Brocade Network Plugin to Orchestrate Brocade VDX Switches

Bug References

CLOUDSTACK-6823

Branch

TBD

Introduction

CloudStack is an open source cloud orchestration platform for creating infrastructure as a service (IaaS) clouds. It automatically configures virtual machine’s networking and storage settings. Brocade Network Plugin for VDX switches provides a means to automatically orchestrate Brocade’s physical switches when VMs are created and attached to network without any intervention from the administrator. The plugin also implements the capability to monitor the availability of the switch.

Brocade VDX switches running Network Operating System 5.0 or above are supported. The following models are supported: VDX 8770, VDX 8770-8, VDX 8770-4, VDX 6740, and VDX 6740T. It uses REST APIs at the backend for configuring and getting the operational status of the Brocade switch. The plugin orchestrates physical switches at appropriate times in the life cycle of a virtual machine. Tenant isolation is provided via VLAN.

Purpose

This is functional specification of Brocade Network Plugin which has Jira ID: CLOUDSTACK-6823. 

Document History

Glossary

Feature Specification

Feature Summary

This plugin is focused on providing L2 services initially with other services coming in later. This feature is about a CloudStack network-guru plugin to automatically orchestrate Brocade’s switches to provide tenant isolation via VLAN. When isolated networks are created from CloudStack and allocated VLAN, a port profile is created on the switch for the network with the VLAN profile for the allocated VLAN which defines the VLAN membership for the overall port profile. When a VM is created and attached to the network, the VMs MAC address is associated with the port profile of the network. The port profile is applied to the switch when the MAC address is learned. When the VM is deleted, the VMs MAC address is disassociated from the port profile of the network. When an isolated Network is deleted, the port-profile for the network is deleted from the switches. The plugin also implements the capability to monitor the availability of the switch when it is configured first time. If there are no isolated Networks using the physical switch, the monitoring capability is disabled for the switch.

The Brocade Network Plugin orchestrates Brocade’s switches using REST APIs. 

Configuration Characteristics

The plugin is configured with Brocade VDX Switch details (like IP Address, Username/Password) using APIs or GUI for Brocade VCS Service Provider. The APIs are listed in WebServices APIs section below.

WebServices APIs

• addBrocadeVcsDevice: Adds a Brocade Vcs Switch

Request Parameters

Response Tags

• deleteBrocadeVcsDevice: Delete a Brocade Vcs Switch

Request Parameters

Response Tags

• listBrocadeVcsDevices: Lists Brocade Vcs Switchs

Request Parameters

Response Tags

Assumptions

• • For Logical Chassis cluster mode, the VDX switch details are provided for the principal switch on VCS cluster.
  • All the configurations are done on the running configuration on the switch. So, for Fabric cluster mode the running configurations will not be copied to the startup configuration after restart.

Test Guidelines

Specify the required information in the property files as described above. The following tests should be verified for feature:

• Create an isolated network; verify that the port-profile is created on the Brocade switch.
• Attach a VM to the network; verify that the VMs MAC address is associated with the port profile of the network on the Brocade switch.
• Add VMs to the same guest network but on different hosts and verify connectivity.
• Check the availability of the switch by using the CloudStack API: http://<managerment-server>:8096/client/api?command=listHosts&type=L2Networking. This should list the switch with its availability status.
• Delete VMs for an isolated network; verify that the VMs MAC address is disassociated with the port profile of the network on the Brocade switch.
• Delete the isolated network; verify that the port-profile is deleted from the Brocade switch.

Interoperability and Compatibility Requirements

• CloudStack supported KVM Hypervisor, VMWare, XenServer
• Brocade VDX switches running Network Operating System 5.0 or above. The following models are supported:
• VDX 8770, VDX 8770-8, VDX 8770-4, VDX 6740 and VDX 6740T

Use Cases

Following use cases are covered by this plugin implementation:

• In a typical deployment with Brocade switches, when an isolated Network is created and the first VM is attached to it, the network is allocated a VLAN ID. This VLAN will be configured on switches as well.
• When an isolated Network is deleted, the VLAN ID for the network is deleted from the switches as well.
• The monitoring of the availability status of the switch is enabled when the switch is configured first time.
• When all the isolated Networks using the switch are deleted, the monitoring capability is disabled for the switch.

Architecture and Design description

A typical CloudStack deployment will have hypervisors, L2/L3 switches, Routers, Storage devices etc. The CloudStack Management server manages the resources like hypervisor hosts, storage devices etc. Also, CloudStack has a plugin framework through which we can orchestrate the physical switches (like Brocade VDX).

To provide a virtualized network in the cloud, traffic originating from the VMs of tenants must be isolated. The isolation of traffic can done using VLANs. These VLANs needs to be configured both at the hypervisor hosts and the physical switch. CloudStack automatically creates and destroys interfaces bridged to VLANs on the hypervisor hosts. Brocade Network Plugin will be focused on providing guest traffic isolation via VLANs by configuring the same to the Brocade switches via AMPP.

The plugin is configured with Brocade VDX Switch details using APIs or GUI for Brocade VCS Service Provider. It is implemented as a NetworkGuru in CloudStack. When the CloudStack Management Server comes up it loads all the available NetworkGurus.

When an isolated Network is created, the NetworkOrchestrator in CloudStack checks the capabilities of all the NetworkGurus and selects the one based on the isolated Network configurations and calls it to implement the network. The BrocadeGuestNetworkGuru would expose it’s capabilities for isolated guest Networks.

