From Bare Metal to Cloud: Introduction to OpenStack Neutron — OVN Architecture

Posted on by Gene Kuo
從裸機到雲端:OpenStack Neutron — OVN Plug-in 架構

The previous article introduced OVN; this article will delve into the reference architecture of the OVN Plug-in within OpenStack.

Architectural Layout

In the reference architecture, OVN components are divided into four different types of nodes, each responsible for different tasks.

Controller Node

The Controller node primarily provides the following functions:

  • 1 management interface
  • Identity Service (Keystone)
  • Image Service (Glance)
  • Network management via the OVN ML2 mechanism driver (control plane)
  • Compute resource management (Nova control plane)

Database Node

The Database node is primarily responsible for OVN-related databases, including the following components:

  • 1 management interface
  • ovn-northd
  • OVN Northbound Database
  • OVN southbound database

Compute Node

The Compute node includes the following components:

  • 2-3 interfaces for management, overlay, and provider networks
  • Nova-compute
  • Hypervisor (KVM)
  • ovn-controller
  • ovs-vswitchd
  • ovsdb-server and OVS local configuration (conf.db) database
  • ovn-metadata-agent

Gateway Node

The Gateway node includes the following components:

  • 3 interfaces for management, overlay, and provider networks
  • ovn-controller
  • ovs-vswitchd
  • ovsdb-server and OVS local configuration (conf.db) database

Hardware Layout

For the hardware layout, you can refer to the diagrams in the official documentation to get a general understanding of the minimum requirements for each node.

Software Layout

The software layout in the official documentation diagrams introduces the processes running on each node. Only processes closely related to OVN are listed; other services like Keystone are not included.

Note that this is only an official reference architecture. When there are not enough nodes, some components can be run on the same node.

OpenStack Networking Integrated with OVN

The deployed OpenStack network architecture generally looks like this:

When using networking-ovn, all east-west traffic passing through virtual routers is fully distributed, moving directly from compute node to compute node without passing through a network node. This reduces latency and potential bottlenecks.

North-south traffic requiring SNAT (without a floating IP) will need to pass through a gateway node. When you have multiple gateway nodes, OVN's built-in HA ensures that network connectivity is not affected if one node goes offline.

Floating IP deployment methods are further divided into the following two types:

Centralized Floating IPs

Under this architecture, all north-south traffic passing through the router goes through the gateway node, so compute nodes do not need the capability to communicate with external networks.

Distributed Floating IPs (DVR)

In this architecture, North-South traffic for Floating IPs passes through a specific provider network bridge and exits directly from the compute node. Consequently, the compute node requires external network connectivity.

Each compute node includes the following components:

Additionally, you can have multiple different provider bridges connecting to different provider networks.

Summary

This covers the overall network architecture when using OVN for OpenStack Networking. In the next post, we will briefly compare the differences between using OVN and OVS in OpenStack.

Copyright Notice: All articles on this blog are licensed under CC BY-NC-SA 4.0 unless otherwise specified.

No comments yet

Leave a Reply