You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 9 Next »

Bug Reference

Jira-733

Branch

kj-bsc-plugin

Introduction

The proposed CloudStack networking plugin will bring the OpenFlow-based standard network virtualization technology to CloudStack. The plugin would work with the commercial-version of the BigSwitch Controller, but not the open-source controller, floodlight.

Purpose

This is functional specification of BigSwitch Network Plugin, which has Jira ID 733

References

Document History

Date

Revision

Author

Description of the change

1/15/2013

0.1

Kanzhe Jiang

Initial Draft

Glossary

Term

Definition

BSC

BigSwitch Controller

BVS

Big Virtual Switch

CS

CloudStack

Feature Specifications

  • Feature Summary 
    BVS is one of the SDN applications available for the BigSwitch network controller. BVS application provides network virtualization, manages isolated and virtual networks on top of the underlying physical and virtual switch infrastructure. These virtual networks correspond directly to the groups of VMs, servers, and other devices that need their own secure connectivity. The virtual networks are programmed into the physical and/or virtual switches without having to separately configure individual network devices.
  • quality risks (test guidelines)
    The BigSwitch networking plugin functions as a REST client to a BSC/Floodlight controller. A running instance of floodlight or BigSwitch controller is required in testing the plugin's functionality. The plugin is developed based on v1.1 of the BigSwitch's Orchestration API. The following tests should be verified before declaring the feature completion:
    • Creation of one and more guest networks;
    • Deletion of one and more existing guest networks;
    • Add VMs to the same guest network and verify connectivity;
    • Add VMs to different guest network and verify isolation;
    • Delete VMs to ensure the removal of corresponding network interface;
  • specify supportability characteristics:
    • Debugging and Troubleshooting:
      The BVS created on the controller have the same name as the UUID of the network in cloudstack and the owner of the name of the account prepended with "cloudstack-". Each BVS has a tag-based interface rule, "tag-<uuid>", which is used to classify VMs into their networks. For each VM, a host-config is created on the controller to match to its network tag interface rule. Controller CLI can be used to confirm the correct network membership of VMs.
    • new logging in cloudstack is TBD;

Use cases

There won't be any change to the existing CloudStack workflow. In a typical deployment, all OpenFlow-enabled physical and virtual switches and other network resources are configured to be managed by the BigSwitch controller(s). When a guest network is created, the plugin will create a corresponding virtual network in the BVS When a guest VM is launched, the VM is automatically assigned to its configured guest network(s). The BVS application will provide network isolation and connectivities among VMs.

Architecture and Design description

CloudStack provides plugin framework that allow different resources to be integrated with the CloudStack core. A BigSwitch networking plugin will be developed to add openflow-based network virtualization into cloudstack. There are two main modules in NetworkIng plugin, NetworkGuru and NetworkElement. NetworkGuru is the network abstraction that defines the interfaces that manage the life cycle of a network, and permits implementations of various network isolation technologies and ip address technologies.

Each tenant network in CS will be mapped to a virtual network on the controller. In CloudStack, the same IP pool is re-used for all tenant networks. It results duplicate IPs in the network. We will use addressSpace construct on the controller to get around the issue for now. This isolation method is the same as using VLAN. In CloudStack workflow, each tenant will be assigned a range of VLANs as part of the tenant configuration. When a tenant network is created, a vlan from the tenant's vlan pool is associated with the network. BSC plugin can create an addressSpace with the vlan as its transport vlan, then create a BVS for the tenant network and create the addressSpace identifier rule and BVS membershipRule with the associated tag. Expected code changesBVSNetworkGuru.java will extend NetworkGuru class and implement the network design() and implement() methods. design() method will perform verification of network attributes. implement() method will invoke quantum app REST APIs to create BVS and interfaceRule. Non-VLAN based isolation will not be covered in this release and can be added to the plugin as additional option in the near future.

NetworkElement is a network resource abstraction that manages the life cycle of a network element. NetworkElement can also facilitate network services on network elements to support a VM (ie. DNS, DHCP, LB, VPN, Port Forwarding, etc). Each network element maps to a host-config on BSC.

CloudStack support two networking mode, basic and advanced.

Basic networking is an AWS-style networking, which provides a single network where guest isolation can be provided through layer-3 such as security groups (IP address source filtering). This feature will be supported in the future release.
Advanced networking provides extensibility through CloudStack plugin. A BigSwitch networking plugin will be available in the advanced mode as "BVS" option.

Web Services APIs

None

UI flow

BVS option will be added with Network creation.

Appendix

  • Pseudo Code for the BVSNetworkGuru 
    BVSNetworkGuru:design() {
    if the network isolation type is not BVS, return null;
    if the controller is not available, return null;
    
    return super.design()
}

BVSNetworkGuru:implement() {
    create network id;
    Send a REST request to create the network, http://controllerIp:/quantum/v1.1/tenants/:tenant/networks
}

BVSNetworkGuru:shutdown() {
    Send a REST request to delete the network, http://controllerIp:/quantum/v1.1/tenants/:tenant/networks/:network
}
  • Pseudo Code for the BVSNetworkElement 
    BVSNetworkElement:prepare() {
    Send a REST request to create the host config for the VM, http://controllerIp:/quantum/v1.1/tenants/:tenant/networks/:network/ports/:port/attachment with vm's MAC
}

BVSNetworkElement:release() {
    Send a REST request to delete the host config for the VM, http://controllerIp:/quantum/v1.1/tenants/:tenant/networks/:network/ports/:port/attachment
}
  • No labels