 So, welcome everybody, thank you for coming to the hands-on test drive OpenStack Networking. We are directly like for few minutes we are going to go through the logistics, accessibility of the VNC viewer and about the documents we are going to touch a little bit on them and then we are going to let you know about the test cases which we are going to walk you through here live demo. So, in regards to the VNC viewer, you can see you have got an IP address and a password on your sheet. So, one thing I would like to let you know if you are not able to complete your test plan in this session or you are unable to access, please let us know about it. We will scan your information and then we will follow up with you by tomorrow in regards to acknowledging that we have got your request and coming Wednesday we will make sure that we provide you an ignition sandbox to try it in your lab environment and wherever you are comfortable. Few logistics about the VNC client, you can see if you have VNC client IP address colon 5901 it should take you into the screen put in the password and you should be seeing two screens there, one is plum grid ignition and then there should be two web browsers there. If you have a MacBook you can go if you have a MacBook then open up the Safari browser VNC and the port 5901 password it should work and if it is a PC I have heard a few people have some questions, but we tested it take the remote desktop connection you basically type in the IP address and then select VNC dash any that's an option you get and then you put the IP address in 5901 again with the password and it should take directly into the session. Have the download of the test plan? So one thing we would like to mention is please go to this link it's simple plum grid dot com slash forward slash plum grid dash ignition slash sandbox dash VNC and you will see a few documents on the right hand side these two documents these are the test plan and the user guide so have a handy copy of it we are going to walk you through these test plan and the user guide and also like after session is over because we just have 35 to 40 minutes you can keep continuing with the test plan and if you have questions you can send an email to us or put a support ticket for us I'll say let's leave it for two minutes there if you go back slide back yeah so I'll just give a like a half a minute and then we'll move it is I think so if it's not then we'll make sure moving forward what we are going to do in the open stack lab today we are going to create some open stack tenants as you can see we'll go into the console horizon we'll create the networks there and then we'll create a network topology for a three tier app then we'll jump into the plum grid console view to show how the mapping works and what are the things you will see in regards to the topology which is being built out there then we will basically go and look at the multi-tenant environment which has been created then few tests in regards to the external connectivity like how you can connect into external world and your open stack environment and the last one is a few about security policy enforcement so you can turn off and turn on and see which ports and which people communicate so we'll do a back all yours more so that everybody get a chance to download the copy of the test plan at least can people raise their hand if not I can say stay on the screen because that is going to be something that is going to be needed for you guys to go and do the lab in a self-paced manner yes sandbox user guide and sandbox test plan test plan is more important for right now in the follow-up session and you guys need to use it later on and just let you guys know don't worry about it 30 minutes is generally not enough to complete all these activities all of you on Wednesday will get an invite from us to actually sign up for this sandbox environment you will have an access for three days same test plan so you guys can go through it ideas we want people to get comfortable and familiar with how do you go and configure networking in an open stack environment that's the main idea and also to add we can basically schedule it according to your calendar also like we'll contact you you can tell us like what days and times you want the three-day access so we will basically enable the environment just for that specific time so it's it's according to your calendar and the availability so I mean internet connectivity was a little bit spotty earlier this one of show of hands still is okay that is unfortunately out of out of our control any luck with anybody being able to download the test plan yet okay so essentially there are two documents right the first one is the user guide in the user guide essentially on page 3 just talks about the environment you need to have some kind of remote access such as the VNC client to be able to access this instance which is a full-fledged and open stack install with plum grid right running as an instant in an Amazon environment obviously this is not designed for scale of performance testing where you will be able to go and configure test a full functionality of open stack networking and various aspects of our platform as well right so there is a open stack controller a plum grid director which is a management console of our solution running these are the two interfaces that you will access and then we have a compute node what we call as a plum grid edge and then there is also a plum grid gateway which allows you to connect from this virtual network infrastructure to the internet or an IP legacy IP environment okay this is just a background this is a test plan I will go along with you guys right again if you guys have a test plan you guys want to start doing it by all means people have different background different experiences I don't want to hold back the whole the whole class but essentially these are the six or seven different exercises that we you know let the customers come and and and conduct these exercises while the access there are our ignition environment right you will access the setup will create basic tenants first you will log in as an open stack cloud provider and you will log in as a tenant you will create a three tier application topology and then you will do it in a multi tenant environment essentially meaning multiple tenants having duplicate IP addresses yet they're going to be completely isolated from each other no conflict with each other then will allow you to make external connectivity where you will launch an instance and the instance will be able to connect all the way to say Google.com right and then if time permitting again we will go and configure the security policies which allows you to configure essentially equivalent of layer 4 access control is an open stack