summaryrefslogtreecommitdiffstats
path: root/docs/scenarios/os-odl-fdio-dvr-ha/scenario.description.rst
diff options
context:
space:
mode:
Diffstat (limited to 'docs/scenarios/os-odl-fdio-dvr-ha/scenario.description.rst')
-rwxr-xr-xdocs/scenarios/os-odl-fdio-dvr-ha/scenario.description.rst290
1 files changed, 290 insertions, 0 deletions
diff --git a/docs/scenarios/os-odl-fdio-dvr-ha/scenario.description.rst b/docs/scenarios/os-odl-fdio-dvr-ha/scenario.description.rst
new file mode 100755
index 0000000..15dbfd8
--- /dev/null
+++ b/docs/scenarios/os-odl-fdio-dvr-ha/scenario.description.rst
@@ -0,0 +1,290 @@
+.. OPNFV - Open Platform for Network Function Virtualization
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+Scenario: "OpenStack - OpenDaylight - FD.io DVR"
+======================================================
+
+Scenario: apex-os-odl-fdio-dvr-ha
+
+"apex-os-odl-fdio-dvr-ha" is a scenario developed as part of the
+FastDataStacks OPNFV project. The main components of the
+"apex-os-odl-fdio-dvr-ha" scenario are:
+
+ - APEX (TripleO) installer (please also see APEX installer documentation)
+ - Openstack (in HA configuration)
+ - OpenDaylight controller (in cluster)
+ controlling layer 2 and layer 3 networking
+ - FD.io/VPP virtual forwarder for tenant networking
+
+Introduction
+============
+
+NFV and virtualized high performance applications, such as video processing,
+require a "fast data stack" solution that provides both carrier grade
+forwarding performance, scalability and open extensibility, along with
+functionality for realizing application policies and controlling a complex
+network topology.
+
+A solution stack is only as good as its foundation. Key foundational assets for
+NFV infrastructure are
+
+ * The virtual forwarder: The virtual forwarder needs to be a feature rich,
+ high performance, highly scale virtual switch-router. It needs to leverage
+ hardware accelerators when available and run in user space.
+ In addition, it should be modular and easily extensible.
+ * Forwarder diversity: A solution stack should support a variety of
+ forwarders, hardware forwarders (physical switches and routers)
+ as well as software forwarders. This way virtual and physical
+ forwarding domains can be seamlessly glued together.
+ * Policy driven connectivity: Connectivity should respect and
+ reflect different business
+
+In order to meet the desired qualities of an NFV infrastructure, the
+following components were chosen for the "Openstack - OpenDaylight - FD.io"
+scenario:
+
+ * FD.io Vector Packet Processor (VPP) - a highly scalable,
+ high performance, extensible virtual forwarder
+ * OpenDaylight Controller - an extensible controller platform which
+ offers the ability to separate business logic from networking
+ constructs, supports a diverse set of network devices
+ (virtual and physical) via the "group based policy (GBP)"
+ component, and can be clustered to achieve a highly available
+ deployment.
+
+The "Openstack - OpenDaylight - FD.io DVR" scenario provides the capability to
+realize a set of use-cases relevant to the deployment of NFV nodes instantiated
+by means of an Openstack orchestration system on FD.io/VPP enabled compute
+nodes. The role of the Opendaylight network controller in this integration is
+twofold. It provides a network device configuration and topology abstraction
+via the Openstack Neutron interface, while providing the capability to realize
+more complex network policies by means of Group Based Policies. Furthermore it
+also provides the capabilities to monitor as well as visualize the operation of
+the virtual network devices and their topologies. In supporting the general
+use-case of instantiatiting an NFV instance, two specific types of network
+transport use cases are realized:
+
+ * NFV instances with VPP data-plane forwarding using a VLAN provider network
+ * NFV instances with VPP data-plane forwarding using a VXLAN overlay
+ transport network
+
+A deployment of the "apex-os-odl-fdio-dvr-ha" scenario consists of 4 or more
+servers:
+
+ * 1 Jumphost hosting the APEX installer - running the Undercloud
+ * 1 Controlhost, which runs the Overcloud as well as
+ OpenDaylight as a network controller
+ * 2 or more Computehosts. These Computehosts also serve as
+ layer 3 gateways for tenant networks.
+
+TODO: update the image:
+ 1. Compute 0..N are gateways
+ 2. NIC2s on controllers are not in vpp
+
+.. image:: FDS-odl_l3-noha-overview.png
+
+Tenant and public networking leverages FD.io/VPP. On compute nodes,
+VPP binds to both the tenant networking interface as well as the public
+networking interface. This means that VPP is used for communication within
+a tenant network, between tenant networks, as well as between a tenant network
+and the Internet.
