SlideShare ist ein Scribd-Unternehmen logo

Cloudstack collab talk

Als PPTX, PDF herunterladen
Midokura
Midokura

Making a case for network virtualization

Technologie
1 von 37
Making a case for distributed overlay-based network virtualization Ben Cherian Chief Strategy Officer @bencherian Midokura
So, you’re building a cloud?
Requirements
1 2 3 4 5 vs 1 New 1 Horizontal scaling
Building blocks of an IaaS cloud
Cloud management system
Compute
Storage
Networking
Traditional networking devices scale up
Service interruptions
High churn, micro granularity
Limitations of VLANs
Traffic trombones
Human costs don’t scale
Additional Requirements
IaaS Cloud Networking Requirements • Multi-tenancy • ACLs • L2 isolation • Stateful (L4) Firewall  Security Groups • L3 routing isolation  VPC • VPN  Like VRF (virtual  IPSec routing and forwarding) • BGP gateway • Scalable control • REST API plane • Integration with CMS  ARP, DHCP, ICMP  CloudStack • NAT (Floating IP)  OpenStack
IaaS Cloud Networking Requirements Typical Network Topology uplink - Creat e one provider rout er upon deployment - Link to uplink - Creat e a rout er f or a t enant - BGP multi-homing - M ap a bridge f or a quant um net work - Global NAT/route settings, e.g. for floating ip Provider Virtual Router (L3) - Tenant router for FW, LB, DHCP and NAT Tenant/Project A Tenant/Project B Tenant B Tenant A Virtual Router Virtual Router Network A1 Network A2 Network B1 TenantB office Virtual L2 Virtual L2 Virtual L2 Switch A1 Switch A2 Switch B1 Tenant B VPN Router VM1 VM3 VM5 VM2 VM4 VM6 Office Network
Solution: Distributed overlay-based network virtualization
Use encapsulation to build a virtual network
Handle network intelligence / network state at the edge
Require less of the physical network
Edge to Edge IP Overlays • Isolation not using VLANs  IP encapsulation • Decouple from physical network • Provisioning VM doesn’t change underlay state • Underlay delivers to destination host IP • Use scalable IGP (iBGP, OSPF) to build multi-path underlay • Inspired by VL2 from MSR
Market trends supporting overlay model • Packet processing on x86 CPUs (at edge) – Intel DPDK facilitates packet processing – Number of cores in servers increasing fast • Clos Networks (for underlay) – Spine and Leaf architecture with IP – Economical and high E-W bandwidth • Merchant silicon (cheap IP switches) – Broadcom, Intel (Fulcrum Micro), Marvell – ODMs (Quanta, Accton) starting to sell directly – Switches are becoming just like Linux servers • Optical intra-DC Networks
The MidoNet Solution • Virtual L2 Distributed Switching • Virtual L2 Isolation • Virtual L3 Distributed Routing • Virtual L3 Isolation • L4 Services (Load Balancing, Firewall) • NAT • Access Control Lists (ACLs) • Virtual port and device monitoring • Restful API • Web based management control panel
The MidoNet Solution Logical Topology vPort Virtual Tenant A Switch A1 Virtual vPort Router vPort Provider Virtual Virtual Switch A2 vPort Router Tenant B vPort Virtual Virtual Router Switch B1 vPort VM MN MN VM BGP BGP Multi To ISP1 Homing Internet Private IP VM MN Network MN VM BGP To ISP2 Tunnel BGP To ISP3 VM MN MN VM MN MN MN Network State Database Physical Topology
The MidoNet Solution • Distributed and scalable control plane  Handle all control packets at local MidoNet agent adjacent to VM • Scalable and fault tolerant central database  Stores virtual network configuration  Dynamic network state  MAC learning, ARP cache, etc  Cached at edges on demand • All packet modifications at ingress Packet Tunnel Ingress  One virtual hop MN  No travel through middle boxes Encapsulated  Drop at ingress Drop/Block
Scale out model
The MidoNet Solution • Scalable edge gateway interface to external networks – Multihomed BGP to ISP • REST API and GUI • Integration with popular open source cloud stacks – OpenStack • Removes SPOF of network node • Scalable and fault tolerant NAT for floating IP • Implements security groups efficiently – CloudStack (in progress)
CloudStack integration • Currently have L2 integration • Full integration is slated for Q1, 2013 – L3 isolation (without VM / appliance) – Security groups (stateful firewall) – Floating IP (NAT) – Load balancing (L4)
Questions? Slides: http://www.slideshare.net/midokura
Backup slides
Candidate Models • Traditional network • Centrally controlled OpenFlow based hop- by-hop switching fabric • Edge to edge overlays
Traditional Netowrk • Ethernet VLANs for L2 isolation  4096 limit  VLANs will have large spanning trees terminating on many hosts  High churn in switch control planes doing MAC learning non-stop  Need MLAG for L2 multi-path  Vendor specific • MPLS VPN? • VRFs for L3 isolation  Not scalable to cloud scale  Expensive hardware  Not fault tolerant
OpenFlow Fabric • State in switches  Proportional to virtual network state  Need to update all switches in path when provisioning  Not scalable, not fast enough to update, no atomicity of updates • Not good for IaaS cloud virtual networking
Spine and Leaf Network Architecture
Deep OpenStack Integration • Quantum Plugin – L2 isolation, of course • Also… – L3 isolation (without VM / appliance) – Security groups (stateful firewall) – Floating IP (NAT) – Load balancing (L4) 37