environment okay for this session today we will be using open stack horizon primarily as a console to go and configure but we will go and also look at the plumb grid console to look at some of the views and you know look at the statistics and your topology how your networks looks like okay so with that said the first again I'm going to scan through this one a little bit faster the first one is just accessing the environment and I'm going to go open VNC on Safari V and D will not work yes let me actually go ahead and this is internet is going to be log in first I'm going to log in as cloud admin so again my apology is the internet again it's slow so it's going extremely slow the default the password that we have set for you is admin change me and you're logged in as an open stack cloud provider as an admin one of the tabs that I would like you guys to now look at is the under the admin go under the identity panel and we will go ahead and create different as a cloud provider you're going to create tenants you're going to create different users okay so we for this exercise we will create one project and not one project will likely go ahead and create three of them click on create project call it tenant one admin change me on the horizon should work just double check your not logged into the plumb grid console which is actually plumb grid plumb grid so there are two windows open successfully created the first tenant let's just leave it as it is just we will go create additional users then we'll associate the users with different projects and that will take essentially the basic persona of a tenant yes give you very soon okay after you've created the project the next one is go ahead and create users and again for simplicity say for this exercise we will just match the tenant user name same as at the project so we can easily remember so tenant one password we can keep it as plumb grid or however you want to do it then you drop down the menu and you select the tenant one role as a member that's it that's with the same thing for user two and user three as a tenant two and a tenant three change me on horizon this is ten not everybody with me so far okay another thing we will look at is under the under the admin and you will look at networks you will see already an external network already created for this environment as a cloud provider what we have done it is we have created an external network okay this is already made visible to all the tenants but this is something we had done before before starting this right and as when we go into the tenant you guys this is only network which is already done everything else not going to be done from the tenant side okay and before I log out and log in as a tenant let's quickly take a look at the plumb grid console again in the test plan and when you guys have more time to play with again it's a lot of explanation there given over there so it's going to be more clear to you but just wanted to give you guys a quick view the key aspect of our platform which is you're going to be visualizing is the concept of virtual domain think of virtual domain as a logical network for your tenant in an open stack environment as you create projects an open stack you create tenants and you create networks for them on the plumb grid side view dynamically create the entirely isolated network for them and inside the virtual domain is where the topology of the tenants will be created now if you see you do not see any of the tenants created over there these are some of the default ones which are already created okay now I'm going to log out and I'm going to log in as tenant one so couple of things again you basically look at instances we have not spawned any instances an open stack you look at the network and by the way in case you guys are wondering this is the this is an RDO distribution based instance the network topology will only show an external network for you okay so an open stack when you want to go and bring up a tenant's three tier topology five tier topology or whatever the first thing you need to do is go ahead and create networks for them okay we'll call it web you can give a subnet name it's optional let's also call it web and you can select a private IP subnet here leave everything by by default again a very simplistic way right you know create a subnet the next one is leave it as it is we have by default DHCP is enabled on that subnet says tenants are going to come up sorry the VMs they will be dynamically given the IP addresses is go ahead and create it is everybody with me so far no okay we did I okay so I'll slow down and no don't anything just so if you want wondering where we are in the test plan we are on the exercise number two you've just created open stack tenants project users project users and now we are about to create three tier topology can I proceed or should I yes okay let's go create app also give it app subnet 55.0 slash 24 you can pick any IP addressing because they're always going to be isolated to this tenant they'll always be inside this virtual domain you can you know don't worry about this create everybody with me no I just created an app network right in the last one I'll do is I'll just do a DB then I'll pause so that everybody is 60.0 slash 24 next yes some logged in as a tenant one the IP you know then I just go ahead and create a three networks web app database just give them three different private subnet subnets and that's it and if you look at your topology in open stack horizon again external network was already there then web app and database networks are the one we just created okay now let's look at I'm going to be at boot duty as you guys know this is the view of the plum grade user interface the tenant one the project that we created dynamically we created a virtual domain for the for the tenant again this is a very very basic and ideas not to talk too much about the platform but platform is capable of much more interesting and complicated topology is based on your use cases right so plum grade plum grade yes so the if just if your browser does not have an already tap just open another tap and all of you will have the same IP HTTPS 10 dot 0 dot 3 dot 253 and that should bring you to the to the login screen it is in the actually in the user guide but I will give you it is plum grade plum grade for simplicity all lower case yeah so web network app network database network all three of them are showing here everybody with me so far so good okay and how much time we have so let's do this let's go ahead and create a router because I'm treated our topology we want to have a router and all three networks want them to connect to the router and open stack you first create the networks then you go ahead you go create a router I'm gonna call it router one then you