+
+Note that this setup slightly differs from the usual
+centralized L3 setup with qrouter on the control node. This setup was chosen
+to limit the configuration changes for the introduction of FD.io/VPP. The
+OpenDaylight network controller is used to setup and manage layer 2 and
+layer 3 networking for the scenario - with Group Based Policy (GBP) being the
+key component. Tenant networking can either leverage VXLAN (in which case a
+full mesh of VXLAN tunnels is created) or VLANs.
+
+The picture below shows an example setup with two compute and one control
+node. Note that the external network is connected via compute node 0 through
+VPP. VPP provides all layer 3 services which are provided in a "vanilla"
+OpenStack deployment, including SNAT and DNAT, as well as north-south
+and east-west traffic filtering for security purposes ("security groups").
+
+TODO: update the image:
+ 1. Add External network interface to Computenode-1
+
+.. image:: FDS-L3-noha-sample-setup.png
+
+Features of the scenario
+------------------------
+
+Main features of the "apex-os-odl-fdio-dvr-ha" scenario:
+
+ * Automated installation using the APEX installer
+ * Fast and scalable tenant networking using FD.io/VPP as forwarder
+ * Layer 2 networking using VLANs or VXLAN, managed
+ and controlled through OpenDaylight
+ * Layer 3 connectivitiy for tenant networks supplied
+ through FD.io/VPP. Layer 3 features, including security groups as well as
+ floating IP addresses (i.e. NAT) are implemented by the FD.io/VPP forwarder
+ * Manual and automatic (via DHCP) addressing on tenant networks
+
+Scenario components and composition
+===================================
+
+TODO: add LISP to components
+
+The apex-os-odl-fdio-dvr-ha scenario combines components from three key open
+source projects: OpenStack, OpenDaylight, and Fast Data (FD.io). The key
+components that realize the apex-os-odl-fdio-dvr-ha scenario and which differ
+from a regular, OVS-based scenario, are the OpenStack ML2 OpenDaylight plugin,
+OpenDaylight Neutron Northbound, OpenDaylight Group Based Policy, OpenDaylight
+Virtual Bridge Domain Manager, FD.io Honeycomb management agent and FD.io
+Vector Packet Processor (VPP).
+
+Note that the key components of the OpenDaylight based scenarios of
+FastDataStacks are the same. The centrallized scenario "apex-os-odl-fdio-noha"
+and the DVR scenario "apex-os-odl-fdio-dvr-ha" share the same components.
+
+Here's a more detailed list of the individual software components involved:
+
+**Openstack Neutron ML2 OpenDaylight Plugin**: Handles Neutron data base
+synchronization and interaction with the southbound controller using a REST
+interface.
+
+**ODL GBP Neutron Mapper**: Maps neutron elements like networks, subnets,
+security groups, etc. to GBP entities: Creates policy and configuration for
+tenants (endpoints, resolved policies, forwarding rules).
+
+**ODL GBP Neutron VPP Mapper**: Maps Neutron ports to VPP endpoints in GBP.
+
+**ODL GBP Location Manager**: Provides real location for endpoints (i.e. Which
+physical node an endpoint is connected to).
+
+**GBP Renderer Manager**: Creates configuration for Renderers (like e.g.
+VPP-Renderer or OVS-Renderer). The GBP Renderer Manager is the central point
+for dispatching of data to specific device renderers. It uses the information
+derived from the GBP end-point and its topology entries to dispatch the task
+of configuration to a specific device renderer by writing a renderer policy
+configuration into the registered renderer's policy store. The renderer
+manager also monitors, by being a data change listener on the VPP Renderer
+Policy States, for any errors in the application of a rendered configuration.
+
+**GBP VPP Renderer Interface Manager**: Listens to VPP endpoints in the
+Config DataStore and configures associated interfaces on VPP via HoneyComb.
+
+**GBP VPP Renderer Renderer Policy Manager**: Manages the creation of
+bridge domains using VBD and assigns interfaces to bridge domains.
+
+**Virtual Bridge Domain Manager (VBD)**: Creates bridge domains (i.e. in case
+of VXLAN creates full mesh of VXLAN tunnels, configures split horizon on
+tunnel endpoints etc.). VDB configures VXLAN tunnels always into a full-mesh
+with split-horizon group forwarding applied on any domain facing tunnel
+interface (i.e. forwarding behavior will be that used for VPLS).
