This document discusses the evolution of network virtualization. It begins with an overview of using VLANs for network virtualization, which provides L2 isolation but has limitations around scalability and management. OpenFlow is presented as an early approach that uses a centralized controller but has performance impacts. The document then introduces network overlays using software-defined networking as a more advanced approach, allowing network services to be decoupled from physical network hardware for improved scalability, agility and fault tolerance. It provides an overview of using the Midokura network virtualization platform with OpenStack Neutron for network automation and management.
This document introduces programmable virtual networks and discusses their advantages over traditional network slicing. It describes FlowVisor, an early network slicing tool, and its limitations in providing full network virtualization. The document then introduces OpenVirteX, a new system that aims to provide complete programmable virtual networks through topology, address, and policy virtualization. OpenVirteX maps virtual and physical network elements and allows independent control of virtual networks. While still in development, OpenVirteX has the potential to enable more flexible and innovative virtualized networks than previous solutions.
Nicolai van der Smagt has been in the business of designing, implementing and running SP networks for over 15 years. He has worked with DOCSIS, DSL and FTTH operators. Nowadays, Nicolai is helping Infradata’s pan-European customers build better access, aggregation and core networks, but his focus is on the data center, SDN, NFV and the whitebox switching revolution. His motto: “Simplicity is sophistication”.
Topic of Presentation: SDN
Language: English
Abstract:
Open source SDN that actually works -today
OpenContrail is an open source (Apache 2.0 licensed) project that provides network virtualization in the data center, using tried and tested open standards. It provides northbound APIs, integrates in Openstack or Cloudstack and is available today!
In this slot we’ll show you the architecture and ideas behind the technology and how OpenContrail enables you to avoid the pitfalls that other (closed) SDN solutions bring. If time permits we’ll also demo the technology.
The document discusses NSX design and deployment considerations including:
1. Physical and logical infrastructure requirements for NSX including IP connectivity and MTU size.
2. Edge cluster design with options for collapsed or separated edge and infrastructure racks.
3. NSX manager and controller placement and sizing within management clusters.
4. Transport zone, VTEP, and VXLAN switching concepts which are fundamental to the NSX overlay architecture.
MidoNet 101: Face to Face with the Distributed SDN
Midokura has made the source code for MidoNet freely available at www.midonet.org, delivering the truly open, vendor-agnostic network virtualization solution available for the OpenStack and the Docker community.
About MidoNet
Taking an overlay-based approach to network virtualization, MidoNet sits on top of any IP-connected network, and pushes the network intelligence to the edge of the network, in software. MidoNet makes it possible to build an IaaS cloud with fully virtualized and distributed scale-out L2-L4 networking.
FOSDEM 2015
Presenters: Antonio Sagliocco, Alex Bikfalvi in Midokura Engineering
Technical Presentation about the MidoNet architecture and in-depth discussion about MidoNet features like Distributed Layer 2 Switching, Distributed Layer 3 Routing, Firewall, NAT and Distributed Flow State.
About MidoNet
Taking an overlay-based approach to network virtualization, MidoNet sits on top of any IP-connected network, and pushes the network intelligence to the edge of the network, in software. MidoNet makes it possible to build an IaaS cloud with fully virtualized and distributed scale-out L2-L4 networking.
Presenter: Taku Fukushima, Midokura Engineering
The document discusses SDN market trends based on an SDxCentral report. It summarizes that the SDN, NFV, and network virtualization market is expected to exceed $105 billion by 2020 according to the report. It also provides details on SDN controllers, including major open source and commercial controllers. The rest of the document discusses use cases, selection criteria for controllers, and SDN adoption trends seen by the speaker.
This document discusses deploying VMware NSX Network Virtualization. It covers:
1. The objectives are to learn about NSX deployments with multiple hypervisors, NSX components required, and packet flows in logical networks.
2. The NSX architecture includes features like logical switching, routing, firewall, load balancing and VPN. Key components are the NSX controller, vSwitch, logical switches and NSX gateway.
3. Deploying NSX involves building the physical infrastructure, preparing NSX including the controller and manager, and then consuming applications through the network API.
VMworld 2013: Designing Network Virtualization for Data-Centers: Greenfield D...
VMworld 2013
Ben Basler, VMware
Roberto Mari, VMware
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
Building a secure multi-tenant cloud necessitates proper tenant isolation and access control. Key network and security functions must scale independently based on the dynamic resource requirements across each tenant. Additionally, On-demand and self-service provisioning are required for achieving operational efficiencies. Robust, dynamic and elastic software abstractions are imperative to support applications built to run such complex environments.
This slide deck covers:
• Architectural design choices
• Implementation blueprints
• Operational best practices
that have been made to build OpenStack cloud at Symantec.
Learn the production pros and cons of operating Neutron legacy and HA routers on compute nodes in your production cloud. Not ready for DVR or third-party network overhauls? Virtual router network “hot spots” got you down? Large virtual router failure domains keeping you up late at night? Neutron reference architectures not providing a scalable routing solution? If you answered yes to any of these questions then this talk is for you.
The document discusses software-defined networking (SDN) and OpenFlow, including:
1) OpenFlow allows the control logic to be separated from the forwarding hardware by defining an open interface between the two. This enables more flexible and programmable networks.
