The next generation of cloud networks - those VPC functions and their implementation based on OpenStack Neutron

The next generation of cloud networks - those VPC functions and their implementation based on OpenStack Neutron (3) - routing and tunneling

Cat breeders who don't understand cloud computing don't make good hackers

In the last article ARM hosting in the series,

The new generation cloud network -vpc- and the implementation of Neutron based on OpenStack (II)- Zhihu column are described in depth, focusing on the principle and implementation of bandwidth QOS, which is an important multi-tenant function scenario in the network.

First of all, we also give an AIO-style Cloud platfrom provider REST API sample code, which can be used independently without modifying the neutron code.

opencloudshare/Op_vmqos

The logic detailed in the previous article is to find the host of the cloud host virtual NIC device using the OpenStack API and perform TC writes on the host via Paramiko.

If used, you can flexibly virtual private cloudmodify parameters such as regions, domains, and the default parameters used in the code.

To find a virtual NIC device is not necessarily through the VM id, we can modify it according to the needs of the enterprise. For example, in a previous project, I learned the function of "automatic bandwidth expansion according to China's current social network information traffic data", which is simply "when the current cloud assets increase the bandwidth resource utilization rate to reach X, the automatic control continues to expand the bandwidth problem enjoyed by the cloud assets through the design of a controller". At that time, there was no Ceilometer in environment management. The solution used was to install Zabbix agent on the host computer to realize automatic analysis and discovery of all network adapter technologies. Then, using the monitoring capability and triggering the threshold value, QOS REST API was called after the value was passed. This is the student's specific NIC device name, not the VM id.

The implementation of Layer 3 shared bandwidth is the same as the control principle, except that when the NIC device name is extracted from the l3 namespace, it is a method related to the router port.

Moving on to today's topic - routing, tunneling, and cases - hybrid clouds make up a large part of the actual cloud computing scenario. In general, our conceptual definition of a hybrid cloud refers to a cloud environment that combines the content of a private cloud with the content of a public cloud.

The classic example often cited at major summits is Sina's hybrid cloud architecture for Weibo. It includes challenges in business, network, storage, terminals, etc., as well as challenges in control, operations management, flexible scheduling, etc.

The "private cloud content" mentioned above can actually be extended to "any private IT environment." Every cloud engineer must have encountered many needs to connect previous IT construction projects with the new cloud computing environment under the concept of "cloud". Just as in private cloud projects, customers often request mutual access with their previous IT facilities, rather than simply deploying a fragmented environment or migrating. Directly using VLAN technology to connect a tenant network to an external network may not be a universal choice, as the former is more intrusive than VXLAN Layer 2 +VPC networks and requires more complex routing control at the gateway level. NAT technology raises the level of network connection to a higher level, and users have a clear perception. The large number of cloud assets and the demand for all ports, the control of NAT rules and the number of IP that can be used by the upper layer network become bottlenecks. Therefore, tunnel technology becomes a better choice.

vpc computer network

1