Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: OpenStack: Dev

OpenStack Quantum plugins

 

 

OpenStack dev RSS feed   Index | Next | Previous | View Threaded


salmanmk at live

Apr 26, 2012, 12:55 PM

Post #1 of 7 (353 views)
Permalink
OpenStack Quantum plugins

Hi All,



I am trying to learn the functionality of Quantum plugins used in
OpenStack. I have read through the Quantum Admin Guide and had few
basic/quick question about quantum and OVS interaction with it:




1) OVS can have ports in which vNICS can be plugged, so why does it need
to use an integration bridge for connecting all VMs on the same node to
a network?



2) The OVS quantum plugin seems to implement the core API functions and
(viewing the code) I concluded that it just makes maintains the logical
mappings e.g. b/w net IDs and VLAN IDs in a database. So how is this
mapping implemented on the actual ports of OVS? Is it the OVS quantum
agent responsible for directing the packets to correct input/output
ports based on the updates that it gets from the database?



3) The quantum admin guide says that the nova client will be the main
user of quantum and will interact with it via REST API, so it would be nice if someone can point me to the code (file path name etc.) where this happens.

Thanks,
Salman

PS: What is the purpose of Quantum Manager in this architecture and where should I look for its code?


salmanmk at live

Apr 26, 2012, 10:04 PM

Post #2 of 7 (349 views)
Permalink
Re: OpenStack Quantum plugins [In reply to]

Dan, Salavatore and others, your input is sought here. Can any one provide little explanation please?

From: salmanmk [at] live
To: openstack [at] lists
Subject: OpenStack Quantum plugins
Date: Thu, 26 Apr 2012 19:55:20 +0000





Hi All,



I am trying to learn the functionality of Quantum plugins used in
OpenStack. I have read through the Quantum Admin Guide and had few
basic/quick question about quantum and OVS interaction with it:




1) OVS can have ports in which vNICS can be plugged, so why does it need
to use an integration bridge for connecting all VMs on the same node to
a network?



2) The OVS quantum plugin seems to implement the core API functions and
(viewing the code) I concluded that it just makes maintains the logical
mappings e.g. b/w net IDs and VLAN IDs in a database. So how is this
mapping implemented on the actual ports of OVS? Is it the OVS quantum
agent responsible for directing the packets to correct input/output
ports based on the updates that it gets from the database?



3) The quantum admin guide says that the nova client will be the main
user of quantum and will interact with it via REST API, so it would be nice if someone can point me to the code (file path name etc.) where this happens.

Thanks,
Salman

PS: What is the purpose of Quantum Manager in this architecture and where should I look for its code?


hitesh.wadekar at gmail

Apr 26, 2012, 10:54 PM

Post #3 of 7 (340 views)
Permalink
Re: OpenStack Quantum plugins [In reply to]

Hi Salman,

Please see the inline comments.
On Fri, Apr 27, 2012 at 1:25 AM, Salman Malik <salmanmk [at] live> wrote:

> Hi All,
>
> I am trying to learn the functionality of Quantum plugins used in
> OpenStack. I have read through the Quantum Admin Guide and had few
> basic/quick question about quantum and OVS interaction with it:
>
>
> 1) OVS can have ports in which vNICS can be plugged, so why does it need
> to use an integration bridge for connecting all VMs on the same node to a
> network?
>
[Hitesh]:
As far as I know that OVS have more features over the Linux bridge, for
example, VM isolation, mobility and security. These can be configured by
remote controller. To help and gian the control on all these activities the
integration bridge is required. I am not sure about it but I Dan or
Salvotore can explain this better way. You can find the more information
here http://openvswitch.org/support/

2) The OVS quantum plugin seems to implement the core API functions and
(viewing the code) I concluded that it just makes maintains the logical
mappings e.g. b/w net IDs and VLAN IDs in a database. So how is this
mapping implemented on the actual ports of OVS? Is it the OVS quantum agent
responsible for directing the packets to correct input/output ports based
on the updates that it gets from the database?
[Hitesh]:
OVS agent is responsible for to update the database(accoding to actions
have been told) for the local server as well Quantum server. As far as I
know OVS quantum is not responsible for directing the packets to correct
in/op, This job is hadled by OVS core module on the server (datapath). OVS
agent only updates the database and creation bridge etc.. Dan or
Salvotore can be explained more...

3) The quantum admin guide says that the nova client will be the main user
of quantum and will interact with it via REST API, so it would be nice if
someone can point me to the code (file path name etc.) where this happens.
[Hitesh]:
You can see the devstack script where we are configuring nove-network to
quantum. thats the enry point for the nova-network to communicate to
quantum. I will share soon more on this.