2) OpenFlow works by defining flows that match packets and actions that are applied to the matched packets. The flows are populated and managed by an external controller through the OpenFlow protocol.
3) OpenFlow is being deployed in over 100 organizations and is enabling network innovation through its programmable and customizable nature.
Technical Deep Dive into MidoNet - Taku Fukushima, Developer at Midokura
Midolman processes network packets in 3 stages:
1. The input stage receives packets from the datapath.
2. The packet processing stage simulates packet forwarding on the virtual topology, determines the egress port, and installs flows.
3. The output stage emits packets and installs flows based on the simulations.
The document discusses MidoNet, a network virtualization platform that provides a boost to OpenStack Neutron. MidoNet uses a distributed model to avoid single points of failure and bottlenecks seen in the OpenStack OVS plugin. It implements logical L2 and L3 switching, interconnectivity with physical networks, distributed firewalling, load balancing and tunneling using technologies like VxLAN and GRE. MidoNet aligns with Neutron APIs for integration into cloud management software.
This document discusses network and service virtualization technologies. It begins with an overview of challenges with current network architectures and how virtualization addresses them. It then covers three key trends: 1) network virtualization using SDN to program networks dynamically, 2) service virtualization using NFV to virtualize network functions, and 3) new infrastructure tools like Open vSwitch, OpenDaylight, and Docker networking. Finally, it discusses approaches to deploying network and service virtualization and provides a vendor landscape.
Cloud Network Virtualization with Juniper Contrail
Description: Contrail Technology will be discussed covering architecture, capabilities and use cases. It will be followed by a demonstration on current Contrail implementation on CloudStack/Openstack.
Parantap works as a Sr. Director of Solutions Engineering for Contrail Product within Juniper. Before Juniper, Parantap led the network architecture team for Microsoft Online Services (Windows Azure, MS Bing). Prior to Microsoft, Parantap worked as a core engineering manager for UUNet Technologies building Internet backbones.
This presentation will walk through the values and benefits of using service chaining technologies in OPNFV for service composition. The presentation will talk through and demonstrate, in real time, platform service chaining features and capabilities
The document provides an overview of the Juniper SDN landscape and Contrail solution. It begins with introducing the speaker and their background. It then discusses the need for SDN due to challenges in traditional networking. The current SDN landscape includes major players like Cisco, Juniper, VMware, OpenStack and smaller startups. Contrail is positioned as Juniper's SDN overlay solution that integrates with OpenStack and uses standard protocols like BGP, MPLS and XMPP to provide multi-tenancy, overlays, routing and gateway connectivity.
This document provides instructions for setting up a high availability MySQL cluster using Pacemaker, Corosync, and DRBD for storage replication. It outlines the steps to create a DRBD resource, set up Corosync for cluster communication, configure Pacemaker to manage resources and failover, and add a MySQL resource protected by the cluster. The goal is to demonstrate how to build a basic two-node active-active MySQL cluster for high availability using open source clustering tools.
This document discusses the scale-out storage solution Ceph. Ceph provides a distributed object store and file system that allows for scalable storage. It uses RADOS, which is a redundant, autonomic, distributed object store. Ceph has two main components - OSDs, which store data on disks, and MONs which monitor the cluster and maintain metadata. Ceph uses a technique called CRUSH to intelligently place data and replicas across the distributed system. It supports various use cases like virtualization, cloud storage, and large scale storage needs.
This document discusses the scale-out storage capabilities of Ceph. It explains that Ceph uses an object store model called RADOS to allow for scaling storage horizontally across commodity hardware. Ceph uses a technique called CRUSH to automatically replicate and distribute data across its object storage daemons and monitor daemons for redundancy and high availability as more nodes are added. It also describes how Ceph provides block storage, file system, and cloud storage interfaces to stored data through its RADOS Block Device, CephFS, and RADOS Gateway components.
This document provides an overview and agenda for a presentation on OpenStack networking. It begins with an overview of OpenStack architecture and services like Compute, Networking, Identity and Image services. It then discusses basic network components like controllers, compute nodes and networking plugins. Next, it covers networking process flows and dives deeper into the Neutron networking plugin, including the Modular Layer 2 plugin framework and drivers like Open vSwitch. It concludes with a planned demonstration of networking functionality in an OpenStack lab environment.
This was a tutorial which Mark McClain and I led at ONUG, Spring 2015. It was well received and serves as a walk through of OpenStack Neutron and it's features and usage.
From Nova-Network to Neutron and Beyond: A Look at OpenStack Networking
This document provides an overview of the evolution of network virtualization and OpenStack networking. It describes how networking started with manually configured VLANs, moved to OpenFlow which required programming flows, and then to network overlays using software defined networking. It outlines the requirements for network virtualization. It also details the evolution of OpenStack networking from Nova network to Quantum/Neutron, including the transition to using overlays and supporting plugins. Key features of Neutron are summarized, as well as upcoming features planned for future OpenStack releases.
Contrail provides software defined networking and virtual network capabilities for OpenStack clouds. Key components of Contrail include the Contrail controller, vRouters running on hypervisors, and integration with OpenStack using Neutron and Nova. Virtual networks in Contrail can be created which provide isolation between groups of virtual machines and connectivity to physical networks.
