In LINE we operate massive scale messaging service with 200+ million active users, where fair share of the service components are being hosted on our 2 private OpenStack-based clouds that are currently in a 50.000+ cores scale range, and growing rapidly.
As our cloud expanded into new regions, in order to achieve better scalability, we had established a CLOS type network underlay all the way from top level fabric routers to the hypervisor itself, while keeping our cloud architecture fairly simple.
In this new architecture, the Hypervisor would exchange routes to its VMs with ToR switches, thus providing the VMs with the external L3 connectivity and completely isolating L2 traffic between instances, on hypervisor and cloud level. Neutron currently does not support such use-case, so we had implemented a custom plugin and agent to make it possible.
In this session we will explain how we had implemented such solution in Neutron.
Our talk will cover the following topics:
- The motivation behind adopting CLOS network architecture all the way to the hypervisor level
- How did we achieve VM connectivity while keeping L2 isolation
- How did we implement L2-isolated Neutron network plug-in & agent
- Share the experience running of fully L2-isolated VMs
- Discuss other possible use cases and future work on our L2-isolated agent
