|
| 1 | +.. meta:: |
| 2 | + :description: Netris-CloudStack Integration |
| 3 | + |
| 4 | +High-Level Concept of Integration |
| 5 | +================================= |
| 6 | + |
| 7 | + |
| 8 | +The integration of Netris with Apache CloudStack provides a robust and scalable networking solution, addressing the limitations of traditional switch fabrics and enhancing the network capabilities of CloudStack. |
| 9 | + |
| 10 | +How It Works |
| 11 | +------------ |
| 12 | + |
| 13 | +* Hypervisors as VTEPs: Hypervisors terminate VXLAN tunnels, acting as Virtual Tunnel Endpoints (VTEPs). |
| 14 | +* BGP EVPN Signaling: Netris uses BGP EVPN to exchange MAC and IP address information, creating a dynamic and scalable control plane for VXLAN. |
| 15 | +* Integration Points: |
| 16 | + |
| 17 | + * The CloudStack Controller communicates with the Netris Controller API to exchange network configuration and metadata. |
| 18 | + * VXLAN fabrics are extended between CloudStack and physical switch networks using BGP/EVPN. |
| 19 | + |
| 20 | + |
| 21 | +Challenges Addressed |
| 22 | +-------------------- |
| 23 | + |
| 24 | +* Overcomes the VLAN limitation of 4096 IDs by leveraging VXLAN, supporting millions of isolated VPCs. |
| 25 | +* Eliminates the “island” effect of CloudStack’s multicast-based VXLAN by integrating with the physical switch fabric. |
| 26 | +* Replaces CloudStack’s virtual router with Netris SoftGate, offering scalable NAT, load balancing, and traffic control. |
| 27 | + |
| 28 | + |
| 29 | +Benefits |
| 30 | +-------- |
| 31 | + |
| 32 | +* Scalability: Support for millions of VPCs with overlapping IPs. |
| 33 | +* AWS-Like Services: Enables Direct Connect functionality and scalable load balancing. |
| 34 | +* Automation: Simplifies network operations with centralized control via the Netris Controller. |
| 35 | +* Cost-Efficiency: Uses multi-vendor hardware and commodity servers, reducing infrastructure costs. |
| 36 | + |
| 37 | +Use Cases |
| 38 | +--------- |
| 39 | + |
| 40 | +* Large-scale Apache CloudStack Providers needing a scalable alternative to VLANs. |
| 41 | +* Enterprises transforming their traditional data centers into private cloud environments. |
| 42 | +* Hosting providers seeking AWS-like network functionality for their customers. |
| 43 | + |
| 44 | +.. image:: images/acs-infra-diagram.png |
| 45 | + :align: center |
| 46 | + |
| 47 | + |
| 48 | +Compute and Network Architecture |
| 49 | +================================ |
| 50 | + |
| 51 | +The current infrastructure for Netris-CloudStack integration is designed to support scalable and dynamic networking for cloud workloads. Below is a breakdown of the key components and their roles: |
| 52 | + |
| 53 | +Diagram Overview |
| 54 | +---------------- |
| 55 | + |
| 56 | +The diagram illustrates the interconnected infrastructure, consisting of: |
| 57 | + |
| 58 | +1. Leaf and Spine Switches: |
| 59 | + |
| 60 | + * These form the core networking layer, enabling high-speed and fault-tolerant connections. |
| 61 | + * Spine switches (Spine 1 and Spine 2) aggregate traffic and connect to the leaf switches. |
| 62 | + * Leaf switches (Leaf 1 and Leaf 2) connect directly to the compute nodes and softgates, ensuring efficient traffic distribution and handling VXLAN traffic. |
| 63 | + |
| 64 | +2. Softgates: |
| 65 | + |
| 66 | + * Softgates play a critical role in integrating physical and virtual network environments. They are responsible for: |
| 67 | + |
| 68 | + * NAT Function: Enabling secure communication between private and external networks. |
| 69 | + * Elastic Load Balancer: Distributing traffic across multiple resources for high availability and scalability. |
| 70 | + * Network Access Control: Enforcing access policies for secure communication. |
| 71 | + |
| 72 | + * Additionally, they bridge VXLAN and traditional networks and support BGP/EVPN-based signaling for dynamic routing. |
| 73 | + |
| 74 | +3. Servers: |
| 75 | + |
| 76 | + * Server 1: Designated as the CloudStack Management Node, responsible for orchestrating the environment. |
| 77 | + * Server 2, Server 3, and Server 4: These are KVM hypervisors managed by CloudStack, functioning as VTEPs for VXLAN tunnels. |
| 78 | + |
| 79 | +4. OOB (Out-of-Band) Switch: |
| 80 | + |
| 81 | + * An Out-of-Band (OOB) switch connects all servers for administrative purposes. |
| 82 | + * This switch allows administrators to: |
| 83 | + * Access servers during emergencies. |
| 84 | + * Install software packages and perform updates. |
| 85 | + * Troubleshoot and manage servers independently of the main network. |
| 86 | + |
| 87 | +5. Internet eBGP: |
| 88 | + |
| 89 | + * Leaf switches are connected to external networks via eBGP, ensuring reachability for public and private traffic. |
| 90 | + |
| 91 | + |
| 92 | +Network Flow |
| 93 | +------------ |
| 94 | +#. Traffic flows between hypervisors (VTEPs) over VXLAN tunnels. These tunnels are dynamically configured using BGP/EVPN signaling. |
| 95 | +#. Softgates handle routing between overlay and underlay networks, ensuring seamless communication for workloads. |
| 96 | +#. The CloudStack Controller communicates with the Netris Controller API to coordinate network configurations. |
| 97 | +#. Leaf and spine switches provide a robust and scalable fabric to support high availability and performance. |
| 98 | +#. The OOB switch provides an independent path for server management, ensuring operational reliability. |
0 commit comments