SDN & NFV Introduction - Open Source Data Center Networking
This document introduces software defined networking (SDN) and network functions virtualization (NFV) concepts. It discusses challenges with traditional networking and how SDN and NFV address these by decoupling the control and data planes, centralizing network intelligence, and abstracting the underlying network infrastructure. It then provides examples of open source SDN technologies like OpenDaylight, Open vSwitch, and OpenStack that can be used to build programmable software-defined networks and virtualized network functions.
This document introduces software defined networking (SDN) and network functions virtualization (NFV) concepts. It discusses challenges with traditional networking and how SDN and NFV address these by decoupling the control and data planes, making the network programmable through APIs, and virtualizing network functions. It then provides examples of open source SDN platforms like OpenDaylight, Open vSwitch, and OpenStack that enable building virtual networks and service chains.
This is the latest Update to my OpenStack Networking / Neutron 101 Slides with some more Information and caveats on the new DVR and Gateway HA Features
Software Defined Networking is seeing a lot of momentum these days. With server virtualization solving the virtual machines problem, and large scale object storage solving the distributed storage challenge, SDN is seen as key in virtual networking.
In this talk we don't try to define SDN but rather dive straight into what in our opinion is the core enabled of SDN: the virtual switch OVS.
OVS can help manage VLAN for guest network isolation, it can re-route any traffic at L2-L4 by keeping forwarding tables controlled by a remote controller (Openfow controller). We show these few OVS capabilities and highlight how they are used in CloudStack and Xen.
Xen Summit presentation of CloudStack and Software Defined Networks. OpenVswitch is the default bridge in Xen and supported in XenServer and Xen Cloud Platform
Quantum is an OpenStack networking project that provides networking as a service between interfaces managed by other projects like Nova. It uses plugins to support different networking technologies and providers. Quantum provides advanced network topologies and tenant control over networking that was not possible with just Nova networking. The Grizzly release includes improvements to security groups, load balancing as a service, new plugins, and seamless upgrades from Folsom.
Quantum is an OpenStack networking project that provides networking as a service. It uses plugins to support various technologies like SDN, overlay tunneling, and fabric solutions. This allows tenants to create their own network topologies with control over addressing, segmentation, and services. Quantum provides APIs for networks, subnets, and ports that integrate with Nova to attach virtual network interfaces to instances.
Tech Talk by John Casey (CTO) CPLANE_NETWORKS : High Performance OpenStack Ne...
OpenStack is HOT! No doubt about it. A recent survey by The New Stack and The Linux Foundation shows OpenStack as the most popular open source project ahead of other hot projects like Docker and KVM. OpenStack is now taking its rightful place as the open source cloud solution for enterprises and service providers.
To date OpenStack networking has not yet achieved the performance, scalability and reliability that many large enterprises demand. CPLANE NETWORKS solves that problem by delivering secure multi-tenant virtual networking that overcomes the limitations of the standard Neutron networking service. By making all networking services local to the compute node and achieving near line-rate throughput, CPLANE NETWORKS Dynamic Virtual Networks (DVN) delivers mega-scale networking for the most demanding application environments.
In this session John Casey will cover the basics of DVN and explain how CPLANE NETWORKS achieves "at scale" network performance within and across data centers.
About John Casey
John Casey has over 20 years of deep technology leadership. His proven success with a variety of technical leadership roles in Telecom, Enterprise and Government and in software design and development provide the foundation for the system architecture and engineering team.
Previously John led worldwide deployment teams for both IBM’s Software Group and Narus, Inc. His work in large scale, high performance system design at Transarc Labs and Walker Interactive Systems brings leadership to the CPLANE NETWORKS product suite.
Understanding and deploying Network Virtualization
Analogous to server virtualization, Network Virtualization decouples and isolates virtual networks (i.e. tenant) from the underlying network hardware. One of the key value propositions of Software-Defined Networking (SDN) is to enable the provisioning and operation of virtual networks. This tutorial motivates the need for network virtualization, describes the high-level requirements, provides an overview of all architectural approaches, and gives you a clear picture of the vendor landscape.
Previously presented at ONUG Fall 2013 and Spring 2014.
OpenStack 2012 fall summit observation - Quantum/SDN
- The keynote at the OpenStack 2012 Fall Summit highlighted Rackspace's decreasing contribution to OpenStack commits over time and Rackspace's private cloud which runs OpenStack and sees high usage.
- The Quantum project in OpenStack provides network connectivity as a service and allows different virtualization technologies to be plugged in as backends. It has evolved to add L3 and L4-L7 network services.
- Quantum uses a plugin architecture so that different virtual network backends like Open vSwitch, Linux bridge can be used. Extensions allow for additional network properties and new services like routing, load balancing to be added.
Dave Chandler Presents SDN at World Wide Technology's TECday - St. Louis
This document provides an overview of enterprise networking solutions offered by ATC Solutions Engineering. It discusses their mission to deliver value through networking solution assessments and provide clarity for business technology decisions. It then lists and briefly describes various networking domains and solutions they consult on, such as data center networking, campus/branch networking, software-defined networking, and lab as a service.
