Hybrid Cloud Networking Design Based on Openstack Architecture

With the continuous increase of equipment and traffic, network development is facing a series of problems: complex management and operation and high cost, slow deployment and deployment of new services, lack of flexibility in traffic scheduling, and so on. Open Stack provides solutions for infrastructure as a service (Iaa S), a cloud operating system that can manage a large number of resource pools in the entire data center, including computing, storage, and network resources. This article combines SDN and Open Stack to achieve unified management of massive network devices in cloud data centers. Network administrators can optimize and maintain the network based on a global view of the network, reducing costs for creating cloud data centers. Through the research of this paper, the hybrid networking cloud platform suitable for the operator’s architecture proposed in this paper can better assist operators’ first-line implementation and operation and maintenance personnel to easily cope with the hybrid networking requirements of the cloud platform. Compared with the traditional cloud management platform, the hybrid network has strong operability.


Introduction
Data center virtualization is the mainstream trend of current Internet development. We use virtualization technology to turn server resources into resource pools that can be allocated on demand, which can greatly improve the utilization of hardware resources. As the degree of virtualization continues to increase, the number of virtual hosts continues to increase. How to automate and centralize management has become a new research direction in Internet technology, and cloud computing has emerged. However, with the continuous development of cloud computing technology, people have found that the existing network model can no longer meet the network requirements of the cloud platform. SDN is a new type of network design thinking. Compared with traditional networks, the biggest innovation is that it uses centralized control instead of distributed control, that is, the control plane and the data plane are separated. SDN's idea of isolating the control plane can effectively reduce the complexity and cost of the underlying forwarding equipment. The underlying forwarding equipment can be composed of general-purpose hardware to facilitate intercommunication between different vendors. This article simulates the implementation of the SDN network on the Open Stack cloud computing platform. It can make full use of the flexibility of Open Stack for resource scheduling to easily design and change the network topology. There is a visual adjustment and optimization of network performance before the actual deployment of the SDN network. The process can reduce the investment in the initial design and later maintenance of the SDN network [1].

Openstack architecture analysis
Openstack is an open source cloud platform architecture. On the one hand, it interacts with the host virtualization management software hypervisor on each physical server to manage and control the physical servers in the cluster. On the other hand, it provides users with cloud hosts that meet the configuration [2]. It forms an infrastructure-as-a-service (Iaa S) layer cloud platform construction plan through a series of related service components, and each component provides a corresponding API interface to realize the integration of each component [3]. The official components of Openstack are shown in Figure 1. The main components are as follows [4]: The Horizon component can provide openstack with an interactive interface with customers. Nova components are mainly related to the lifecycle management of virtual machines and part of the network management related to virtual machines [5].
The Neutron component is an important component of network management under the openstack architecture, mainly responsible for the construction and management of private networks.
Swift is the component that connects and manages object storage on the openstack platform; Cinder is a component that connects and manages block storage on the openstack platform; Keystone is responsible for the security authentication and communication components between the various components of openstack [6].
In addition to the above important components, Openstack also has some important components such as mirroring glance and monitoring ceilometer.
It can be seen from the above components that Nova has realized the generation of virtual machine meters under Openstack, swift and cinder provide virtual machine storage, and the network component is one of the important components of openstack. If there is no network, any virtual machine cannot communicate with the outside. Communication is just computing islands. Therefore, in order to realize the research of hybrid networking, detailed analysis of neutron components is required [7].

SDN Technology Research
SDN is a new type of network design idea, and its innovation lies in separating the control plane from the traditional network to achieve the purpose of centralized control. Its main features include the following three aspects.

Centralized control.
Separate the control plane from the tens of millions of underlying devices, so that the entire network can be regarded as a single device controlled by a controller. The controller has a network topology and can monitor the status of each device in the network in real time through the southbound interface. Operation status and traffic distribution in the network greatly reduce the cost of network management, operation and maintenance [8].

Network resource virtualization.
Use virtualization technology to realize the virtualization of the computing, storage, and network resources of the underlying equipment, forming computing, storage, and network resource pools. The upper-level applications do not need to care about the underlying physical equipment, but only need to configure and migrate the resource pool according to the requirements, which solves the traditional. The network is limited by the geogra phical location and capacity of the equipment, which improves the flexibility of network configuration [9].

Open programmable.
The centralized control plane of the SDN network simplifies the deployment of network functions. Through the open programmable interface of the SDN controller, the application plane can directly issue the network policy through the controller, without the need to separately configure each forwarding device at the bottom layer [10]. Figure 2 describes the three-tier network architecture of SDN: infrastructure layer, control layer, and application layer. The infrastructure layer contains the underlying forwarding equipment. At the same time, virtualization technology is used to abstract the underlying physical network into a logical network, thereby realizing network resources Flexible and schedulable.