To orchestrate Brocade’s switches, the plugin uses REST APIs.

Figure 1 shows the virtual network orchestration using the Brocade Network plugin.

DataBase Tables

Following tables are created for the plugin:

1. external_brocade_vcs_devices: For storing the Brocade Switch details.

      Schema

  `id` bigint unsigned NOT NULL AUTO_INCREMENT COMMENT 'id',

  `uuid` varchar(255) UNIQUE,

  `physical_network_id` bigint unsigned NOT NULL COMMENT 'id of the physical network in to which brocade vcs switch is added',

  `provider_name` varchar(255) NOT NULL COMMENT 'Service Provider name corresponding to this brocade vcs switch',

  `device_name` varchar(255) NOT NULL COMMENT 'name of the brocade vcs switch',

  `host_id` bigint unsigned NOT NULL COMMENT 'host id coresponding to the external brocade vcs switch',

  PRIMARY KEY  (`id`)

2.  brocade_network_vlan_map: For maintaining the mapping of the network and it’s vlanid.

Schema

  `id` bigint unsigned NOT NULL AUTO_INCREMENT COMMENT 'id',

  `network_id` bigint unsigned NOT NULL COMMENT 'id of the network',

  `vlan_id` int(10) COMMENT 'vlan id of the network',

   PRIMARY KEY  (`id`)

Class Diagram

Figure 2 shows the class diagram for the Brocade Network plugin. The following classes are added for the plugin:

1. BrocadeVdxGuestNetworkGuru: This is the implementation of the NetworkGuru interface which is invoked by the NetworkOrchestrator when an isolated Network is created/deleted and VM is attached to it or deleted. This class implements the network and creates a port profile on the switch, associates the VMs MAC address to the port profile when VM is created. When the VM is destroyed, VMs MAC address is disassociated from the port profile. When the network is deleted, the port profile for the network is deleted. The port profile name uses the id of the network to uniquely identify it.
2. BrocadeVdxResource: This is the implementation of ServerResource interface. This class provides methods to execute the requests to communicate with the Brocade switch.
3. BrocadeVdxElement: This provides implementation for the APIs for adding, deleting and listing Brocade switches. This creates an instance of  BrocadeVdxResource for each Brocade switch and sends it to the ResourceManager for creating agent for this resource and deletes it at the time of delete operation.
4. BrocadeVdxApi: This provides the API layer for interacting with the switch and makes REST API calls to the switch for configuration and operational status.
5. CreatePortProfileCommand: This provides the implementation of the create port profile command. The BrocadeVdxGuestNetworkGuru creates an instance of this command for each request for creating port profile (when the isolated network is created) and sends it to AgentManager which in turn calls the BrocadeVdxResource to execute the request for this command.
6. AssociateMacToPortProfileCommand: This provides the implementation of the associate mac to Port Profile command. The BrocadeVdxGuestNetworkGuru creates an instance of this command for each request for associating VMs MAC address to port profile (when the VM is created) and sends it to AgentManager which in turn calls the BrocadeVdxResource to execute the request for this command.
7. DisassociateMacFromPortProfileCommand: This provides the implementation of the disassociate mac from Port Profile command. The BrocadeVdxGuestNetworkGuru creates an instance of this command for each request for disassociating VMs MAC address from port profile (when the VM is deleted) and sends it to AgentManager which in turn calls the BrocadeVdxResource to execute the request for this command.
8. DeletePortProfileCommand: This provides the implementation of the delete port profile command. The BrocadeVdxGuestNetworkGuru creates an instance of this command for each request for deleting the port profile (when the network is deleted) and sends it to AgentManager which in turn calls the BrocadeVdxResource to execute the request for this command.
9. CreatePortProfileAnswer: This provides the result for the CreatePortProfileCommand execution.
10. AssociateMacToPortProfileAnswer: This provides the result for the AssociateMacToPortProfileCommand execution.
11. DisassociateMacFromPortProfileAnswer: This provides the result for the DisassociateMacFromPortProfileCommand execution.
12. DeletePortProfileAnswer: This provides the result for the DeletePortProfileCommand execution.

Sequence Diagrams

Port Profile Creation, VM MAC Association

Figure 3 shows the sequence diagram for port profile creation, VM MAC address association to port profile and enabling monitoring of the switch. The NetworkOrchestrator invokes the BrocadeGuestNetworkGuru to implement the isolated network at the time of first VM creation. The BrocadeVdxGuestNetworkGuru does a lookup from the database table for switches based on the physical network used for this network. The BrocadeGuestNetworkGuru then creates an instance of CreatePortProfileCommand and sends it to AgentManager. The AgentManager uses the agent created for this host to call the BrocadeVdxResource to execute this command by using the BrocadeVdxApi. The BrocadeVdxApi interacts with the switch using REST API to create port profile for this network on the switch.

The NetworkOrchestrator invokes the BrocadeGuestNetworkGuru to reserve the resource for the VM at the time of VM creation. The BrocadeVdxGuestNetworkGuru does a lookup from the database table for switches based on the physical network used for this network. The BrocadeGuestNetworkGuru then creates an instance of AssociateMacToPortProfileCommand for the VM MAC address association with network’s port profile and sends it to AgentManager. The AgentManager uses the agent created for this host to call the BrocadeVdxResource to execute this command by using the BrocadeVdxApi. The BrocadeVdxApi interacts with the switch using REST API to associate the VM MAC address to port profile for this network on the switch.