Network virtualization allows sharing of physical network infrastructure between multiple virtual networks through abstraction and tunneling techniques. It provides benefits like increased infrastructure utilization, scalability, agility, and security. Common virtualization techniques include VLANs to divide switches into logical segments, DWDM to multiply fiber bandwidth, VRFs to partition routers, and tunneling protocols like GRE, VXLAN, and MPLS to encapsulate and transport traffic across physical networks. Overlay networks further abstract the physical underlay into virtual topologies to support multiple isolated tenant networks on shared infrastructure.
Nuage Arista Hardware VTEP. Demoing the integration of Arista switch into Nuage VSP and automatic way of building Vxlan tunnels from virtual to bare metal infrastructure.
VMworld 2013: Troubleshooting VXLAN and Network Services in a Virtualized Env...VMworld
This document discusses troubleshooting VXLAN and network services in a virtualized environment using VMware NSX. It covers VXLAN packet flow, NSX enhancements to the data and control planes, configuration and consumption demos, packet walks in unicast mode, troubleshooting demos using NSX Manager tools, dynamic routing details and demos, and network virtualization operations. The key takeaways are that multicast is not required in the physical network for VXLAN, NSX provides tools to troubleshoot networks and services, and NSX integrates with operations tools for analysis and alerting.
The document provides an overview of network virtualization and the Network Virtualization Platform (NVP). It defines network virtualization as decoupling, automating, and making network behavior independent of physical network state. NVP allows for logical networks that are isolated, location-independent and independent of physical network changes. It introduces NVP components and architecture including the control plane, gateways, service nodes, and integration with hypervisors and OpenStack. The document also discusses treating physical networks like compute servers and fabric/pod network designs.
This document introduces programmable virtual networks and discusses their advantages over traditional network slicing. It describes FlowVisor, an early network slicing tool, and its limitations in providing full network virtualization. The document then introduces OpenVirteX, a new system that aims to provide complete programmable virtual networks through topology, address, and policy virtualization. OpenVirteX maps virtual and physical network elements and allows independent control of virtual networks. While still in development, OpenVirteX has the potential to enable more flexible and innovative virtualized networks than previous solutions.
Nicolai van der Smagt has been in the business of designing, implementing and running SP networks for over 15 years. He has worked with DOCSIS, DSL and FTTH operators. Nowadays, Nicolai is helping Infradata’s pan-European customers build better access, aggregation and core networks, but his focus is on the data center, SDN, NFV and the whitebox switching revolution. His motto: “Simplicity is sophistication”.
Topic of Presentation: SDN
Language: English
Abstract:
Open source SDN that actually works -today
OpenContrail is an open source (Apache 2.0 licensed) project that provides network virtualization in the data center, using tried and tested open standards. It provides northbound APIs, integrates in Openstack or Cloudstack and is available today!
In this slot we’ll show you the architecture and ideas behind the technology and how OpenContrail enables you to avoid the pitfalls that other (closed) SDN solutions bring. If time permits we’ll also demo the technology.
The document discusses NSX design and deployment considerations including:
1. Physical and logical infrastructure requirements for NSX including IP connectivity and MTU size.
2. Edge cluster design with options for collapsed or separated edge and infrastructure racks.
3. NSX manager and controller placement and sizing within management clusters.
4. Transport zone, VTEP, and VXLAN switching concepts which are fundamental to the NSX overlay architecture.
MidoNet 101: Face to Face with the Distributed SDNMidoNet
Midokura has made the source code for MidoNet freely available at www.midonet.org, delivering the truly open, vendor-agnostic network virtualization solution available for the OpenStack and the Docker community.
About MidoNet
Taking an overlay-based approach to network virtualization, MidoNet sits on top of any IP-connected network, and pushes the network intelligence to the edge of the network, in software. MidoNet makes it possible to build an IaaS cloud with fully virtualized and distributed scale-out L2-L4 networking.
FOSDEM 2015
Presenters: Antonio Sagliocco, Alex Bikfalvi in Midokura Engineering
Technical Presentation about the MidoNet architecture and in-depth discussion about MidoNet features like Distributed Layer 2 Switching, Distributed Layer 3 Routing, Firewall, NAT and Distributed Flow State.
About MidoNet
Taking an overlay-based approach to network virtualization, MidoNet sits on top of any IP-connected network, and pushes the network intelligence to the edge of the network, in software. MidoNet makes it possible to build an IaaS cloud with fully virtualized and distributed scale-out L2-L4 networking.
Presenter: Taku Fukushima, Midokura Engineering
OpenContrail Silicon Valley Meetup Aug 25 2015Scott Sneddon
The document discusses SDN market trends based on an SDxCentral report. It summarizes that the SDN, NFV, and network virtualization market is expected to exceed $105 billion by 2020 according to the report. It also provides details on SDN controllers, including major open source and commercial controllers. The rest of the document discusses use cases, selection criteria for controllers, and SDN adoption trends seen by the speaker.
This document discusses deploying VMware NSX Network Virtualization. It covers:
1. The objectives are to learn about NSX deployments with multiple hypervisors, NSX components required, and packet flows in logical networks.
