Opinion about SDN/OVS - is it risky to use?

asked 2018-08-24 16:55:21 -0500

markusg4 gravatar image

This is potentially more of a political question than a technical one.

We're in the process of deploying OpenStack. I work for an international organization, and therefore, opinions are all over the place in regards to the "right" way to do it. The team locally has taken what I think is a more forward looking approach, deploying using OOO with SDN components like OVS. We will be dealing with multiple tenants, so I think that SDN buys us benefits in that arena.

The remote team has had success using a custom Puppet deploy, and has deployed only provider networks with most network configuration running outside of OS. They've taken a "keep it simple" approach and it appears to be working reasonably well for them, but I don't think it will meet our requirements.

At this point, I'm being asked to justify "SDN" (and I know that's loaded term and that technically Neutron is SDN all by itself) operationally, and to also comment on it's reliability. I have my own thoughts on this subject, but I'd be interested in hearing opinions from others - especially if you've successfully deployed SDN/OVS/VXLAN (within OS only) in a production environment. It's working here in test, but our operational experience is limited at this stage, so real world stories are welcome.

Secondly, we've deployed using OOO as it seems to be the most enterprise ready deployment methodology currently available, and since it's what RedHat uses. How do others feel about a custom Puppet deploy in regards to things like upgradeability and support vs OOO?

At the end of the day I want to make sure that our deploy is:

-Scalable -Supports multiple tenants -Upgradable -Reliable


edit retag flag offensive close merge delete