OpenvSwitch OVN在本月(2015年1月)发布,它将tenant的概念引入openvswitch正式将手伸向neutron的地盘提供对L2/L3网络虚拟化的支持(logical switches, distributed logical l3 processing, software and hardware gateway, in-kernel based security groups, and L2/L3/L4 ACLs, tunnel-based[VXLAN, NVGRE, Geneve, STT, IPSec]). 看样子,neutron及openstack最好的归宿就是将精力集中在微内核,提供北向API,建立生态,外围的像这,像Service Framework都交给第三方去做。
其架构如下, ovn-controller相当于neutron中的l2/l3 agents,它运行在每一个hypervisor上,直接通过opflow协议在南向和ovs-vswitched打交道。ovn database相当于neutron db。
OVN Database
|
|
(OVSDB Protocol)
|
+-------------------------------------------------------------------+
| | |
| | |
| ovn-controller |
| | | |
| | | |
| +--------------+ +--------------+ |
| | | |
| | | |
| (OVSDB Protocol) (OpenFlow) |
| | | |
| | | |
| ovsdb-server ovs-vswitchd |
| |
+---------------------------- Hypervisor ---------------------------+
至此,通过与neutron对比,它是做什么的,其原理我们就都清楚了。我们再着重看看它的数据库设计, 如下图:
1, PN, 相当于neutron中的provider network, ok,理解了。This contains all the information necessary to wire the
overlay, such as IP addresses, supported tunnel types, and security keys.
2, LN, 相当于neutron中的tenant network, 所有虚拟网络相关的东西,如logical switches and routers, ACLs, firewall rules
3, Bindings, 相当于neutron中的port binding,用于它和外界交换数据。
4, 数据库的选型
5, 云管理系统,写一个neutron plugin利用openstack来管理。
+----------------------------------------+
| Cloud Management System |
+----------------------------------------+
| |
| |
+------------------+ +------------------+ +------------------+
| Physical Network | | Logical Network | | Bindings |
| (PN) | | (LN) | | |
+------------------+ +------------------+ +------------------+
| | | | | |
| | | | | |
+----------+---------+----------------------+ |
| | | |
+-------|------------+----------+-----------+
| |
+----------------+ +----------------+
| | | |
| Hypervisor 1 | | Hypervisor 2 |
| | | |
+----------------+ +----------------+
参考:
1, http://openvswitch.org/pipermail/dev/2015-January/050380.html
2, http://openvswitch.org/pipermail/dev/2015-January/050379.html