Empfohlen

Networking in the cloud: An SDN primer
Networking in the cloud: An SDN primerNetworking in the cloud: An SDN primer
Networking in the cloud: An SDN primer
Midokura
 
BayLISA: MidoNet Overlay Based Network Virtualization for IaaS Clouds
BayLISA: MidoNet Overlay Based Network Virtualization for IaaS CloudsBayLISA: MidoNet Overlay Based Network Virtualization for IaaS Clouds
BayLISA: MidoNet Overlay Based Network Virtualization for IaaS Clouds
Adam Johnson
 
Drd700
Drd700Drd700
Drd700
ciperi
 
evolution towards NGN
evolution towards NGNevolution towards NGN
evolution towards NGN
AJAL A J
 
Encoder
EncoderEncoder
Encoder
TELE-audiovision eng
 
Quality of Experience
Quality of ExperienceQuality of Experience
Quality of Experience
Thomas Kernen
 
Ibc forum 2012-divitel
Ibc forum 2012-divitelIbc forum 2012-divitel
Ibc forum 2012-divitel
Verimatrix
 
Network policies
Network policiesNetwork policies
Network policies
shanj
 

Empfohlen

Networking in the cloud: An SDN primer
Networking in the cloud: An SDN primerNetworking in the cloud: An SDN primer
Networking in the cloud: An SDN primer
Midokura
 
BayLISA: MidoNet Overlay Based Network Virtualization for IaaS Clouds
BayLISA: MidoNet Overlay Based Network Virtualization for IaaS CloudsBayLISA: MidoNet Overlay Based Network Virtualization for IaaS Clouds
BayLISA: MidoNet Overlay Based Network Virtualization for IaaS Clouds
Adam Johnson
 
Drd700
Drd700Drd700
Drd700
ciperi
 
evolution towards NGN
evolution towards NGNevolution towards NGN
evolution towards NGN
AJAL A J
 
Encoder
EncoderEncoder
Encoder
TELE-audiovision eng
 
Quality of Experience
Quality of ExperienceQuality of Experience
Quality of Experience
Thomas Kernen
 
Ibc forum 2012-divitel
Ibc forum 2012-divitelIbc forum 2012-divitel
Ibc forum 2012-divitel
Verimatrix
 