2. The NSX architecture includes features like logical switching, routing, firewall, load balancing and VPN. Key components are the NSX controller, vSwitch, logical switches and NSX gateway.
3. Deploying NSX involves building the physical infrastructure, preparing NSX including the controller and manager, and then consuming applications through the network API.
VMworld 2013: Designing Network Virtualization for Data-Centers: Greenfield D...VMworld
VMworld 2013
Ben Basler, VMware
Roberto Mari, VMware
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
Secure Multi Tenant Cloud with OpenContrailPriti Desai
Building a secure multi-tenant cloud necessitates proper tenant isolation and access control. Key network and security functions must scale independently based on the dynamic resource requirements across each tenant. Additionally, On-demand and self-service provisioning are required for achieving operational efficiencies. Robust, dynamic and elastic software abstractions are imperative to support applications built to run such complex environments.
This slide deck covers:
• Architectural design choices
• Implementation blueprints
• Operational best practices
that have been made to build OpenStack cloud at Symantec.
OpenStack: Virtual Routers On Compute Nodesclayton_oneill
Learn the production pros and cons of operating Neutron legacy and HA routers on compute nodes in your production cloud. Not ready for DVR or third-party network overhauls? Virtual router network “hot spots” got you down? Large virtual router failure domains keeping you up late at night? Neutron reference architectures not providing a scalable routing solution? If you answered yes to any of these questions then this talk is for you.
The document discusses software-defined networking (SDN) and OpenFlow, including:
1) OpenFlow allows the control logic to be separated from the forwarding hardware by defining an open interface between the two. This enables more flexible and programmable networks.
2) OpenFlow works by defining flows that match packets and actions that are applied to the matched packets. The flows are populated and managed by an external controller through the OpenFlow protocol.
3) OpenFlow is being deployed in over 100 organizations and is enabling network innovation through its programmable and customizable nature.
Technical Deep Dive into MidoNet - Taku Fukushima, Developer at MidokuraMidoNet
Midolman processes network packets in 3 stages:
1. The input stage receives packets from the datapath.
2. The packet processing stage simulates packet forwarding on the virtual topology, determines the egress port, and installs flows.
3. The output stage emits packets and installs flows based on the simulations.
The document discusses MidoNet, a network virtualization platform that provides a boost to OpenStack Neutron. MidoNet uses a distributed model to avoid single points of failure and bottlenecks seen in the OpenStack OVS plugin. It implements logical L2 and L3 switching, interconnectivity with physical networks, distributed firewalling, load balancing and tunneling using technologies like VxLAN and GRE. MidoNet aligns with Neutron APIs for integration into cloud management software.
Understanding network and service virtualizationSDN Hub
This document discusses network and service virtualization technologies. It begins with an overview of challenges with current network architectures and how virtualization addresses them. It then covers three key trends: 1) network virtualization using SDN to program networks dynamically, 2) service virtualization using NFV to virtualize network functions, and 3) new infrastructure tools like Open vSwitch, OpenDaylight, and Docker networking. Finally, it discusses approaches to deploying network and service virtualization and provides a vendor landscape.
Cloud Network Virtualization with Juniper Contrailbuildacloud
Description: Contrail Technology will be discussed covering architecture, capabilities and use cases. It will be followed by a demonstration on current Contrail implementation on CloudStack/Openstack.
Parantap works as a Sr. Director of Solutions Engineering for Contrail Product within Juniper. Before Juniper, Parantap led the network architecture team for Microsoft Online Services (Windows Azure, MS Bing). Prior to Microsoft, Parantap worked as a core engineering manager for UUNet Technologies building Internet backbones.
This presentation will walk through the values and benefits of using service chaining technologies in OPNFV for service composition. The presentation will talk through and demonstrate, in real time, platform service chaining features and capabilities
The document provides an overview of the Juniper SDN landscape and Contrail solution. It begins with introducing the speaker and their background. It then discusses the need for SDN due to challenges in traditional networking. The current SDN landscape includes major players like Cisco, Juniper, VMware, OpenStack and smaller startups. Contrail is positioned as Juniper's SDN overlay solution that integrates with OpenStack and uses standard protocols like BGP, MPLS and XMPP to provide multi-tenancy, overlays, routing and gateway connectivity.
This document provides instructions for setting up a high availability MySQL cluster using Pacemaker, Corosync, and DRBD for storage replication. It outlines the steps to create a DRBD resource, set up Corosync for cluster communication, configure Pacemaker to manage resources and failover, and add a MySQL resource protected by the cluster. The goal is to demonstrate how to build a basic two-node active-active MySQL cluster for high availability using open source clustering tools.
This document discusses the scale-out storage solution Ceph. Ceph provides a distributed object store and file system that allows for scalable storage. It uses RADOS, which is a redundant, autonomic, distributed object store. Ceph has two main components - OSDs, which store data on disks, and MONs which monitor the cluster and maintain metadata. Ceph uses a technique called CRUSH to intelligently place data and replicas across the distributed system. It supports various use cases like virtualization, cloud storage, and large scale storage needs.