click on the router itself okay then you go ahead and add interfaces and as you will hit the add interface look at the drop-down menu you will see the all the network that you have created so in my mind almost web app tier you know database I always select the web one first it automatically adds an interface to it okay then you can go back to the same thing for the app network click on add interface third one left was the database so far so good click on the router you will have field for add interfaces and then select one interface at a time okay essentially what you have already done is you have successfully connected a router with all three subnets to it this is the open stack horizon view you go to the plumb grid console initially it will look a little bit messy and then we can arrange it we can deploy it and you can retain a permanent view of your of your topology this is very slow so let me I'll come back to this one when we have time but let's go and spawn some instances so far so good okay because we want to see some pink working nothing makes networking people more happy than see pink work right so that is still the so let's launch an instance again I'm going to call it web one as an instance again these are very many versions of the whole solution running on Amazon don't try to please select select big images and everything like that right performance is not where many ways to test performance this is not the avenue and then you select one instance select you go to boot an image from image select series and the next thing required in the when you launch in instances you need to tell which subnet you're going to associate which network you're going to associate this VM with okay click on plus click on launch and I was going to go through build stage everything and should be able to launch an instance while it is doing it let me see on the longer console I can arrange the view a little bit better or I can do a right click okay these are outer this is our database this is our app this is our web right this is a metadata again if you're interested in topic deeper we can explain why we dynamically create that and I'm going to go ahead and click deploy you can arrange it however you visually want again over here the connection connectivity to the internet is very slow so the drag and drop is just taking forever otherwise it's very very fast right okay this VM is up now let's launch another instance this is again on a 50.2 sub it's IP address on the web network let's create an instance on app you are able to follow tiny and zero why it does not so the question is why does the the network topology in plumb grid interface looks very similar to what we see in OpenStack okay in this particular scenario essentially what we are doing it is you're creating the the network services from OpenStack we are actually are the one who are providing those network services and giving you the visual view of it now platform against a deeper topic platform has the capability that it allows you to create network topologies which are sometime not even possible in OpenStack again that's not the spirit but in that scenario when you look at the virtual domains on plumb grid they will look maybe very different from what you will see in in OpenStack okay so should we try to ping all right so the question is do we incorporate plumb grid menu inside the horizon if I rephrase the question the answer is no today they are two different UIs lack of a better word actually frankly in a in a real world scenarios a lot of customers actually are very CLI people even on OpenStack horizon is is good for if you want to play in the lab want to bring it up in a smaller scalar environment when you are doing massive scalable deployment they use a lot of automation a lot of CLI neutron commands NOVA commands to to do these things right so hence we haven't had anyone honestly a motivation to create integrate any go over here on this side the orchestration so plumb grid would what you what is happening is the when you are creating these network you see the DSCP you see the bridge you see the router all of these functions are actually plumb grid virtual network function which are fully distributed virtual network functions which are enabling and creating this topology essentially once you install OpenStack with plumb grid we take care of we actually overtake all the networking that you are doing in the environment you may still be creating the network from the OpenStack horizon where it is with an OpenStack solution the network functions the network services the topology these are all enabled by by plumb grid there is question is how does plumb grid sort of integrates in an OpenStack yes we basically replace the neutron plugin with our own plugin our own neutron plugin which has been upstream and then that plugin talks to the platform this the director the the GUI that you are saying and over there all the configuration takes place the data path is actually is our own distributed data plane called IO wiser which is installed on the on the compute node right and maybe for a minute I may be digressing but if I go into the zone view this is a plumb grid edge is an icon of our IO wiser this is a distributed data plane the current module which is running on the compute nodes that is a sort for that we install now let us see if we can the default username is seroscubes when with a smiley face right here smiley face right here in the other machine which got the IP address was 50.2 55.2 correct now a happy network person can see the the pink connectivity going from one VM to the other okay very basic look and feel for how networking you you do it in OpenStack with a matter of clicks when you automate it with few scripts you can just bring up you're not touching the physical network and there you go on the plumb grid user interface we go into the virtual domain view and we go to the virtual domain of the tenant this is essentially the the web network you can even look at the interface because the VM is on a web network and you can track the the traffic which is going through you want to monitor the stats the various other things that you can do and every five seconds as you can see this counter will go up because you pull every five seconds all the packets bits bytes going through okay listen just one example if you don't mind can we take that one I'll be happy to talk about it then that's a we're going to a very different topic all together and I'll be happy to talk about it after the after the class so the question was about and our user interface you will see a dynamically created network with metadata next to it this one now in terms of our lab exercise we have completed exercise 3 as well yeah now for multi-tenant the idea about multi-tenant essentially