Network policies
Network policiesNetwork policies
Network policies
shanj
 
Scalable Video Coding in Content-Aware Networks
Scalable Video Coding in Content-Aware NetworksScalable Video Coding in Content-Aware Networks
Scalable Video Coding in Content-Aware Networks
mgrafl
 
Windows Server 8 Hyper V Networking
Windows Server 8 Hyper V NetworkingWindows Server 8 Hyper V Networking
Windows Server 8 Hyper V Networking
Aidan Finn
 
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLAN
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLANFlexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLAN
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLAN
Cisco Canada
 
Sao Paulo Multi-network Event 2012 - Verimatrix
Sao Paulo Multi-network Event 2012 - VerimatrixSao Paulo Multi-network Event 2012 - Verimatrix
Sao Paulo Multi-network Event 2012 - Verimatrix
Verimatrix
 
2008 EBU Training BBC Scotland Infrastructure
2008 EBU Training BBC Scotland Infrastructure2008 EBU Training BBC Scotland Infrastructure
2008 EBU Training BBC Scotland Infrastructure
European Broacasting Union
 
Optical Transport SDN by Peter Landon [APRICOT 2015]
Optical Transport SDN by Peter Landon [APRICOT 2015]Optical Transport SDN by Peter Landon [APRICOT 2015]
Optical Transport SDN by Peter Landon [APRICOT 2015]
APNIC
 
10209
1020910209
10209
ronsito
 
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, VerimatrixMulti-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
Verimatrix
 
IPv6 in 3G Core Networks
IPv6 in 3G Core NetworksIPv6 in 3G Core Networks
IPv6 in 3G Core Networks
John Loughney
 
Trill and Datacenter Alternatives
Trill and Datacenter AlternativesTrill and Datacenter Alternatives
Trill and Datacenter Alternatives
Aricent
 
Netup dvb-tc-ci
Netup dvb-tc-ciNetup dvb-tc-ci
Netup dvb-tc-ci
TELE-audiovision eng
 
Backhaul considerations-ver2
Backhaul considerations-ver2Backhaul considerations-ver2
Backhaul considerations-ver2
Rafael Junquera
 
Mobile Transport Evolution with Unified MPLS
Mobile Transport Evolution with Unified MPLSMobile Transport Evolution with Unified MPLS
Mobile Transport Evolution with Unified MPLS
Cisco Canada
 
David A. Burgess's Presentation at eComm 2009
David A. Burgess's Presentation at eComm 2009David A. Burgess's Presentation at eComm 2009
David A. Burgess's Presentation at eComm 2009
eCommConf
 
Ultra high definition TV over IP networks
Ultra high definition TV over IP networksUltra high definition TV over IP networks
Ultra high definition TV over IP networks
Thomas Kernen
 
Waris l2vpn-tutorial
Waris l2vpn-tutorialWaris l2vpn-tutorial
Waris l2vpn-tutorial
rakiva29
 
Bnova flyer blankomdigital_rev04_web_01
Bnova flyer blankomdigital_rev04_web_01Bnova flyer blankomdigital_rev04_web_01
Bnova flyer blankomdigital_rev04_web_01
ciperi
 
Unified MPLS
Unified MPLSUnified MPLS
Unified MPLS
Cisco Service Provider
 
CISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment OverviewCISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
Ameen Wayok
 
オープンソースになったMidoNet
オープンソースになったMidoNetオープンソースになったMidoNet
オープンソースになったMidoNet
Midokura
 
MidoNet US Launch - Oct 15
MidoNet US Launch - Oct 15MidoNet US Launch - Oct 15
MidoNet US Launch - Oct 15
Midokura
 
MidoNet Future -ミドネットの未来-
MidoNet Future -ミドネットの未来-MidoNet Future -ミドネットの未来-
MidoNet Future -ミドネットの未来-
Midokura
 

Weitere ähnliche Inhalte

Was ist angesagt?

Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, VerimatrixMulti-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
Verimatrix
 
Backhaul considerations-ver2
Backhaul considerations-ver2Backhaul considerations-ver2
Backhaul considerations-ver2
Rafael Junquera
 
Mobile Transport Evolution with Unified MPLS
Mobile Transport Evolution with Unified MPLSMobile Transport Evolution with Unified MPLS
Mobile Transport Evolution with Unified MPLS
Cisco Canada
 
David A. Burgess's Presentation at eComm 2009
David A. Burgess's Presentation at eComm 2009David A. Burgess's Presentation at eComm 2009
David A. Burgess's Presentation at eComm 2009
eCommConf
 
Ultra high definition TV over IP networks
Ultra high definition TV over IP networksUltra high definition TV over IP networks
Ultra high definition TV over IP networks
Thomas Kernen
 
Waris l2vpn-tutorial
Waris l2vpn-tutorialWaris l2vpn-tutorial
Waris l2vpn-tutorial
rakiva29
 
Bnova flyer blankomdigital_rev04_web_01
Bnova flyer blankomdigital_rev04_web_01Bnova flyer blankomdigital_rev04_web_01
Bnova flyer blankomdigital_rev04_web_01
ciperi
 
CISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment OverviewCISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
Ameen Wayok
 

Was ist angesagt? (19)

Scalable Video Coding in Content-Aware Networks
Scalable Video Coding in Content-Aware NetworksScalable Video Coding in Content-Aware Networks
Scalable Video Coding in Content-Aware Networks
 
Windows Server 8 Hyper V Networking
Windows Server 8 Hyper V NetworkingWindows Server 8 Hyper V Networking
Windows Server 8 Hyper V Networking
 
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLAN
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLANFlexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLAN
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLAN
 
Sao Paulo Multi-network Event 2012 - Verimatrix
Sao Paulo Multi-network Event 2012 - VerimatrixSao Paulo Multi-network Event 2012 - Verimatrix
Sao Paulo Multi-network Event 2012 - Verimatrix
 
2008 EBU Training BBC Scotland Infrastructure
2008 EBU Training BBC Scotland Infrastructure2008 EBU Training BBC Scotland Infrastructure
2008 EBU Training BBC Scotland Infrastructure
 
Optical Transport SDN by Peter Landon [APRICOT 2015]
Optical Transport SDN by Peter Landon [APRICOT 2015]Optical Transport SDN by Peter Landon [APRICOT 2015]
Optical Transport SDN by Peter Landon [APRICOT 2015]
 
10209
1020910209
10209
 
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, VerimatrixMulti-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
 
IPv6 in 3G Core Networks
IPv6 in 3G Core NetworksIPv6 in 3G Core Networks
IPv6 in 3G Core Networks
 
Trill and Datacenter Alternatives
Trill and Datacenter AlternativesTrill and Datacenter Alternatives
Trill and Datacenter Alternatives
 
Netup dvb-tc-ci
Netup dvb-tc-ciNetup dvb-tc-ci
Netup dvb-tc-ci
 
Backhaul considerations-ver2
Backhaul considerations-ver2Backhaul considerations-ver2
Backhaul considerations-ver2
 
Mobile Transport Evolution with Unified MPLS
Mobile Transport Evolution with Unified MPLSMobile Transport Evolution with Unified MPLS
Mobile Transport Evolution with Unified MPLS
 
David A. Burgess's Presentation at eComm 2009
David A. Burgess's Presentation at eComm 2009David A. Burgess's Presentation at eComm 2009
David A. Burgess's Presentation at eComm 2009
 
Ultra high definition TV over IP networks
Ultra high definition TV over IP networksUltra high definition TV over IP networks
Ultra high definition TV over IP networks
 
Waris l2vpn-tutorial
Waris l2vpn-tutorialWaris l2vpn-tutorial
Waris l2vpn-tutorial
 