This document discusses the scale-out storage capabilities of Ceph. It explains that Ceph uses an object store model called RADOS to allow for scaling storage horizontally across commodity hardware. Ceph uses a technique called CRUSH to automatically replicate and distribute data across its object storage daemons and monitor daemons for redundancy and high availability as more nodes are added. It also describes how Ceph provides block storage, file system, and cloud storage interfaces to stored data through its RADOS Block Device, CephFS, and RADOS Gateway components.
This document provides an overview and agenda for a presentation on OpenStack networking. It begins with an overview of OpenStack architecture and services like Compute, Networking, Identity and Image services. It then discusses basic network components like controllers, compute nodes and networking plugins. Next, it covers networking process flows and dives deeper into the Neutron networking plugin, including the Modular Layer 2 plugin framework and drivers like Open vSwitch. It concludes with a planned demonstration of networking functionality in an OpenStack lab environment.
This was a tutorial which Mark McClain and I led at ONUG, Spring 2015. It was well received and serves as a walk through of OpenStack Neutron and it's features and usage.
From Nova-Network to Neutron and Beyond: A Look at OpenStack NetworkingCynthia Thomas
This document provides an overview of the evolution of network virtualization and OpenStack networking. It describes how networking started with manually configured VLANs, moved to OpenFlow which required programming flows, and then to network overlays using software defined networking. It outlines the requirements for network virtualization. It also details the evolution of OpenStack networking from Nova network to Quantum/Neutron, including the transition to using overlays and supporting plugins. Key features of Neutron are summarized, as well as upcoming features planned for future OpenStack releases.
Contrail provides software defined networking and virtual network capabilities for OpenStack clouds. Key components of Contrail include the Contrail controller, vRouters running on hypervisors, and integration with OpenStack using Neutron and Nova. Virtual networks in Contrail can be created which provide isolation between groups of virtual machines and connectivity to physical networks.
SDN & NFV Introduction - Open Source Data Center NetworkingThomas Graf
This document introduces software defined networking (SDN) and network functions virtualization (NFV) concepts. It discusses challenges with traditional networking and how SDN and NFV address these by decoupling the control and data planes, centralizing network intelligence, and abstracting the underlying network infrastructure. It then provides examples of open source SDN technologies like OpenDaylight, Open vSwitch, and OpenStack that can be used to build programmable software-defined networks and virtualized network functions.
This document introduces software defined networking (SDN) and network functions virtualization (NFV) concepts. It discusses challenges with traditional networking and how SDN and NFV address these by decoupling the control and data planes, making the network programmable through APIs, and virtualizing network functions. It then provides examples of open source SDN platforms like OpenDaylight, Open vSwitch, and OpenStack that enable building virtual networks and service chains.
Open stack networking_101_update_2014-os-meetupsyfauser
This is the latest Update to my OpenStack Networking / Neutron 101 Slides with some more Information and caveats on the new DVR and Gateway HA Features
Software Defined Networking is seeing a lot of momentum these days. With server virtualization solving the virtual machines problem, and large scale object storage solving the distributed storage challenge, SDN is seen as key in virtual networking.
In this talk we don't try to define SDN but rather dive straight into what in our opinion is the core enabled of SDN: the virtual switch OVS.
OVS can help manage VLAN for guest network isolation, it can re-route any traffic at L2-L4 by keeping forwarding tables controlled by a remote controller (Openfow controller). We show these few OVS capabilities and highlight how they are used in CloudStack and Xen.
Xen Summit presentation of CloudStack and Software Defined Networks. OpenVswitch is the default bridge in Xen and supported in XenServer and Xen Cloud Platform
Quantum is an OpenStack networking project that provides networking as a service between interfaces managed by other projects like Nova. It uses plugins to support different networking technologies and providers. Quantum provides advanced network topologies and tenant control over networking that was not possible with just Nova networking. The Grizzly release includes improvements to security groups, load balancing as a service, new plugins, and seamless upgrades from Folsom.
Quantum is an OpenStack networking project that provides networking as a service. It uses plugins to support various technologies like SDN, overlay tunneling, and fabric solutions. This allows tenants to create their own network topologies with control over addressing, segmentation, and services. Quantum provides APIs for networks, subnets, and ports that integrate with Nova to attach virtual network interfaces to instances.
Tech Talk by John Casey (CTO) CPLANE_NETWORKS : High Performance OpenStack Ne...nvirters
OpenStack is HOT! No doubt about it. A recent survey by The New Stack and The Linux Foundation shows OpenStack as the most popular open source project ahead of other hot projects like Docker and KVM. OpenStack is now taking its rightful place as the open source cloud solution for enterprises and service providers.
To date OpenStack networking has not yet achieved the performance, scalability and reliability that many large enterprises demand. CPLANE NETWORKS solves that problem by delivering secure multi-tenant virtual networking that overcomes the limitations of the standard Neutron networking service. By making all networking services local to the compute node and achieving near line-rate throughput, CPLANE NETWORKS Dynamic Virtual Networks (DVN) delivers mega-scale networking for the most demanding application environments.
In this session John Casey will cover the basics of DVN and explain how CPLANE NETWORKS achieves "at scale" network performance within and across data centers.
About John Casey
John Casey has over 20 years of deep technology leadership. His proven success with a variety of technical leadership roles in Telecom, Enterprise and Government and in software design and development provide the foundation for the system architecture and engineering team.