Hybrid cloud network function analysis
According to Wikipedia's definition of cloud computing, companies have local IT infrastructure, while external IT infrastructure is provided by third-party service providers such as public clouds. The hybrid IT infrastructure composed of enterprise local IT and cloud computing forms a hybrid cloud. The composition of the hybrid cloud architecture is shown in Figure 3.
For the deployment of user services in a hybrid cloud service environment, logically, the network environment that carries user services can be divided into virtual networks and virtual networks. As shown in Figure 4, multiple virtual networks are constructed for a user, and the virtual networks are interconnected through a three-layer virtual gateway. For virtual networks located in two or more places, such as corporate internal networks and virtual networks in the cloud, three-layer interconnection will be realized through VPN tunnels. Therefore, the main function of hybrid cloud is to realize a virtual private cloud (VPC) network.   In this paper, combined with the openstack network architecture, we propose and design a hybrid networking platform architecture for operators. This architecture can use the hybrid networking cloud management platform to quickly implement hybrid cloud services. It abstracts a large number of business models and summarizes the hybrid networking. The dedicated line settings of the functional modules meet the needs of different physical networking. The article studies the rapidly developing SDN technology, which can realize the hybrid networking of SDN's VXLAN architecture.

Hybrid cloud networking design
Around the virtual network function design of the cloud platform under the openstack architecture, the entire functional framework is shown in the following figure.  Create network: Virtual network includes virtual two-layer network and virtual three-layer network, this function realizes virtual local area network VLAN. The virtual network is used to isolate the networks of different external platforms and different tenants. Each external platform can apply for multiple virtual networks. The virtual networks are isolated from each other and data cannot be exchanged. A virtual network can only be used by a certain external platform or tenant, or it can be shared by multiple tenants. A tenant can apply for one network or multiple networks.
Delete network and query network information: When the virtual network is no longer in use, you can delete the network to save VLAN resources. If the subnet in the network is in use, it cannot be deleted. Administrators and external platforms can view the detailed information of all virtual networks on the Iaa S system, including querying network details and querying network lists.
Subnet operation: A subnet is an IPv4 or IPv6 network segment used to assign IP addresses to virtual machine network cards. Each subnet must belong to a virtual network. Therefore, when creating a subnet, you must specify the virtual network to which it belongs. Similarly, when the subnet is no longer in use, it needs to be deleted. Administrators and external platforms can view the detailed information of all subnets on the Iaa S system, including query subnet details and query subnet list.
Virtual router operation: The virtual router realizes the three-layer interconnection function and is used to connect two or more two-layer networks. The virtual router can also implement network mapping and external network access functions. In addition, administrators and external platforms can set the uplink and downlink bandwidth of the virtual router. Administrators and external platforms can modify the designated virtual router information, including name, description, and uplink and downlink bandwidth. The administrator and the external platform can delete the designated virtual router. At this time, the Layer 2 network connected to the router cannot communicate. Administrators and external platforms can view the detailed information of all virtual routers on the Iaa S system, including querying the designated virtual router and querying the virtual router list. Network card operation: The virtual network card is the network card of the virtual machine. It is not a real network card. It is a software module that is virtualized by virtualization software and can realize the functions of a physical network card. The virtual network card can only be used when it is mounted on the virtual machine. One physical network card can virtualize multiple virtual network cards, and one virtual network card can only be mounted on one virtual machine. When creating a network card, you must specify the virtual network to which the network card belongs. You can specify an IP address for the virtual network card or dynamically assign an IP address through the DHCP service. If no fixed IP address is specified for the network card, an IP address will be selected for the network card in the subnet included in the virtual network. When creating a network card, you can specify the virtual machine to which the network card is mounted, the computing node to which the virtual machine belongs, and the egress physical network card for virtual network card traffic; if not specified, you can use the mount network card function to mount the network card on the virtual machine. Administrators and external platforms can modify the uplink and downlink bandwidth, maximum transmission unit, and access control list of the network card to achieve flow control and security protection for the virtual network. When the virtual network card is no longer in use, the network card can be deleted. If the network card has been mounted by the virtual machine, it cannot be deleted. Administrators and external platforms can view the detailed information of all virtual network cards on the IaaS system, including querying network card details and querying the list of network cards.

Conclusion
Hybrid clouds provide greater flexibility and provide enterprises with options that can maintain control and security at the same time. Companies that want to build a hybrid cloud architecture usually do so for the purpose of sharing workloads with public clouds, preventing cloud outbreaks, and accelerating product production. Because each hybrid cloud is based on different company requirements and implementation structures, there is no universal solution. Since the hybrid cloud environment includes local and public cloud providers, companies need to consider additional security issues related to public clouds. Any enterprise planning to deploy hybrid cloud should understand the security requirements of hybrid cloud and refer to existing hybrid cloud deployment experience and best practices to reduce risks. Aiming at the problem of difficult network maintenance for physical environment deployment, this paper proposes a hybrid cloud networking design under the Openstack architecture, which effectively solves the problem of intercommunication between virtual machines in the cloud platform and external physical devices and different networks, and proposes suitable operators Hybrid network architecture with network architecture characteristics.