you're going to have two different tenants the same IP addresses they're going to have no conflict no issue with each other because they're all inside this virtual network and the moment they want to talk outside they will have to go through an external network or through NAT right what we will do it is we will log out I'm going to log in as I named it tenant 2 right same thing in again in spirit of time I'll go a little bit little bit faster same network web the subnet we named it was web IP address we gave it was 192 168 dot 50 dot 0 slash 24 yeah again in a cloud environment the private space have as many tenants as you want the IP addresses they need no issue we can do same thing for app same overlapping IPs you can create not a problem again I will I will go ahead and just create an instance on the web just to show you right that you can have multiple overlapping IPs with instances they have no issues conflicting with each other and before we leave ideally I want to definitely want to test the external connectivity show how you can go outside the network now unless you have created accidentally associated them to the same user somehow right if you have created like separate projects separate users and you will log in as a second tenant to you will only see the external network because that's the only one which was created by the cloud provider shared with everyone you will not see you have no visibility no idea and anybody else exist that's correct enough in a very simplistic way an open stack again you can have you know multiple projects can be associated with a tenant but in a very simplistic way that's the way you would want to think about it all of right now what all I'm showing you this is not to showcase or advertise anything on plumber it all I'm showing you everything this how are you doing open stack networking how we when you install with us how we enable the open stack functionality now under the curtain in terms of the scale the distributed nature of nature of a technology the network functions analytics there are a lot of things that we are doing even right now right and then there's certain use cases where you want to build certain topologies there's certain networking requirements which are not possible with open stack today right they are possible with our platform and with our API extensions okay if you look at quickly the network topology right we will see only web and app in this case they are disconnected okay so let me go ahead and add a router between the two networks same thing as we did last time call a router to where it's work let me add web first let me add app is so far this is a repetition of what we have done before except with only two networks okay now another thing is when you want to go ahead and connect provide external connectivity right an open stack again you go to again the router this is probably the exercise number five or six right and you go ahead and select gateway so you're connecting this gateway now to the external network okay a network five more minutes cooperate with me external network set gateway just to quickly show you the network topology now this router is connected to the external network as well as the app and the web network we created okay how you give your VMs external connectivity right you will select the whatever VM you want for example web right and you will associate you will in the network you will go to the router on the router there will be a button called set gateway okay I'll go back on the instances let's say we take the web VM and if you want to give it an external which is a public IP right the concept an open stack is called floating IP concept right so you want to go ahead and associate a floating IP address to this VM the steps are you come here you click on plus I want to first allocate allocate from where where from the external network that cloud provider had given you access to you allocate it and once the allocation is done you will associate it okay this is basically an external network that the cloud provider had created right and basically along the tenant networks to connect to it okay and they give you a range there is a range of IP addresses that belong to this network now you go ahead and associate a public IP from that network and you can associate to the VM of your choice the one that you want to have external connectivity right essentially it is NAT people are networking world familiar with right this is the 10 and 2 topology if I can quickly look at it no no we don't use this is a plum great technique plum great data plane is the iobiser we actually don't use OBS we replace OBS with what we have and this is a NAT previous topology is a router subnet this is a NAT which is connecting to the external network and I am five minutes over but I will still take the liberty to try to ping from this VM to the outside but before I do that need to manage the security policies then open stack inside the tenant you can ping each other the default security will allow you to connect you are not allowed as a tenant by default to go out so you need to go ahead and create you know allow the the tenant to go again the test plan cover this in detail but I'm just go ahead and add couple of rules to allow ICMP to go through in and out you can request an access and we provide you the access with all this information so you can see it and if there are questions in our technology and everything we'll be more than happy to do a deeper discussion about all the VNF iobiser and what not it's happening here the second thing is on Wednesday we have in afternoon sessions of interactive intelligence with scum and couple of panels where you can learn more about like how people have used open-stack networking at scale like going beyond whatever the traditional default plugins have been people building complex technology apologies with virtual domains and then allocating it according to security policies they need so all that information will be discussed on Wednesday afternoon you can look at the sponsored sessions and in regards to ours we also do open stack marketplace training it's every month so you can go in there and register for it and we'll do a web based online training also again quickly recap sorry for being over this is the norm showing a VM which we gave it a public IP a dot a dot a dot it is a Google's DNS server so it's able to go all the way to the internet you can go and look at in our plumber console NAT network function you will see NAT entries packets going in and out many many other things so again reminder all of you who are here we have your badges scanned by when is it you will have an invite from us to sign up for a three-day same test plan more time feel free to reach out to us for more questions thank you happy to take any