neutron

Quantum bandwidth scalability question when limited to 1 network node

Asked by Greg andrus

I am looking to convert an existing 30 blade cloud from vmware to openstack. The current esxi cloud allows the hypervisors to independently service the network and storage needs of their respective vms. I am currently running openstack folsom using nova networking on each hypervisor in a small 3 server setup. Knowing nova network is being replaced by quantum i was looking into using quantum on the 30 blade environment. I am confused when i see that quantum appears to use a single node to move all traffic in and out of the cloud. If that is true, how can it scale from a network bandwidth perspective? The cloud in question is a corporate development and test resource. All vms must access the internet and cloud users are authenticated external to the cloud and use external terminal servers as launch points into the cloud with (rdp for windows vms) and (ssh/vnc for linux vms). I am new to openstack and may have misunderstood the quantum architecture. thank you.

Question information

Language:
English Edit question
Status:
Solved
For:
neutron Edit question
Assignee:
No assignee Edit question
Solved by:
Aaron Rosen
Solved:
Last query:
Last reply:
Revision history for this message
Mathieu Rohon (mathieu-rohon) said : 		#1

Hi greg,

you're right about the architecture. In Folsom, only one l3-agent and one dhcp-agent are supported. So, traffic coming out and coming in from the cloud have to go through this l3-agent. This will be solved in grizzly, with the quantum-scheduler, that can be used to deply several agent.
Have you already had a look to provider networks? This could be a possible workaround for you, if you can't wait fo grizzly. You can use a shared provider network, backed on a vlan that has access to internet.

Revision history for this message
Greg andrus (gregory-andrus) said : 		#2

Hi,
Thank you for your input. Let me research your proposed workaround.

Revision history for this message
Greg andrus (gregory-andrus) said : 		#3

Hi,
I reviewed the openstack networking administration guide (trunk feb4, 2013). I want to be clear on what you are recommending, it is key to my design. Page 5 and 6 show 2 use cases where only flat addresses are used, therefore the vms could reach the physical router without having to stop off at the quantum l3 service. Without using floating addresses, snat or dnat processing would not be needed. they would still use the centralized quantum dhcp service to get their ip. It even looks like the multiple flat network use case could work as long as each compute node had mutliple bridges, one for each network.

Another design element is that my entire environment (which includes the openstack cloud) is using rfc1918 address space with snat overload and dnat for dmz web hosting at my perimeter fws and routers.

Did I get your recommendation correct?

Revision history for this message
Aaron Rosen (arosen) said : 		#4

Yes, you seem to understand. If you use vlans (you can overlap rfc1918 space) or flat networking traffic will flow directly to your physical router and not through the l3 agent. If using the OVS plugin you will need to create multiple bridges to join together multiple flat networks on different ethernet interfaces.

Revision history for this message
Best Aaron Rosen (arosen) said : 		#5

One more thing is that you can also have a network node running the l3 agent and create overlay networks with that along side of your provider networks.

Revision history for this message
Greg andrus (gregory-andrus) said : 		#6

Thanks Aaron Rosen, that solved my question.