Introduction
When integrating Nuage with OpenStack there are two types of models - OpenStack-Managed and VSD-Managed. In this article, we will look into both integration models, the benefits to each and the steps required to configure.
VSD-Managed vs OpenStack-Managed
Operation
OpenStack-Managed is also referred to as the Basic Integration Model. With OpenStack-Managed the topology and policies are configured within OpenStack. OpenStack then PUSHes them to the VSD. The VSD then applies these changes to the network.
VSD-Managed is also known as the Advanced Integration Model. With the VSD-Managed integration model the VSD defines the network policies and topology. OpenStack then PULLs this configuration from the VSD.
Below shows an example of each:
Figure 1 - OpenStack Integration comparison.
Benefits
Each model provides benefits and advantages over the other. The advantages of each are shown below:
OpenStack-Managed
- All configuration is performed within OpenStack via the Neutron APIs.
- Provides maximum compatibility with the Neutron APIs.
- A majority of the Nuage features can be leveraged without using the VSD.
VSD-Managed
- Provides full compatibility to the Nuage feature set. Such as:
- Traffic mirroring.
- Service chaining.
- QoS/Rate limiters.
Implementation
When it comes to the integration models, each model implements the network policy and the various SDN components (Nuage L2/L3 domains, OpenStack L3 router etc.) in a slightly differently way.
VSD-Managed
With VSD-Managed the standard domain types (L2 or L3) are created within Nuage.
VSD translates these into the corresponding OpenStack subnets that are then pulled down.
With VSD-Managed no L3 router is created within OpenStack, therefore within the Network Topology of Horizon, you will not see an L3 router (shown below).
Figure 2 - VSD-Managed - Network Topology.
OpenStack-Managed
With OpenStack-Managed the VSD implements an L2 or L3 domain based upon whether an L3 router is configured, or not. For example, if an L3 router is created within the project then VSD will map this to an L3 Nuage domain. Or if a project does not contain an L3 router then an L2 Nuage domain will be mapped.
Configuration
VSD-Managed
VSD-Managed configuration is based on the following steps:
- OpenStack - Create Nuage net-partition.
- VSD - Create Topology.
- OpenStack - Pull subnets from VSD; create networks and subnets.
Create Net-Partition
First, a Nuage net-partition is created within OpenStack. By doing so a tenant is created within OpenStack and also an organization within Nuage is created. Both of which are mapped (shown below).
[root@packstack-controller ~]# source keystonerc_admin
[root@packstack-controller ~(keystone_admin)]# neutron nuage-netpartition-create CostaOrg
Created a new net_partition:
+-------+--------------------------------------+
| Field | Value |
+-------+--------------------------------------+
| id | 0bcdd192-1966-4b9c-9394-cbdfe1b2a19f |
| name | CostaOrg |
+-------+--------------------------------------+
[root@packstack-controller ~(keystone_admin)]# neutron nuage-netpartition-list
+--------------------------------------+-------------------+----------------------------------+
| id | name | tenant_id |
+--------------------------------------+-------------------+----------------------------------+
| 0bcdd192-1966-4b9c-9394-cbdfe1b2a19f | CostaOrg | c35653dae0ef41489cc72b1df790407c |
| 0ea85763-5806-44e1-ae71-64562bf42d73 | OpenStack_default | c35653dae0ef41489cc72b1df790407c |
+--------------------------------------+-------------------+----------------------------------+
Create Topology
Next, create your topology within the VSD. In the example below, our topology is based upon an L3 domain.
Figure 3 - L3 Domain with subnets (VSD-Managed).
Pull Subnets from VSD
Now the topology is created within the VSD, the subnets can be pulled/created within OpenStack. Below shows an example.
Figure 4 - VSD-Managed - Pulling of subnets from VSD.
OpenStack-Managed
When creating a network topology with the OpenStack-Managed model, all configuration steps are performed within OpenStack. When the network topology is created, the VSD will place the topology into an OpenStack_default organization.
Our example will be based on creating an L3 domain. For example,
- OpenStack - Create L3 Router.
- OpenStack - Create networks and subnets.
- OpenStack - Assign subnets to L3 router.
Depending on whether an L3 router is deployed or not will result in whether the project is mapped to an L2 or L3 domain within Nuage.
Create L3 Router
[root@packstack-controller ~(keystone_admin)]# neutron router-create l3router
Created a new router:
+-----------------------+--------------------------------------+
| Field | Value |
+-----------------------+--------------------------------------+
| admin_state_up | True |
| created_at | 2018-12-11T11:44:16Z |
| description | |
| ecmp_count | 1 |
| external_gateway_info | |
| id | 600a6ae1-9607-4fec-abf3-1499d40008dc |
| name | l3router |
| net_partition | 0ea85763-5806-44e1-ae71-64562bf42d73 |
| nuage_backhaul_rd | 65534:56306 |
| nuage_backhaul_rt | 65534:12132 |
| nuage_backhaul_vnid | 3187378 |
| nuage_underlay | off |
| project_id | c35653dae0ef41489cc72b1df790407c |
| rd | 65534:21221 |
| revision_number | 1 |
| routes | |
| rt | 65534:56129 |
| status | ACTIVE |
| tags | |
| tenant_id | c35653dae0ef41489cc72b1df790407c |
| tunnel_type | VXLAN |
| updated_at | 2018-12-11T11:44:16Z |
+-----------------------+--------------------------------------+
Once the L3 router is created Nuage will translate this into an L3 domain, which can be seen within the VSD (shown below). It is important to note, no traditional L3 router (i.e Linux network namespace) is actually created within OpenStack, only the object for logical representation.
