Course: OVN – Open Virtual Network for Open vSwitch, v1.1
Duration: 5 days ( note that duration is extended from 4 to 5 days)
Course description: OVN course covers OVN – Open Virtual Network for Open vSwitch. Open vSwitch allows “network programming” on servers (typically hypervisors). Application can push flows into Open vSwitch bridges and they behave acording to these rules (comparing to traditional L2 bridges). Using flows, it is possible to implement switching, routing , ACL etc. Appllication that pushes flows can be simple application or complex distributed application which can e.g. implement logical network ( switches, routers) on multiple hypervisors. OVN is one such application. It is making progress and it is used more and more instead of some other approaches – e.g. it can replace default network implementation in Openstack neutron.
In this course, we will first give brief Open vSwitch overview with some labs. Next, OVN concepts are described. OVN features and underlying implementation is analyzed in theory and in number of labs. Logical switches are created, distributed routing is configured and explained, connection to external networks is analyzed, as well as e.g. NAT, ACL, DHCP and other features. This is done in number of steps so attendes should be familliar with OVN concepts at the end of this part which take most of time. Next, Openstack neutron implementation with OVN is described. Here, instead of mannualy creating switches, routers, ACL in OVN, Openstack plugin will create these objects as they correspond to Openstack objects. Using knowledge in previous part, attendees will analyze Openstack generated OVN configuration and will be ready to troubleshoot possible issues. Also, they will be ready to optimaly configure Openstack – e.g. configuring distributed FIP or schedulling routers on particular hosts.
Prerequisites: In short, this course assumes that atendees are operators (not end users of Openstack) on existing linux/openstack implementations with OVS but without OVN or they have similar knowledge. OVN can be used in other implementations, e.g. with containers. In this case, this course is also applicable as it provides detail overview of OVN networking in Part2.
Course content:
OVS intro
OVN intro
Part1- OVS and OpenFlow (short review from SDN course)
Openflow protocol
OVSDB protocol
OVS lab intro
Openvswitch
Introduction
Non openflow usage of openvswitch, labs
Linux veth pair, network namespaces
Using veth pair vs patches
Openflow usage of openvswitch, labs
Default behavior
Example with vlan tag manipulation
Using remote controller
OVSDB protocol
Overlay tunneling: VXLAN
Part2- Manual OVN configuration and details of operation
Lab intro
OVN chassis configuration
OVN L2 and principles of operation
OVN logical switching
Geneve tunneling in logical switching
Southbound flows
OVN trace
OVS flows generated by controller
Flooding
L2 port security
Tables in northbound and southbound databases
OVN internal L3
OVN distributed logical routing
OVN trace of routed packet
OVS flows with distributed routing
OVS flows trace
OVN external L3 connectivity
External connectivity to the flat network
Schedulling gateway router port – nonredundant mode – Option1
Schedulling gateway router port – nonredundant mode – Option2
Schedulling gateway router port – redundant mode
External connectivity to VLAN
Other features
NAT
SNAT
1-1 NAT
ACL
ACL – intro
ACL – statefull
ACL – statefull ovn-trace
ACL – allow incomming traffic
Portgroup
detrace
DHCP
DHCP trace
Localport
Container tagging and Openstack trunk ports
Part3- Openstack with OVN
Openstack lab intro
Remove openvswitch implementation components and neutron objects
Install OVN components
Configure OVN
Use Openstack with OVN
Self-service networks logical bridging
Create network and verify underlying implementation
Attach instance and verify underlying implementation and metadata implementation
Security groups implementation
Attach annother instance on other hypervisor
Test switching and verify tunneling
Self-service networks logical routing
DHCP implementation
Provider networking and logical routing
FIP implementation
Centralized FIP
Distributed FIP
Trunk ports in OVN