Bnova flyer blankomdigital_rev04_web_01
Bnova flyer blankomdigital_rev04_web_01Bnova flyer blankomdigital_rev04_web_01
Bnova flyer blankomdigital_rev04_web_01
 
Unified MPLS
Unified MPLSUnified MPLS
Unified MPLS
 
CISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment OverviewCISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
 

Andere mochten auch

Andere mochten auch (6)

オープンソースになったMidoNet
オープンソースになったMidoNetオープンソースになったMidoNet
オープンソースになったMidoNet
 
MidoNet US Launch - Oct 15
MidoNet US Launch - Oct 15MidoNet US Launch - Oct 15
MidoNet US Launch - Oct 15
 
MidoNet Future -ミドネットの未来-
MidoNet Future -ミドネットの未来-MidoNet Future -ミドネットの未来-
MidoNet Future -ミドネットの未来-
 
Midokura Enterprise MidoNet Overview
Midokura Enterprise MidoNet Overview Midokura Enterprise MidoNet Overview
Midokura Enterprise MidoNet Overview
 
MidoNet Differentiation and Overview
MidoNet Differentiation and OverviewMidoNet Differentiation and Overview
MidoNet Differentiation and Overview
 
クラウドネットワークの仮想化そしてVxLAN Offloadによる高速化
クラウドネットワークの仮想化そしてVxLAN Offloadによる高速化クラウドネットワークの仮想化そしてVxLAN Offloadによる高速化
クラウドネットワークの仮想化そしてVxLAN Offloadによる高速化
 

Ähnlich wie Cloudstack collab talk

Networking in the Cloud: An SDN Primer
Networking in the Cloud: An SDN PrimerNetworking in the Cloud: An SDN Primer
Networking in the Cloud: An SDN Primer
OpenStack Foundation
 
Cherian networking in_the_cloud_041613
Cherian networking in_the_cloud_041613Cherian networking in_the_cloud_041613
Cherian networking in_the_cloud_041613
OpenStack Foundation
 
Windows server 8 hyper v networking (aidan finn)
Windows server 8 hyper v networking (aidan finn)Windows server 8 hyper v networking (aidan finn)
Windows server 8 hyper v networking (aidan finn)
hypervnu
 
OpenStack Load Balancing Use Cases and Requirements
OpenStack Load Balancing Use Cases and RequirementsOpenStack Load Balancing Use Cases and Requirements
OpenStack Load Balancing Use Cases and Requirements
John Gruber
 
Brokerage 2007 presentation wireless
Brokerage 2007 presentation wirelessBrokerage 2007 presentation wireless
Brokerage 2007 presentation wireless
imec.archive
 
Ryu: network operating system
Ryu: network operating systemRyu: network operating system
Ryu: network operating system
Isaku Yamahata
 
Virtual Network Performance Challenge
Virtual Network Performance ChallengeVirtual Network Performance Challenge
Virtual Network Performance Challenge
Stephen Hemminger
 
MFH3 Overview
MFH3 OverviewMFH3 Overview
MFH3 Overview
rorcutt
 

Ähnlich wie Cloudstack collab talk (20)

Networking in the Cloud: An SDN Primer
Networking in the Cloud: An SDN PrimerNetworking in the Cloud: An SDN Primer
Networking in the Cloud: An SDN Primer
 
Cherian networking in_the_cloud_041613
Cherian networking in_the_cloud_041613Cherian networking in_the_cloud_041613
Cherian networking in_the_cloud_041613
 
Windows server 8 hyper v networking (aidan finn)
Windows server 8 hyper v networking (aidan finn)Windows server 8 hyper v networking (aidan finn)
Windows server 8 hyper v networking (aidan finn)
 
Advanced network services insertions framework
Advanced network services insertions frameworkAdvanced network services insertions framework
Advanced network services insertions framework
 
