OVN (pronounced “oven”) is a rapidly growing, open source solution being developed by the Open vSwitch (OVS) community that provides network virtualization for OVS. While OVN isn’t designed to work with VMware Integrated OpenStack, it’s another OpenStack project to which VMware has been devoting time and effort, and definitely worth knowing about.
For a good sense of how OVN is progressing, check out this talk by four OVS community members at the 2016 OpenStack Summit. They explain how OVN works and why it’s worth trying.
VMware OVS developer Ben Pfaff kicks things off with an overview of network virtualization, emphasizing the value of being able to abstract a physical network and of making network provisioning self-service.
Fellow VMware engineer and core OVS and OVN developer Justin Pettit next outlines OVN’s capabilities and stresses its compatibility with the platforms that OVS already works with. When it comes to OpenStack, he reports, “the best integration that we have right now is with OpenStack Neutron but we plan to have it work with other CMSes . . . and you can do everything that you would want through the command line or through data base calls that you can do through Neutron.”
Like OVS, OVN is open source and vendor-neutral, and has quickly gained support from a diverse group of vendors including VMware, IBM, Red Hat, and eBay among others. The goal is to match OVS production quality and keep OVN’s design simple but scalable to 1,000s of hypervisors. “We hope it becomes the preferred method for most people who want to use OVS or networking in general,” Pettit says.
If successful, OVN will expand OVS, help improve Neutron’s functionality, and significantly reduce the development burden on Neutron for OVS integration. Add an improved architecture built around ‘logical flows’ and configuration coordinated through databases, and it’s set to outperform existing OVS networking plugins, Pfaff argues.
The same goes for security, adds Ryan Moats of IBM – OVN now uses a connection tracker, letting OVS manage state-full connections itself and speeding security group throughput significantly. Its L3 security group design also does all L3 processing in OVS, further improving performance.
The fourth speaker, Han Zhou of eBay, outlines how the group overcame a series of bottlenecks to scale the OVN control plane to 2,000 hypervisors, 20,000 VIF ports and 200 and logical switches operating at once.
The team then highlights ongoing scale improvements and profiles the OVN Neutron plugin. “We will run this in our public cloud,” says IBM’s Moats before outlining OVN deployment and what to look for in the upcoming OVN release. Finally, all four speakers invite their audience to contribute to OVN, and try it out for themselves.
VMware Integrated OpenStack is also available for testing in VMware’s Hands-on Lab. Or download it for a free with a current license for vSphere Enterprise Plus, vSphere Operations Management, or NSX with vSphere Standard.