1. OpenStack & OpenFlow Demo
Brent Salisbury CCIE#11972
Network Architect
University of Kentucky
9/22/2012
https://twitter.com/#!/networkstatic
2. Network is the Substrate
• Cloud computing refers to the delivery of computing and storage capacity
as a service to a heterogeneous community of end-recipients. The name
comes from the use of clouds as an abstraction for the complex
infrastructure it contains in system diagrams. Cloud computing entrusts
services with a user's data, software and computation over a network.
• Cloud computing relies on sharing
of resources to achieve coherence
and economies of scale similar to
a utility (like the electricity grid)
over a network. At the foundation
of cloud computing is the broader
concept of converged
infrastructure and shared services
over networks.
3. OpenStack
“I want to report on my
“My UI will be easier to use” customers SLAs”
“I need a different VM
placement policy” “I’ll build in a way to
share revenue with
my customer’s”
“I have a much better way to “I let my customers span
snapshot machine images” multiple clouds”
Example of the Future: Open Source Cloud Framework
6. Demo Components Nerd Warning
• OpenStack - Orchestration BPDUGuard good
• OpenvSwitch - Network Virtualization
• Kernel Virtualization Module (KVM) – Hypervisor
• Bare Metal x86 Server Dell r910 & r720
10 minute demo the following
As Provider
• Provision new customer/tenant and UIDs.
• Modify policy for quotas including usage in storage, VCPU, memory,
images OS and capacity, network addressing based on customer need.
As Customer
• Login as user and self-provision SSL keys and apply 5-tuple security
policy to each host we spin up.
• Launch Windows 2008 R2 and Linux hosts with varying levels of
memory, CPU and ephemeral storage.
• Assign networks to these hosts based on purposing.
As Provider and Customer
• Review usage data for capacity planning, SLA fulfillment, usage
analytics and billing.
9. Old slide but still valid imo
P
P Can I not be a cheaper
Merchant silicon chip?
MPLS Core
PE PE
FlowVisor FlowVisor
Customer A Customer A
Customer B
Customer B
Control Plane
Control Plane
SDN Controller
SDN Controller
• It should be the next x86 market. Have we admitted that yet?
• The value in abstraction is proven.
10. Change is Bad
• We are operating far to close to the hardware.
o Do systems administrators configure their services in x86 Bios? Well, we do.
• Generic components decomposed into resources to
consume anywhere, anytime.
• Abstraction of Forwarding, State and Management.
o Forwarding: Networking gear with flow tables and firmware.
o State: Bag of protocols destruction.
o Management: Orchestration, CMDB etc. Join the rest of the data center (and world)
11. Not New Ideas
VM Farms Today SDN Network
Physical Server Infrastructure Physical Network Infrastructure
Servers, CPU, Memory, Disk, Physical HW Router, Switches, RIB, LIB,
NIC, Bus. TCAM, Memory, CPU, ASIC.
HyperVisors, Vmware,
GENI FlowVisor
Hyper-V, KVM, Xen, X86
Virtualization Openflow Controller
Instruction Set
Windows General Secure
Windows Windows Research
WindowS
Slices WindowS WindowS WindowS Purpose
WindowS Network
WindowS
Slices Slices Slices
lice lice lice lice lice lice
Slice Slice
Slices
12. Planes Trains and Fabrics..
SDN Controller Framework Generic Switch Architecture
13. OpenFlow Controller
OpenFlow Protocol (SSL/TCP)
Control Path OpenFlow
Data Path (Hardware)
Next Few slides are from presentation from Srini Seetharaman Deutsche Telekom
14. OpenFlow Example
Controller
PC
Software
Layer
OpenFlow Client
Flow Table
MAC MAC IP IP TCP TCP
Action
src dst Src Dst sport dport
Hardware
* * * 5.6.7.8 * * port 1
Layer
port 1 port 2 port 3 port 4
5.6.7.8 1.2.3.4
15. OpenFlow Basics
Flow Table Entries
Rule Action Stats
Packet + byte counters
1. Forward packet to zero or more ports
2. Encapsulate and forward to controller
3. Send to normal processing pipeline
4. Modify Fields
5. Any extensions you add!
Switch VLAN VLAN MAC MAC Eth IP IP IP IP L4 L4
Port ID pcp src dst type Src Dst ToS Prot sport dport
+ mask what fields to match
16. Examples
Switching
Switch MAC MAC Eth VLAN IP IP IP TCP TCP
Action
Port src dst type ID Src Dst Prot sport dport
* * 00:1f:.. * * * * * * * port6
Flow Switching
Switch MAC MAC Eth VLAN IP IP IP TCP TCP
Action
Port src dst type ID Src Dst Prot sport dport
port3 00:20.. 00:1f.. 0800 vlan1 1.2.3.4 5.6.7.8 4 17264 80 port6
Firewall
Switch MAC MAC Eth VLAN IP IP IP TCP TCP
Action
Port src dst type ID Src Dst Prot sport dport
* * * * * * * * * 22 drop
17. Examples
Routing
Switch MAC MAC Eth VLAN IP IP IP TCP TCP
Action
Port src dst type ID Src Dst Prot sport dport
* * * * * * 5.6.7.8 * * * port6
VLAN Switching
Switch MAC MAC Eth VLAN IP IP IP TCP TCP
Action
Port src dst type ID Src Dst Prot sport dport
port6,
* * 00:1f.. * vlan1 * * * * * port7,
port9