OpenStack Load Balancing Use Cases and Requirements
OpenStack Load Balancing Use Cases and RequirementsOpenStack Load Balancing Use Cases and Requirements
OpenStack Load Balancing Use Cases and Requirements
 
Link Virtualization based on Xen
Link Virtualization based on XenLink Virtualization based on Xen
Link Virtualization based on Xen
 
VoIP Connectivity Table
VoIP Connectivity TableVoIP Connectivity Table
VoIP Connectivity Table
 
Network virtualization with open stack quantum
Network virtualization with open stack quantumNetwork virtualization with open stack quantum
Network virtualization with open stack quantum
 
Brokerage 2007 presentation wireless
Brokerage 2007 presentation wirelessBrokerage 2007 presentation wireless
Brokerage 2007 presentation wireless
 
Networking is NOT Free: Lessons in Network Design
Networking is NOT Free: Lessons in Network DesignNetworking is NOT Free: Lessons in Network Design
Networking is NOT Free: Lessons in Network Design
 
Architecting data center networks in the era of big data and cloud
Architecting data center networks in the era of big data and cloudArchitecting data center networks in the era of big data and cloud
Architecting data center networks in the era of big data and cloud
 
Technical introduction to MidoNet
Technical introduction to MidoNetTechnical introduction to MidoNet
Technical introduction to MidoNet
 
Ryu: network operating system
Ryu: network operating systemRyu: network operating system
Ryu: network operating system
 
Virtual Network Performance Challenge
Virtual Network Performance ChallengeVirtual Network Performance Challenge
Virtual Network Performance Challenge
 
Quantum grizzly summit
Quantum grizzly summitQuantum grizzly summit
Quantum grizzly summit
 
Quantum PTL Update - Grizzly Summit.pptx
Quantum PTL Update - Grizzly Summit.pptxQuantum PTL Update - Grizzly Summit.pptx
Quantum PTL Update - Grizzly Summit.pptx
 
MFH3 Overview
MFH3 OverviewMFH3 Overview
MFH3 Overview
 
Hungary Usergroup - Midonet overlay programming
Hungary Usergroup - Midonet overlay programmingHungary Usergroup - Midonet overlay programming
Hungary Usergroup - Midonet overlay programming
 
Contrail Enabler for agile cloud services
Contrail Enabler for agile cloud servicesContrail Enabler for agile cloud services
Contrail Enabler for agile cloud services
 
OpenStack Quantum Intro (OS Meetup 3-26-12)
OpenStack Quantum Intro (OS Meetup 3-26-12)OpenStack Quantum Intro (OS Meetup 3-26-12)
OpenStack Quantum Intro (OS Meetup 3-26-12)
 

Mehr von Midokura

Introduction to Network Virtualization for IaaS Cloud by Midokura at LinuxCon...
Introduction to Network Virtualization for IaaS Cloud by Midokura at LinuxCon...Introduction to Network Virtualization for IaaS Cloud by Midokura at LinuxCon...
Introduction to Network Virtualization for IaaS Cloud by Midokura at LinuxCon...
Midokura
 
20130517 midokura-ncc
20130517 midokura-ncc20130517 midokura-ncc
20130517 midokura-ncc
Midokura
 

Mehr von Midokura (10)

Journey to an Intelligent Industrial Network - Pino de Candia, CTO Midokura
Journey to an Intelligent Industrial Network - Pino de Candia, CTO MidokuraJourney to an Intelligent Industrial Network - Pino de Candia, CTO Midokura
Journey to an Intelligent Industrial Network - Pino de Candia, CTO Midokura
 
ネットワーク仮想化ソフトウェアMidoNet ユースケースとユーザメリット
ネットワーク仮想化ソフトウェアMidoNet ユースケースとユーザメリットネットワーク仮想化ソフトウェアMidoNet ユースケースとユーザメリット
ネットワーク仮想化ソフトウェアMidoNet ユースケースとユーザメリット
 