Previously John led worldwide deployment teams for both IBM’s Software Group and Narus, Inc. His work in large scale, high performance system design at Transarc Labs and Walker Interactive Systems brings leadership to the CPLANE NETWORKS product suite.
Understanding and deploying Network VirtualizationSDN Hub
Analogous to server virtualization, Network Virtualization decouples and isolates virtual networks (i.e. tenant) from the underlying network hardware. One of the key value propositions of Software-Defined Networking (SDN) is to enable the provisioning and operation of virtual networks. This tutorial motivates the need for network virtualization, describes the high-level requirements, provides an overview of all architectural approaches, and gives you a clear picture of the vendor landscape.
Previously presented at ONUG Fall 2013 and Spring 2014.
OpenStack 2012 fall summit observation - Quantum/SDNTe-Yen Liu
- The keynote at the OpenStack 2012 Fall Summit highlighted Rackspace's decreasing contribution to OpenStack commits over time and Rackspace's private cloud which runs OpenStack and sees high usage.
- The Quantum project in OpenStack provides network connectivity as a service and allows different virtualization technologies to be plugged in as backends. It has evolved to add L3 and L4-L7 network services.
- Quantum uses a plugin architecture so that different virtual network backends like Open vSwitch, Linux bridge can be used. Extensions allow for additional network properties and new services like routing, load balancing to be added.
Dave Chandler Presents SDN at World Wide Technology's TECday - St. LouisWorld Wide Technology
This document provides an overview of enterprise networking solutions offered by ATC Solutions Engineering. It discusses their mission to deliver value through networking solution assessments and provide clarity for business technology decisions. It then lists and briefly describes various networking domains and solutions they consult on, such as data center networking, campus/branch networking, software-defined networking, and lab as a service.
Network virtualization allows sharing of physical network infrastructure between multiple virtual networks through abstraction and tunneling techniques. It provides benefits like increased infrastructure utilization, scalability, agility, and security. Common virtualization techniques include VLANs to divide switches into logical segments, DWDM to multiply fiber bandwidth, VRFs to partition routers, and tunneling protocols like GRE, VXLAN, and MPLS to encapsulate and transport traffic across physical networks. Overlay networks further abstract the physical underlay into virtual topologies to support multiple isolated tenant networks on shared infrastructure.
This document provides an overview and update on VMware's NSX network virtualization platform and previews future directions. It discusses expanding NSX capabilities like physical network integration, new encapsulation formats, and multi-site network virtualization. The presentation also explores advanced topics such as distributed logical routing, handling elephant flows, and enabling service chaining through network virtualization. Overall, the document outlines how NSX provides network virtualization and previews exciting new capabilities and use cases for virtualized networking.
Similar to CloudKC: Evolution of Network Virtualization (20)
CNSCon 2024 Lightning Talk: Don’t Make Me Impersonate My IdentityCynthia Thomas
Identities are a crucial part of running workloads on Kubernetes. How do you ensure Pods can securely access Cloud resources? In this lightning talk, you will learn how large Cloud providers work together to share Identity Provider responsibilities in order to federate identities in multi-cloud environments.
KubeCon NA'22 Lightning Talk: Where did all my IPs go?Cynthia Thomas
Kubernetes cluster planning requires quite a few things to get started. What about IPs? Common IP management hurdles with Kubernetes clusters include IP assignments when building a cluster and challenges faced when deploying in a multi-faceted environment. Kubernetes Admins often need to use IP addressing handed out by Network Admins juggling other non-k8s workload IP assignments and IP exhaustion. In this talk, Cynthia will discuss new and existing KEPs that SIG-network has implemented to help mitigate IP challenges. Such features include discontiguous cluster CIDRs and the journey to IPv6. Cynthia will also discuss how the best practices for Kubernetes IP management are changing with these new capabilities to help scale and grow instead of rebuild.
https://sched.co/184sj
Kernel advantages for Istio realized with CiliumCynthia Thomas
Istio brings a myriad of options to provide routing rules, encryption, and monitoring for microservices, typically in container environments. Cilium provides accelerated network security using a modern kernel technology called BPF. Put the two together and what do you get? A distributed security solution enabling microservices traffic management, security, and monitoring while enforcing policy as close to the microservices as possible.
Cynthia Thomas and Romain Lenglet discuss the architectural and performance benefits of using Cilium with Istio and provide a demo of this BPF-based, Linux kernel technology. Cilium provides an API-aware security solution that can make a decision on every single microservice flow, with the ability to enforce protocols such as HTTP, Kafka, and gRPC. By addressing security policy at the API layer, you can enforce policy efficiently with kernel capabilities while reducing the attack surface in a microservices deployment.
Cilium:: Application-Aware Microservices via BPFCynthia Thomas
Intro to Cilium Microservices Security with Kubernetes Integration
Open Source Cilium website: cilium.io
GH: github.com/cilium/cilium
Join our Slack! cilium.herokuapp.com
Follow us on Twitter!