However, I tried my best to give to these answers. Please feel free to
correct me if anything needs to share more.

Salman, Let me know if you want more info about this. I will be happy to
share

Thanks,
Salman

PS: What is the purpose of Quantum Manager in this architecture and where
should I look for its code?
[Hitesh]: As I am working on different machine, I will share this with
details to you soon.

>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to : openstack [at] lists
> Unsubscribe : https://launchpad.net/~openstack
> More help : https://help.launchpad.net/ListHelp
>
>


dan at nicira

Apr 27, 2012, 8:19 AM

Post #4 of 7 (344 views)
Permalink
Re: OpenStack Quantum plugins [In reply to]

On Thu, Apr 26, 2012 at 12:55 PM, Salman Malik <salmanmk [at] live> wrote:

> Hi All,
>

Hi Salman,


>
> I am trying to learn the functionality of Quantum plugins used in
> OpenStack. I have read through the Quantum Admin Guide and had few
> basic/quick question about quantum and OVS interaction with it:
>
>
> 1) OVS can have ports in which vNICS can be plugged, so why does it need
> to use an integration bridge for connecting all VMs on the same node to a
> network?
>

I'm not sure I follow what question you're asking. When OVS is running on
a host, it has one or more "bridges", and bridges have "ports". A linux
device representing the vNIC must be added as a port of a bridge being
managed by the Quantum plugin. We call this bridge the "integration
bridge". The Quantum plugin can then configure the ports and bridges
appropriately to forward traffic based on the logical model created via the
Quantum API. Can you be more precise about what you're asking here?



>
> 2) The OVS quantum plugin seems to implement the core API functions and
> (viewing the code) I concluded that it just makes maintains the logical
> mappings e.g. b/w net IDs and VLAN IDs in a database. So how is this
> mapping implemented on the actual ports of OVS? Is it the OVS quantum agent
> responsible for directing the packets to correct input/output ports based
> on the updates that it gets from the database?
>

In VLAN-mode, its even simpler than that. The agent simply puts each port
as a VLAN access port for the right VLAN, based on the database, and then
has OVS perform standard L2 learning to forward packets.


>
> 3) The quantum admin guide says that the nova client will be the main user
> of quantum and will interact with it via REST API, so it would be nice if
> someone can point me to the code (file path name etc.) where this happens.
>

This is the QuantumManager code in Nova:
https://github.com/openstack/nova/tree/master/nova/network/quantum

One word of warning: this code will be being simplified and largely removed
in Folsom, so while its useful to look at it to learn about Quantum, I'd
ask around before investing the time to make significant changes to the
code.

>
>
> PS: What is the purpose of Quantum Manager in this architecture and where
> should I look for its code?
>

see above :)

Dan



>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to : openstack [at] lists
> Unsubscribe : https://launchpad.net/~openstack
> More help : https://help.launchpad.net/ListHelp
>
>