OpenStack Networkingとネットワーク仮想化ソフトMidoNet最新動向
OpenStack Networkingとネットワーク仮想化ソフトMidoNet最新動向OpenStack Networkingとネットワーク仮想化ソフトMidoNet最新動向
OpenStack Networkingとネットワーク仮想化ソフトMidoNet最新動向
 
OpenStack Havanaのネットワーキング新機能と適用事例
OpenStack Havanaのネットワーキング新機能と適用事例OpenStack Havanaのネットワーキング新機能と適用事例
OpenStack Havanaのネットワーキング新機能と適用事例
 
Network Virtualization with MidoNet in CloudStack
Network Virtualization with MidoNet in CloudStackNetwork Virtualization with MidoNet in CloudStack
Network Virtualization with MidoNet in CloudStack
 
20130614 Interop SDN ShowCase-OpenStage2-MidoNet with Sakura Internet
20130614 Interop SDN ShowCase-OpenStage2-MidoNet with Sakura Internet20130614 Interop SDN ShowCase-OpenStage2-MidoNet with Sakura Internet
20130614 Interop SDN ShowCase-OpenStage2-MidoNet with Sakura Internet
 
Introduction to Network Virtualization for IaaS Cloud by Midokura at LinuxCon...
Introduction to Network Virtualization for IaaS Cloud by Midokura at LinuxCon...Introduction to Network Virtualization for IaaS Cloud by Midokura at LinuxCon...
Introduction to Network Virtualization for IaaS Cloud by Midokura at LinuxCon...
 
OSC Osaka 2013
OSC Osaka 2013OSC Osaka 2013
OSC Osaka 2013
 
20130517 midokura-ncc
20130517 midokura-ncc20130517 midokura-ncc
20130517 midokura-ncc
 
12th Japan CloudStack User Group Meetup
12th Japan CloudStack User Group Meetup12th Japan CloudStack User Group Meetup
12th Japan CloudStack User Group Meetup
 

Kürzlich hochgeladen

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 

Kürzlich hochgeladen (20)

FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 

Cloudstack collab talk

  • 1. Making a case for distributed overlay-based network virtualization Ben Cherian Chief Strategy Officer @bencherian Midokura
  • 4. 1 2 3 4 5 vs 1 New 1 Horizontal scaling
  • 5. Building blocks of an IaaS cloud
  • 10. Traditional networking devices scale up
  • 12. High churn, micro granularity
  • 13. Limitations of VLANs
  • 17. IaaS Cloud Networking Requirements • Multi-tenancy • ACLs • L2 isolation • Stateful (L4) Firewall  Security Groups • L3 routing isolation  VPC • VPN  Like VRF (virtual  IPSec routing and forwarding) • BGP gateway • Scalable control • REST API plane • Integration with CMS  ARP, DHCP, ICMP  CloudStack • NAT (Floating IP)  OpenStack
  • 18. IaaS Cloud Networking Requirements Typical Network Topology uplink - Creat e one provider rout er upon deployment - Link to uplink - Creat e a rout er f or a t enant - BGP multi-homing - M ap a bridge f or a quant um net work - Global NAT/route settings, e.g. for floating ip Provider Virtual Router (L3) - Tenant router for FW, LB, DHCP and NAT Tenant/Project A Tenant/Project B Tenant B Tenant A Virtual Router Virtual Router Network A1 Network A2 Network B1 TenantB office Virtual L2 Virtual L2 Virtual L2 Switch A1 Switch A2 Switch B1 Tenant B VPN Router VM1 VM3 VM5 VM2 VM4 VM6 Office Network
  • 19. Solution: Distributed overlay-based network virtualization
  • 20. Use encapsulation to build a virtual network
  • 21. Handle network intelligence / network state at the edge
  • 22. Require less of the physical network
  • 23. Edge to Edge IP Overlays • Isolation not using VLANs  IP encapsulation • Decouple from physical network • Provisioning VM doesn’t change underlay state • Underlay delivers to destination host IP • Use scalable IGP (iBGP, OSPF) to build multi-path underlay • Inspired by VL2 from MSR
  • 24. Market trends supporting overlay model • Packet processing on x86 CPUs (at edge) – Intel DPDK facilitates packet processing – Number of cores in servers increasing fast • Clos Networks (for underlay) – Spine and Leaf architecture with IP – Economical and high E-W bandwidth • Merchant silicon (cheap IP switches) – Broadcom, Intel (Fulcrum Micro), Marvell – ODMs (Quanta, Accton) starting to sell directly – Switches are becoming just like Linux servers • Optical intra-DC Networks
  • 25. The MidoNet Solution • Virtual L2 Distributed Switching • Virtual L2 Isolation • Virtual L3 Distributed Routing • Virtual L3 Isolation • L4 Services (Load Balancing, Firewall) • NAT • Access Control Lists (ACLs) • Virtual port and device monitoring • Restful API • Web based management control panel
  • 26. The MidoNet Solution Logical Topology vPort Virtual Tenant A Switch A1 Virtual vPort Router vPort Provider Virtual Virtual Switch A2 vPort Router Tenant B vPort Virtual Virtual Router Switch B1 vPort VM MN MN VM BGP BGP Multi To ISP1 Homing Internet Private IP VM MN Network MN VM BGP To ISP2 Tunnel BGP To ISP3 VM MN MN VM MN MN MN Network State Database Physical Topology
  • 27. The MidoNet Solution • Distributed and scalable control plane  Handle all control packets at local MidoNet agent adjacent to VM • Scalable and fault tolerant central database  Stores virtual network configuration  Dynamic network state  MAC learning, ARP cache, etc  Cached at edges on demand • All packet modifications at ingress Packet Tunnel Ingress  One virtual hop MN  No travel through middle boxes Encapsulated  Drop at ingress Drop/Block
  • 29. The MidoNet Solution • Scalable edge gateway interface to external networks – Multihomed BGP to ISP • REST API and GUI • Integration with popular open source cloud stacks – OpenStack • Removes SPOF of network node • Scalable and fault tolerant NAT for floating IP • Implements security groups efficiently – CloudStack (in progress)
  • 30. CloudStack integration • Currently have L2 integration • Full integration is slated for Q1, 2013 – L3 isolation (without VM / appliance) – Security groups (stateful firewall) – Floating IP (NAT) – Load balancing (L4)
  • 33. Candidate Models • Traditional network • Centrally controlled OpenFlow based hop- by-hop switching fabric • Edge to edge overlays
  • 34. Traditional Netowrk • Ethernet VLANs for L2 isolation  4096 limit  VLANs will have large spanning trees terminating on many hosts  High churn in switch control planes doing MAC learning non-stop  Need MLAG for L2 multi-path  Vendor specific • MPLS VPN? • VRFs for L3 isolation  Not scalable to cloud scale  Expensive hardware  Not fault tolerant
  • 35. OpenFlow Fabric • State in switches  Proportional to virtual network state  Need to update all switches in path when provisioning  Not scalable, not fast enough to update, no atomicity of updates • Not good for IaaS cloud virtual networking
  • 36. Spine and Leaf Network Architecture
  • 37. Deep OpenStack Integration • Quantum Plugin – L2 isolation, of course • Also… – L3 isolation (without VM / appliance) – Security groups (stateful firewall) – Floating IP (NAT) – Load balancing (L4) 37

Hinweis der Redaktion

  1. Cloud ManagementComputeStorageNetworking
  2. The CMS (cloud management system) integration is critically importantWe have built a deep integration with OpenStackL2 isolation is a given!L2 isolation is not enoughL3 isolation (inter-network routing), scalable NAT, scalable security groups are also needed for a complete solution