Figure 5 - OpenStack-Managed - L3 Domain.
Create Networks and Subnets
Next, we will create the networks and the assigned subnets.
Network/Subnet A
[root@packstack-controller ~(keystone_admin)]# neutron net-create network_a
Created a new network:
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2018-12-11T11:51:32Z |
| description | |
| id | addb109d-b03c-4767-9e19-d00c00f1a54d |
| ipv4_address_scope | |
| ipv6_address_scope | |
| mtu | 1450 |
| name | network_a |
| port_security_enabled | True |
| project_id | c35653dae0ef41489cc72b1df790407c |
| provider:network_type | vxlan |
| provider:physical_network | |
| provider:segmentation_id | 5087 |
| revision_number | 3 |
| router:external | False |
| shared | False |
| status | ACTIVE |
| subnets | |
| tags | |
| tenant_id | c35653dae0ef41489cc72b1df790407c |
| updated_at | 2018-12-11T11:51:32Z |
+---------------------------+--------------------------------------+
[root@packstack-controller ~(keystone_admin)]# neutron subnet-create network_a --name subnet_a 10.1.1.0/24
Created a new subnet:
+-------------------+--------------------------------------------+
| Field | Value |
+-------------------+--------------------------------------------+
| allocation_pools | {"start": "10.1.1.2", "end": "10.1.1.254"} |
| cidr | 10.1.1.0/24 |
| created_at | 2018-12-11T11:51:36Z |
| description | |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 10.1.1.1 |
| host_routes | |
| id | 77ac5cff-d592-4390-a7e4-664e8e55c3e5 |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | subnet_a |
| net_partition | 0ea85763-5806-44e1-ae71-64562bf42d73 |
| network_id | addb109d-b03c-4767-9e19-d00c00f1a54d |
| nuage_l2bridge | |
| nuage_uplink | |
| nuagenet | |
| project_id | c35653dae0ef41489cc72b1df790407c |
| revision_number | 2 |
| service_types | |
| subnetpool_id | |
| tags | |
| tenant_id | c35653dae0ef41489cc72b1df790407c |
| underlay | |
| updated_at | 2018-12-11T11:51:36Z |
| vsd_managed | False |
+-------------------+--------------------------------------------+
Network/Subnet B
[root@packstack-controller ~(keystone_admin)]# neutron net-create network_b
Created a new network:
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2018-12-11T11:51:46Z |
| description | |
| id | 5765be5a-c5bf-4bd9-a662-9632655248f2 |
| ipv4_address_scope | |
| ipv6_address_scope | |
| mtu | 1450 |
| name | network_b |
| port_security_enabled | True |
| project_id | c35653dae0ef41489cc72b1df790407c |
| provider:network_type | vxlan |
| provider:physical_network | |
| provider:segmentation_id | 5053 |
| revision_number | 3 |
| router:external | False |
| shared | False |
| status | ACTIVE |
| subnets | |
| tags | |
| tenant_id | c35653dae0ef41489cc72b1df790407c |
| updated_at | 2018-12-11T11:51:46Z |
+---------------------------+--------------------------------------+
[root@packstack-controller ~(keystone_admin)]# neutron subnet-create network_b --name subnet_b 10.2.2.0/24
Created a new subnet:
+-------------------+--------------------------------------------+
| Field | Value |
+-------------------+--------------------------------------------+
| allocation_pools | {"start": "10.2.2.2", "end": "10.2.2.254"} |
| cidr | 10.2.2.0/24 |
| created_at | 2018-12-11T11:51:49Z |
| description | |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 10.2.2.1 |
| host_routes | |
| id | e8ae0188-384d-4045-8752-f58c2f59d4ee |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | subnet_b |
| net_partition | 0ea85763-5806-44e1-ae71-64562bf42d73 |
| network_id | 5765be5a-c5bf-4bd9-a662-9632655248f2 |
| nuage_l2bridge | |
| nuage_uplink | |
| nuagenet | |
| project_id | c35653dae0ef41489cc72b1df790407c |
| revision_number | 2 |
| service_types | |
| subnetpool_id | |
| tags | |
| tenant_id | c35653dae0ef41489cc72b1df790407c |
| underlay | |
| updated_at | 2018-12-11T11:51:49Z |
| vsd_managed | False |
+-------------------+--------------------------------------------+
Assign Networks to L3 Router
Each subnet is then assigned to the L3 router.
[root@packstack-controller ~(keystone_admin)]# neutron router-interface-add l3router subnet_a
Added interface 9a26cf53-2d74-4e9f-bae2-6a3ff647bb24 to router l3router.
[root@packstack-controller ~(keystone_admin)]# neutron router-interface-add l3router subnet_b
Added interface b6f7b6cb-d953-4d95-8979-3fbb81812076 to router l3router.
Once assigned, the Nuage topology will also be updated:
Figure 6 - OpenStack-Managed - L3 Domain with subnets.