--
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Dan Wendlandt
Nicira, Inc: www.nicira.com
twitter: danwendlandt
~~~~~~~~~~~~~~~~~~~~~~~~~~~


salmanmk at live

Apr 27, 2012, 4:44 PM

Post #5 of 7 (344 views)
Permalink
Re: OpenStack Quantum plugins [In reply to]

Hi Dan,

Thanks for replying. There are few more questions:



I am trying to learn the functionality of Quantum plugins used in
OpenStack. I have read through the Quantum Admin Guide and had few
basic/quick question about quantum and OVS interaction with it:




1) OVS can have ports in which vNICS can be plugged, so why does it need
to use an integration bridge for connecting all VMs on the same node to
a network?

I'm not sure I follow what question you're asking. When OVS is running on a host, it has one or more "bridges", and bridges have "ports". A linux device representing the vNIC must be added as a port of a bridge being managed by the Quantum plugin. We call this bridge the "integration bridge". The Quantum plugin can then configure the ports and bridges appropriately to forward traffic based on the logical model created via the Quantum API. Can you be more precise about what you're asking here?


In short it means that the OVS is managing the linux bridges and the linux devices representing vNICs must be added to these bridges (Does Quantum manager adds these devices to bridges?). And when you say that quantum plugin configures the ports and bridges appropriately to forward traffic, you mean that it updates the database and then quantum agent then assures the correct mapping of ports/network ids to logical networks at the switch level(by adding flow entries to vSwitch? or by adding the vNICs to right bridges, as there is one bridge per tenant's network on compute node). Right?



2) The OVS quantum plugin seems to implement the core API functions and
(viewing the code) I concluded that it just makes maintains the logical
mappings e.g. b/w net IDs and VLAN IDs in a database. So how is this
mapping implemented on the actual ports of OVS? Is it the OVS quantum
agent responsible for directing the packets to correct input/output
ports based on the updates that it gets from the database?

In VLAN-mode, its even simpler than that. The agent simply puts each port as a VLAN access port for the right VLAN, based on the database, and then has OVS perform standard L2 learning to forward packets.


good to know.




3) The quantum admin guide says that the nova client will be the main
user of quantum and will interact with it via REST API, so it would be nice if someone can point me to the code (file path name etc.) where this happens.

This is the QuantumManager code in Nova: https://github.com/openstack/nova/tree/master/nova/network/quantum


One word of warning: this code will be being simplified and largely removed in Folsom, so while its useful to look at it to learn about Quantum, I'd ask around before investing the time to make significant changes to the code.



PS: What is the purpose of Quantum Manager in this architecture and where should I look for its code?



Thanks for the reference. I have looked at the code and just to affirm my understanding please confirm/correct/answer the following:
Quantum manager is responsible for configuring the network for new instances that spin up. When a tenant adds a port to his logical network the request will be forwarded to this manager by Nova and then Manager (using quantum client) would talk to quantum service/server (where can I see its code?) with the REST API. According to documentation, the quantum service is responsible for loading the plugin and passing the REST API calls to the plugin. The plugin then updates the database. Rest of the work is done by quantum agent.

see above :)
Thanks again for clarification. Since, I am still trying to understand the data flow, please pardon me for questions that are confusing.
Salman




_______________________________________________

Mailing list: https://launchpad.net/~openstack

Post to : openstack [at] lists

Unsubscribe : https://launchpad.net/~openstack

More help : https://help.launchpad.net/ListHelp




--
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Dan Wendlandt Nicira, Inc: www.nicira.com
twitter: danwendlandt


~~~~~~~~~~~~~~~~~~~~~~~~~~~


salmanmk at live

Apr 27, 2012, 4:58 PM

Post #6 of 7 (348 views)
Permalink
Re: OpenStack Quantum plugins [In reply to]

Hi Hitesh,
Thanks for the considerate reply.
Please see the inline comments.

On Fri, Apr 27, 2012 at 1:25 AM, Salman Malik <salmanmk [at] live> wrote:



Hi All,

I am trying to learn the functionality of Quantum plugins used in OpenStack. I have read through the Quantum Admin Guide and had few basic/quick question about quantum and OVS interaction with it:



1) OVS can have ports in which vNICS can be plugged, so why does it need to use an integration bridge for connecting all VMs on the same node to a network?

[Hitesh]:
As far as I know that OVS have more features over the Linux bridge, for example, VM isolation, mobility and security. These can be configured by remote controller. To help and gian the control on all these activities the integration bridge is required. I am not sure about it but I Dan or Salvotore can explain this better way. You can find the more information here http://openvswitch.org/support/

Now, what I have understood from Dan's reply is that OVS itself consists of these bridges (each bridge on a node, being called as an "integration bridge"). Correct me if I am wrong.



2) The OVS quantum plugin seems to implement the core API functions and (viewing the code) I concluded that it just makes maintains the logical mappings e.g. b/w net IDs and VLAN IDs in a database. So how is this mapping implemented on the actual ports of OVS? Is it the OVS quantum agent responsible for directing the packets to correct input/output ports based on the updates that it gets from the database?

[Hitesh]:
OVS agent is responsible for to update the database(accoding to actions have been told) for the local server as well Quantum server. As far as I know OVS quantum is not responsible for directing the packets to correct in/op, This job is hadled by OVS core module on the server (datapath). OVS agent only updates the database and creation bridge etc.. Dan or Salvotore can be explained more...


Are you sure that quantum agent updates the database? I used to think that it only grabs updates by looking into the database (which is actually modified by the plugin). I am not sure so just confirming.

3) The quantum admin guide says that the nova client will be the main user of quantum and will interact with it via REST API, so it would be nice if someone can point me to the code (file path name etc.) where this happens.


[Hitesh]:
You can see the devstack script where we are configuring nove-network to quantum. thats the enry point for the nova-network to communicate to quantum. I will share soon more on this.

Thanks Hitesh for sharing you knowledge :) Can you comment on how nova-network interacts with Quantum-manager?


However, I tried my best to give to these answers. Please feel free to correct me if anything needs to share more.