+
+**Virtual Packet Processor (VPP) and Honeycomb server**: The VPP is the
+accelerated data plane forwarding engine relying on vhost user interfaces
+towards Virtual Machines created by the Nova Agent. The Honeycomb NETCONF
+configuration server is responsible for driving the configuration of the VPP,
+and collecting the operational data.
+
+**Nova Agent**: The Nova Agent, a sub-component of the overall Openstack
+architecture, is responsible for interacting with the compute node's host
+Libvirt API to drive the life-cycle of Virtual Machines. It, along with the
+compute node software, are assumed to be capable of supporting vhost user
+interfaces.
+
+The picture below shows the key components.
+
+TODO: update the image:
+ 1. Add LISP
+
+.. image:: FDS-basic-components.jpg
+
+To provide a better understanding how the above mentioned components interact
+with each other, the following diagram shows how the example of creating a
+vhost-user port on VPP through Openstack Neutron:
+
+To create or update a port, Neutron will send a request to ODL Neutron
+Northbound which contains the UUID, along with the host-id as "vpp" and
+vif-type as "vhost-user". The GBP Neutron mapper turns the "Neutron speak" of
+"ports" into the generic connectivity model that GroupBasedPolicy uses.
+Neutron "ports" become generic "GBP Endpoints" which can be consumed by the
+GBP Renderer Manager. The GBP Renderer Manager resolves the policy for the
+endpoint, i.e. it determines which communication relationships apply to the
+specific endpoint, and hands the resolution to a device specific renderer,
+which is the VPP renderer in the given case here. VPP renderer turns the
+generic policy into VPP specific configuration. Note that in case the policy
+would need to be applied to a different device, e.g. an OpenVSwitch (OVS),
+then an "OVS Renderer" would be used. VPP Renderer and the topology manager
+("Virtual Bridge Domain" manager - i.e. VBD) cooperate to create the actual
+network configuration. VPP Renderer configures the interfaces to the virtual
+machines (VM), i.e. the vhost-user interface in the given case here and
+attaches them to a bridge domain on VPP. VBD handles the setup of connectivity
+between bridge domains on individual VPPs, i.e. it maintains the VXLAN tunnels
+in the given case here. Both VPP Renderer as well as VBD communicate with the
+device through Netconf/YANG. All compute and control nodes run an instance of
+VPP and the VPP-configuration agent "Honeycomb". Honeycomb serves as a
+Netconf/YANG server, receives the configuration commands from VBD and VPP
+Renderer and drives VPP configuration using VPP's local Java APIs.
+
+.. image:: FDS-simple-callflow.png
+
+TODO: add description (and possibly a picture) of how forwarding works -
+ describe how packets travel in the setup
+ NOTE: could be in some different place in the document
+
+Scenario Configuration
+======================
+
+To enable the "apex-os-odl-fdio-dvr-ha" scenario check the appropriate
+settings in the APEX configuration files. Those are typically found in
+/etc/opnfv-apex.
+
+File "deploy_settings.yaml": Choose Opendaylight as controller with version
+"oxygen" and enable vpp as forwarder. "odl_routing_node" chooses the dvr
+setup for l3 forwarding::
+
+ deploy_options:
+ sdn_controller: opendaylight
+ odl_version: oxygen
+ odl_routing_node: dvr
+ tacker: true
+ congress: true
+ sfc: false
+ vpn: false
+ vpp: true
+ dataplane: fdio
+ performance:
+ Controller:
+ kernel:
+ hugepages: 1024
+ hugepagesz: 2M
+ intel_iommu: 'on'
+ iommu: pt
+ isolcpus: 1,2
+ vpp:
+ main-core: 1
+ corelist-workers: 2
+ uio-driver: uio_pci_generic
+ Compute:
+ kernel:
+ hugepagesz: 2M
+ hugepages: 2048
+ intel_iommu: 'on'
+ iommu: pt
+ isolcpus: 1,2
+ vpp:
+ main-core: 1
+ corelist-workers: 2
+ uio-driver: uio_pci_generic
+
+Limitations, Issues and Workarounds
+===================================
+
+For specific information on limitations and issues, please refer to the APEX
+installer release notes.
+
+References
+==========
+
+
+ * FastDataStacks OPNFV project wiki: https://wiki.opnfv.org/display/fds
+ * Fast Data (FD.io): https://fd.io/
+ * FD.io Vector Packet Processor (VPP): https://wiki.fd.io/view/VPP
+ * OpenDaylight Controller: https://www.opendaylight.org/
+ * OPNFV Danube release - more information: http://www.opnfv.org/danube