the Qos function of data packets according to the custom OpenFlow rules. Different application services use different stream forwarding methods, such as Normal or Flow.
Currently, the integration status of known Neutron and SDN controllers (not listed in this table for network virtualization NFV) is as follows:
Here, I will take Networking-ofagent (ryu) and neutron integration as an example to explain, other controllers are similar to this.
First, we need to know that SDN controller is integrated with Neutron ML2 Plugin in the form of mechanic ism_drivers. These codes are stored in the neutron/plugins/ml2/drivers directory, the core of integration is driver. py module.
See the Neutron/setup. cfg (neutron. ml2.mechanic _ drivers) configuration file in the neutron code portal. The format is key = value and value is the code directory. The Code is as follows:
Neutron. ml2.mechanic _ drivers =
Logger = neutron. tests. unit. plugins. ml2.drivers. Mechanic ism_logger: loggermechanic ismdriver
Test = neutron. tests. unit. plugins. ml2.drivers. Mechanic ism_test: testmechanic ismdriver
Linuxbridge = neutron. plugins. ml2.drivers. linuxbridge. mech_driver.mech_linuxbridge: LinuxbridgeMechanismDriver
Openvswitch = neutron. plugins. ml2.drivers. openvswitch. mech_driver.mech_openvswitch: openvswitchmechanic ismdriver
Hyperv = neutron. plugins. ml2.drivers. hyperv. mech_hyperv: hypervmechanic ismdriver
L2population = neutron. plugins. ml2.drivers. l2pop. mech_driver: l2populationmechanic ismdriver
Ofagent = neutron. plugins. ml2.drivers. ofagent. driver: ofagentmechanic ismdriver
Brocade = networking_brocade.vdx.ml2driver.mechanic ism_brocade: BrocadeMechanism
Brocade_fi_ni = neutron. plugins. ml2.drivers. brocade. fi_ni.mechanic ism_brocade_fi_ni: brocadefinimechanic
FslSDN = neutron. plugins. ml2.drivers. freescale. Mechanic ism_fslsdn: fslsdnmechanic ismdriver
Sriovnicswitch = neutron. plugins. ml2.drivers. mech_sriov.mech_driver.mech_driver: sriovnicswitchmechanic ismdriver
Fake_agent = neutron. tests. unit. plugins. ml2.drivers. mech_fake_agent: fakeagentmechanic ismdriver
The driver. py module code in ryu. The code is only two lines, as shown below:
From networking_ofagent.plugins.ml2.drivers import mech_ofagent
Ofagentmechanic ismdriver = mech_ofagent.ofagentmechanic ismdriver
The Code means to first import a mech_ofagent module from the source directory of the networking_ofagent project installation package (if it is integrated, you need to install and configure it yourself) for integration with Neutron, in this module, there is a base class ofagentmechanic ismdriver to complete the create, delete, add, and other operations on resources such as port, subnet, and network in Neutron ML2, or use the ofagent L2 proxy to connect to the network. The Code is as follows:
Class ofagentmechanic ismdriver (mech_agent.simpleagentmechanic ismdriverbase ):
"" Attach to networks using ofagent L2 agent.
The ofagentmechanic ismdriver integrates the ml2 plugin with
Ofagent L2 agent. Port binding with this driver requires
Ofagent agent to be running on the port's host, and that agent
To have connectivity to at least one segment of the port's
Network.
"""
Def _ init _ (self ):
Sg_enabled = securitygroups_rpc.is_firewall_enabled ()
Vif_details = {portbindings. CAP_PORT_FILTER: sg_enabled,
Portbindings. OVS_HYBRID_PLUG: sg_enabled}
Super (ofagentmechanic ismdriver, self). _ init __(
Constants. AGENT_TYPE_OFA,
Portbindings. VIF_TYPE_OVS,
Vif_details)
Def get_allowed_network_types (self, agent ):
Return (agent ['comprehensions']. get ('Tunnel _ types', []) +
[P_constants.TYPE_LOCAL, p_constants.TYPE_FLAT,
P_constants.TYPE_VLAN])
Def get_mappings (self, agent ):
Return dict (agent ['configuration']. get ('interface _ ings ',{}))
Last. Here, we provide a list of various plug-ins for SDN and NFV in the known Neutron Project (Data source: neutron/doc/source/stadium/sub_projects.rst)
Summary
From the latest Neutron code, we have discovered such as the original opendaylight and some other SDN plugins, which have been removed from the project and named as independent projects such as networking-xxxx.
The significant significance and role of Neutron and SDN Controller integrated applications are not deeply understood by individuals. CAN Controller be used to control VM traffic and provide a global network view?-network intelligence is achieved. Up to now, I have not touched on this environment or have seen relevant information. Please contact us!
Yes, Neutron is more like a kind of architecture. It requires a large number of developers and users to participate in it. At the same time, you also need to pay attention to its dregs and take its essence.