We often get asked why you need an SDN virtual networking solution like Nuage Networks if you are planning on building an OpenStack cloud. In theory, OpenStack includes native virtual networking capability, right? Well, this blog post is meant to address this fundamental issue, and show where Nuage really adds value to any of the myriad different OpenStack distributions that are out there.
OpenStack is an open source cloud management system (CMS) that allows cloud providers and enterprises to build cost-effective, agile infrastructure-as-a-service (IaaS) offerings. As organizations look to build heterogeneous, open source cloud infrastructures, OpenStack will provide fundamental provisioning, configuration and automation capabilities for applications, servers, networking, storage and more.
Limitations in OpenStack Networking
OpenStack Neutron is the networking component of the OpenStack architecture, letting users provision virtual network resources, including security and Layer 4-7 services, in the same way they would orchestrate compute and storage resource pools. Much like Software Defined Networking (SDN) solutions, OpenStack Neutron manages virtual overlay networks that abstract the physical network, making any cloud deployment independent of the physical infrastructure, and able to deploy easily on-premises or at cloud service providers.
Neutron, however, has been a major obstacle to the scalability and resiliency of OpenStack deployments. Successful deployments have typically been at lab scale, or limited to tens or hundreds of servers/hypervisor hosts. The limitation has stemmed from the fact that Neutron doesn’t have its own Layer 3 routing capability, but instead uses a Linux kernel and Linux routing. For large cloud environments, with many virtual networks, tenants and applications, all of the routing has to go through the same Neutron Layer 3 agent, which acts as a choke point and limits scale. While its possible to deploy multiple pairs of L3 agents, this has proven very complex and can hinder changes to application infrastructure down the road.
In addition, under Neutron, there is additional operational complexity because there are two networks to manage: the physical and the virtual overlay. Correlating performance issues seen in virtual applications to specific points in the physical network can prove tedious and time consuming.
Nuage Networks and OpenStack Make Cloud Scale a Reality
Nuage Networks has collaborated with leading commercial OpenStack vendors to remove Neutron networking challenges through Nuage Networks Virtualized Services Platform (VSP). Nuage Networks VSP is a virtual networking and SDN platform built from the same proven routing software that powers many of the largest Telco and service provider-class customers for many years, with many of the same switching capabilities as Nokia’s full portfolio of networking appliances.
Nuage Networks VSP forms a programmable, automated virtual networking infrastructure for OpenStack IaaS deployments. Here showing integration with Red Hat OpenStack, the Virtual Services Directory connects to OpenStack to collect application policy configurations and requirements that VSD and VSC use to automate provisioning of the virtual networks and switches as workloads are placed around the cloud.
The VSP virtual switch includes full layer 3 routing capabilities, including VXLAN encapsulation and overlay network management. Moving the layer 3 routing and VXLAN tunnel end points (VTEP) out to the network edge eliminates the centralized choke point problem faced in prior OpenStack deployments and mirrors the network architecture of modern spine-leaf datacenter and cloud architectures.
VSP provides an SDN controller that includes a centralized policy repository, with a distributed control plane, which allows for much greater scalability, without losing the agility offered by OpenStack orchestration and the simplicity of a single infrastructure-wide view of policies. In addition, through a layered VSP component, Virtualized Services Assurance Platform (VSAP), users get full visibility to the physical network, with correlation to virtual overlays, which simplifies operations and reduces time to remediate application and networking issues.
In addition to providing SDN automation services to the OpenStack network infrastructure, VSP provides configuration and provisioning for security nodes and application controllers as well, whether those devices are virtual appliances or physical devices. Nuage Networks is developing a rapidly growing ecosystem of third-party solutions that can be managed under its SDN policy model. Integration with these third party solutions includes configuration of network and security policies on the devices, as well as managing service insertion and chaining to configure the devices into the virtual application network and ensure workload portability across the cloud infrastructure. Nuage Networks even allows for service insertion policies to be visible and managed within the OpenStack environment.
And with its sophisticated routing capabilities, Nuage Networks seamlessly provides a single SDN overlay infrastructure across multiple datacenter sites, or between on-premises and cloud-based applications, something the standard OpenStack Neutron distribution is not ready to handle.
Summary
As momentum continues to build for OpenStack and customers achieve the benefits of open cloud management systems, Nuage Networks provide the scalable virtual networking infrastructure and policy automation throughout the network, with full visibility across virtual and physical environments. Enterprises and service providers can now plan to deploy at scale as they fully leverage both public and private cloud investments.
Related:
Nuage Networks OpenStack Ecosystem
OpenStack Networking for DevOps Clouds (2015 OpenStack Summit – Vancouver)
Produban / Banco Santander OpenStack Case Study with Nuage Networks
Open Hybrid Clouds Built with Nuage Networks and Red Hat