Salman, Let me know if you want more info about this. I will be happy to share


Thanks again Hitesh. I appreciate your help.
Salman

_______________________________________________
Mailing list: https://launchpad.net/~openstack

Post to : openstack [at] lists
Unsubscribe : https://launchpad.net/~openstack
More help : https://help.launchpad.net/ListHelp


dan at nicira

Apr 28, 2012, 2:11 PM

Post #7 of 7 (348 views)
Permalink
Re: OpenStack Quantum plugins [In reply to]

On Fri, Apr 27, 2012 at 4:44 PM, Salman Malik <salmanmk [at] live> wrote:

> Hi Dan,
>
> Thanks for replying. There are few more questions:
>
>
>
> I am trying to learn the functionality of Quantum plugins used in
> OpenStack. I have read through the Quantum Admin Guide and had few
> basic/quick question about quantum and OVS interaction with it:
>
>
> 1) OVS can have ports in which vNICS can be plugged, so why does it need
> to use an integration bridge for connecting all VMs on the same node to a
> network?
>
>
> I'm not sure I follow what question you're asking. When OVS is running on
> a host, it has one or more "bridges", and bridges have "ports". A linux
> device representing the vNIC must be added as a port of a bridge being
> managed by the Quantum plugin. We call this bridge the "integration
> bridge". The Quantum plugin can then configure the ports and bridges
> appropriately to forward traffic based on the logical model created via the
> Quantum API. Can you be more precise about what you're asking here?
>
> In short it means that the OVS is managing the linux bridges and the linux
> devices representing vNICs must be added to these bridges (Does Quantum
> manager adds these devices to bridges?).
>

You have to be a bit careful here, because the linux bridge and open
vswitch are two different things (you can think of open vswitch as an
advanced version of the linux bridge).

A driver in the Nova virt layer is actually the one who creates the linux
devices that map to vNICs. For example, libvirt creates these devices as
directed by the libvirt driver code:
https://github.com/openstack/nova/blob/master/nova/virt/libvirt/vif.py .
This code attaches the linux device to an OVS bridge as a "port". The
rest of the configuration of that port and the OVS bridge is up to the OVS
plugin agent.


> And when you say that quantum plugin configures the ports and bridges
> appropriately to forward traffic, you mean that it updates the database and
> then quantum agent then assures the correct mapping of ports/network ids to
> logical networks at the switch level(by adding flow entries to vSwitch? or
> by adding the vNICs to right bridges, as there is one bridge per tenant's
> network on compute node). Right?
>

Its not correct that there is one bridge per tenant network on the compute
node. In the case of the OVS plugin, there is a single bridge (e.g.,
br-int) and different tenants are isolated based on configuration pushed
down by the agent. Really the "plugin" consists of both the code running
on the server, and (optionally) agents running on the compute nodes. Not
all plugins require agents, for example, if they have some other way of
managing the vswitch.



>
> Thanks for the reference. I have looked at the code and just to affirm my
> understanding please confirm/correct/answer the following:
> Quantum manager is responsible for configuring the network for new
> instances that spin up. When a tenant adds a port to his logical network
> the request will be forwarded to this manager by Nova and then Manager
> (using quantum client) would talk to quantum service/server (where can I
> see its code?) with the REST API. According to documentation, the quantum
> service is responsible for loading the plugin and passing the REST API
> calls to the plugin. The plugin then updates the database. Rest of the work
> is done by quantum agent.
>

See:
http://docs.openstack.org/incubation/openstack-network/admin/content/Using-dle455.html

The workflow is actually that you create a VM with one or more vNICs, and
as part of the VM creation process, nova-network is invoked using the
allocate_for_instance RPC call. When you are running nova-network with
QuantumManager, this code uses the main Quantum REST API to create ports
for each vNIC. This is the code I pointed you to before:
https://github.com/openstack/nova/blob/master/nova/network/quantum .
Specifically, manager.py is the QuantumManager code, and
quantum_connection.py and client.py are libraries used to talk to Quantum's
REST API.

Dan


> Salman
>
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to : openstack [at] lists
> Unsubscribe : https://launchpad.net/~openstack
> More help : https://help.launchpad.net/ListHelp
>
>
>
>
> --
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Dan Wendlandt
> Nicira, Inc: www.nicira.com
> twitter: danwendlandt
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
>


--
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Dan Wendlandt
Nicira, Inc: www.nicira.com
twitter: danwendlandt
~~~~~~~~~~~~~~~~~~~~~~~~~~~

OpenStack dev RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.