IPv6 and OpenStack
You can’t go anywhere these days without hearing about cloud-based services. Even novice Internet users who are not tech-savvy now refer to the Internet as “the Cloud.” These people are not the least bit familiar with the IT infrastructure required to establish a cloud service or the software that is used to manage and maintain a cloud service. Thankfully we have experienced IT staff to handle those minute details and thankfully we have OpenStack.
OpenStack is an open-source Apache License software system written in Python that helps facilitate the building and maintenance of cloud-based infrastructure. OpenStack components work together to allow the deployment of pools of compute, storage and network virtualization resources to form Infrastructure as a Service (IaaS) cloud systems. There are various software components that make up the OpenStack architecture and an IT administrator can interact with the system through a web dashboard, a RESTful API, CLI tools, and other configuration files and settings. The full OpenStack architecture is modular and now has many various code-named components for configuration of compute resources (Nova), object storage (Swift), block storage (Cinder), networks (Neutron), the Horizon dashboard, among many others.
OpenStack is gaining ground among the largest IT companies who traditionally sell proprietary systems that lead to vendor lock-in. The fact that these companies have embraced OpenStack shows what a powerful movement this is and how exceptionally the OpenStack community is operating. OpenStack development is very active and it is keeping pace with the latest data center virtualization and networking technology trends; with one of these trends being the increased adoption of IPv6.
OpenStack History and Lineage:
OpenStack was first created in 2010 as the result of research done by NASA and Rackspace Hosting. Now the development of OpenStack has grown well beyond the initial research stage and many organizations are involved in its development – and many more organizations are utilizing OpenStack for their own cloud infrastructures.
OpenStack releases are timed roughly every six months to coincide with their community conferences. However, early on, OpenStack releases were occurring quite frequently because of rapid development efforts. Austin was the name of the first OpenStack released at the end of 2010. In early 2011 the next OpenStack release named Bexar was released, which included integration with Ubuntu 11.04. In Spring 2011 the next release, named Cactus, arrived. And later in 2011 OpenStack “Diablo” appeared, followed by “Essex” in 2012 and "Folsom" later that same year. There seems to be an alphabetical pattern forming here.
In 2012, the OpenStack Foundation was formed to help promote OpenStack software and coordinate efforts among the vast numbers of code contributors. The OpenStack Foundation is non-profit group that helps to promote the benefits of using OpenStack and fosters an ecosystem of developers, users, and companies that help OpenStack grow. The OpenStack Foundation now has almost 10,000 members from all over the world.
As mentioned before, many new products are often launched with only IPv4 capabilities. It isn’t until later in their lifecycle that IPv6 capabilities are painstakingly added to products out of necessity to keep them current. Refreshingly, that was not the case with OpenStack. IPv6 features started to appear as early as the Bexar release. Starting in the Bexar release you had to set the “use_ipv6” flag to true for the Nova process Common function. In the Cactus release more IPv6 capabilities were added to the Nova Compute module. However, as the subsequent releases (Diablo, Essex and Folsom) were released, no new significant IPv6 capabilities were added.
OpenStack Grizzly was released in the Spring of 2013 and it inherited the IPv6 capabilities from the earlier OpenStack releases. Ciprian Popoviciu and his team at Nephos6 created a tremendously useful tutorial on how to set up a Grizzly OpenStack deployment to use IPv6. Because IPv6 is not supported out of the box there are many settings required to get it to work (and prior to this document very little information was available on the subject). This document takes you through the settings for configuring IPv6 for a simple multi-tenant infrastructure example. The document also follows some of the challenges they encountered along the way with IPv6 configuration.
Havana was the name of the eighth release OpenStack and became available in October 2013. Once again, Nephos6 created an updated IPv6 deployment guide for the Havana release. This document follows the same style of multi-tenant environment, but there were fewer challenges encountered with dual-stack deployment. The document also covers the Open vSwitch and a few of the issues an implementer is likely to encounter.
Icehouse is the name of the most current OpenStack release (April 2014). Shixiong Shang has created a presentation on the topic of configuring IPv6 with OpenStack Icehouse. Thanks should be given by the OpenStack community to Nephos6 for highlighting the importance of dual-stack configuration for cloud environments that may eventually streamline IPv6 deployment.
Currently, work is being done on the OpenStack Juno release that will be issued later this year (as well as the subsequent Kilo release in 2015). Groups are already planning for some new IPv6 features in Juno and Kilo. Improvements would include better ICMPv6 RA support in Neutron, RADVD support, Dnsmasq and DHCPv6, DHCPv6Prefix Delegation, among others.
DDI and OpenStack:
One of the key OpenStack configuration issues highlighted by the Nephos6 research and testing team revolved around the assignment of IPv6 addresses to Nova compute instances. When OpenStack is used to facilitate instantiation of a new IaaS service, implementers must be careful with how VMs are getting assigned address and how DNS resolution is performed. Every time you instantiate a new virtual compute instance, it needs both an IPv4 and IPv6 address. Ideally, it would be able to be given both an IPv4 address and an IPv6 address from an IP Address Management (IPAM) system. Using a process of address assignment was tied into a robust IP Address Management (IPAM) system for determining what IP addresses (IPv4 or IPv6) were available to allocate new compute nodes. This would help prevent duplicate addresses and gain greater address efficiency. Ed Horley’s previous Infoblox blog covered the importance of having a DDI solution integrated with open-source systems like OpenDaylight and OpenStack.
OpenStack Neutron (i.e. Network Service) has some IPv6 limitations with its L3 agent and L3 router extension. In the configuration of OpenStack, IP addresses can either be statically assigned or assigned with DHCP. When it comes to IPv6 systems, static configuration of addressing is very similar to IPv4 address static configuration (with the possible exception of an IPv6 link-local next-hop address for the first-hop router). For DHCPv6 to work properly in OpenStack it requires that an ICMPv6 Routing Advertisement (RA) message must be send by the local router. In my previous blog we covered the importance of the RA message for address assignment in server networks and end-user access networks. That is the area where most of the OpenStack dual-protocol configuration issues were encountered.
There are many resources available online for those who want to learn more about OpenStack. One thing that you can do is join your local OpenStack MeetUp. MeetUp is a web site that helps small local groups get organized and meet face-to-face. MeetUp has over 18 million members and over 160,000 groups and the OpenStack community has leveraged this format to get like-minded individuals together. The OpenStack MeetUp groups meet to share ideas, discuss current OpenStack topics, and coordinate their efforts in contributing and testing code. For example, in my neighborhood we have the “Denver OpenStack” group that meets monthly and covers various topics related to OpenStack. There is probably a similar OpenStack MeetUp in your neighborhood.
If you want to learn more about IPv6 and how it is used with OpenStack, cloud systems, SDN, the Internet of Things (IoT), then you should consider attending the 7th annual 2014 North American IPv6 Summit. This is the largest IPv6 event in North American and it is being held in Denver, CO, USA September 23-25. In fact, Infoblox is the premier diamond-level sponsor of this year’s conference. More information on this year’s conference and past materials on IPv6 is available for free at http://www.rmv6tf.org/. If you can’t make it to Denver, but still want to gain the knowledge, you can register to attend the virtual conference for only $30. We hope to see you there!