Architecture of GigaVUE Cloud Suite for OpenStack
GigaVUE Cloud Suite for OpenStack captures traffic in OpenStack cloud using G-vTAP Agents directly or through the hypervisor as described in this section.
Refer to the following architectures for details:
G-vTAP Agent |
OpenVSwitch (OVS) Mirroring |
G-vTAP Agent
A G-vTAP Agent is a tiny footprint user-space agent (G-vTAP) that is deployed in a project instance. This agent mirrors the traffic from a source interface to a destination mirror interface. The mirrored traffic is then sent to the GigaVUE® V Series node. The following figure shows a high-level architecture of Gigamon GigaVUE Cloud Suite for OpenStack using G-vTAP Agents as the source for acquiring the traffic.
A G-vTAP Agent is deployed by installing the agent in the virtual instances. When a G-vTAP Agent is installed, a G-vTAP Controller must be configured in your environment. A G-vTAP Controller orchestrates the flow of mirrored traffic from G-vTAP Agents to the GigaVUE V Series nodes. A single G-vTAP Controller can manage up to 100 G-vTAP Agents deployed in the cloud.
By using G-vTAP Agents for mirroring traffic, the monitoring infrastructure is fully contained within the virtual machine being monitored. This agent is agnostic of the underlying virtual switch. Also, the cost of monitoring a virtual machine is borne by the same virtual machine.
OpenVSwitch (OVS) Mirroring
When deploying OpenVSwitch (OVS) Mirroring, a G-vTAP Agent is installed on the hypervisor where the VMs you wish to monitor are located. When a G-vTAP Agent is installed, a G-vTAP Controller must be configured in your environment. A G-vTAP Controller orchestrates the flow of mirrored traffic from G-vTAP Agents to the GigaVUE V Series nodes.
A single G-vTAP Controller can manage up to 100 G-vTAP Agents deployed in the cloud. By using OVS Mirroring or OVS Mirroring + DPDK, the mirroring infrastructure is fully contained within the hypervisors.
The G-vTAP Agents are deployed on the target Hypervisors and the configuration file is to be modified based on the requirements and service. GigaVUE-FM connects to G-vTAP Controller and each G-vTAP Controller can talk to G-vTAP Agents. GigaVUE-FM receives the list of interfaces that can be used as the source or destination for the mirroring interface selected in GigaVUE-FM. GigaVUE-FM mirrors and forwards the traffic to the V Series nodes based on the deployed Monitoring Session.
- G-vTAP configures traffic mirroring in the OVS (with or without DPDK) and the management of the mirrored traffic is completely based on OVS architecture and the server.
- OVS Mirroring also supports OpenVSwitch with DPDK. The configuration steps for OVS Mirroring and OVS Mirroring with DPDK are the same.
Prerequisites for OVS Mirroring
The following items are required to deploy a G-vTAP OVS agent:
- An existing OpenStack cloud environment should be available with admin project and login credentials to create a monitoring domain.
- A user with OVS access is required to enable OVS-Mirror. The user can be an admin or can be a user with a custom role that has the permissions and the ability to list projects. Refer to OpenStack Role Privileges Required to Enable OVS Mirroring for the elevated privileges required.
- A working GigaVUE-FM with latest build.
OpenStack Cloud Environment Requirements
- ML2 mechanism driver: OpenVSwitch.
- You must have the following role privileges to enable OVS mirroring.
openstack hypervisor list
does not return a reachable IP for the hypervisors that are being monitored, you must manually enter a reachable IP for each hypervisor in OpenStack CLI using project properties. For each hypervisor you will need to add a key value pair property in the following format:
- key: value
- key: must be in the form gigamon-hv-<hypervisorID>
- value: reachable IP for hypervisor
For example: openstack project set --property gigamon-hv-1=1.2.3.4 project-name