@ciliumproject
@_techcet_
Cilium: Seattle Kubernetes MeetUp Dec 2017Cynthia Thomas
BPF (Berkeley Packet Filter) is becoming the fastest growing technology in the Linux kernel and is revolutionizing networking, security and tracing. At the same time, the rise of container-based orchestration platforms such as Kubernetes is creating demand for routing, load-balancing & security infrastructure that is highly scalable, application-aware, and resilient.
This talk introduces the open source project Cilium - a modern networking and security platform for microservices. Cilium is built on top of BPF and provides Linux native networking and security services with application protocol awareness. Cilium works hand in hand with application proxies such as Envoy and the services management orchestration layer Istio to provide infrastructure services in a transparent manner and with minimal overhead. This talk will discuss the challenges of exposing services via APIs and the solution that Cilium provides to enforce least privilege security.
Cilium – Kernel Native Security & DDOS Mitigation for Microservices with BPFCynthia Thomas
We have introduced Cilium at DockerCon US 2017 this year. Cilium provides application-aware network connectivity, security, and load-balancing for containers. This talk will follow up on the introduction and deep dive into recent kernel developments that address two fundamental questions: How can I provide application-aware security and routing efficiently without overhead embedded into every service? How can container hosts protect themselves from internal and external DDoS attacks? The solutions include:
kproxy: a kernel-based socket proxy which allows for application-aware routing and security enforcement with minimal overhead.
XDP: A lightning-fast packet processing datapath using BPF. The technology is intended for DDoS mitigation, load-balancing, and forwarding.
This talk will deep dive into these exciting technologies and show how Cilium makes BPF and these kernel features available on Linux for your Docker containers.
Secure Your Containers: What Network Admins Should Know When Moving Into Prod...Cynthia Thomas
This session offers techniques for securing Docker containers and hosts using open source network virtualization technologies to implement microsegmentation. Come learn real tips and tricks that you can apply to keep your production environment secure.
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - MydbopsMydbops
This presentation, delivered at the Postgres Bangalore (PGBLR) Meetup-2 on June 29th, 2024, dives deep into connection pooling for PostgreSQL databases. Aakash M, a PostgreSQL Tech Lead at Mydbops, explores the challenges of managing numerous connections and explains how connection pooling optimizes performance and resource utilization.
Key Takeaways:
* Understand why connection pooling is essential for high-traffic applications
* Explore various connection poolers available for PostgreSQL, including pgbouncer
* Learn the configuration options and functionalities of pgbouncer
* Discover best practices for monitoring and troubleshooting connection pooling setups
* Gain insights into real-world use cases and considerations for production environments
This presentation is ideal for:
* Database administrators (DBAs)
* Developers working with PostgreSQL
* DevOps engineers
* Anyone interested in optimizing PostgreSQL performance
Contact info@mydbops.com for PostgreSQL Managed, Consulting and Remote DBA Services
How RPA Help in the Transportation and Logistics Industry.pptxSynapseIndia
Revolutionize your transportation processes with our cutting-edge RPA software. Automate repetitive tasks, reduce costs, and enhance efficiency in the logistics sector with our advanced solutions.
Quality Patents: Patents That Stand the Test of TimeAurora Consulting
Is your patent a vanity piece of paper for your office wall? Or is it a reliable, defendable, assertable, property right? The difference is often quality.
Is your patent simply a transactional cost and a large pile of legal bills for your startup? Or is it a leverageable asset worthy of attracting precious investment dollars, worth its cost in multiples of valuation? The difference is often quality.
Is your patent application only good enough to get through the examination process? Or has it been crafted to stand the tests of time and varied audiences if you later need to assert that document against an infringer, find yourself litigating with it in an Article 3 Court at the hands of a judge and jury, God forbid, end up having to defend its validity at the PTAB, or even needing to use it to block pirated imports at the International Trade Commission? The difference is often quality.
Quality will be our focus for a good chunk of the remainder of this season. What goes into a quality patent, and where possible, how do you get it without breaking the bank?
** Episode Overview **
In this first episode of our quality series, Kristen Hansen and the panel discuss:
⦿ What do we mean when we say patent quality?
⦿ Why is patent quality important?
⦿ How to balance quality and budget
⦿ The importance of searching, continuations, and draftsperson domain expertise
⦿ Very practical tips, tricks, examples, and Kristen’s Musts for drafting quality applications
https://www.aurorapatents.com/patently-strategic-podcast.html
Details of description part II: Describing images in practice - Tech Forum 2024BookNet Canada
This presentation explores the practical application of image description techniques. Familiar guidelines will be demonstrated in practice, and descriptions will be developed “live”! If you have learned a lot about the theory of image description techniques but want to feel more confident putting them into practice, this is the presentation for you. There will be useful, actionable information for everyone, whether you are working with authors, colleagues, alone, or leveraging AI as a collaborator.
Link to presentation recording and transcript: https://bnctechforum.ca/sessions/details-of-description-part-ii-describing-images-in-practice/
Presented by BookNet Canada on June 25, 2024, with support from the Department of Canadian Heritage.
UiPath Community Day Kraków: Devs4Devs ConferenceUiPathCommunity
We are honored to launch and host this event for our UiPath Polish Community, with the help of our partners - Proservartner!
We certainly hope we have managed to spike your interest in the subjects to be presented and the incredible networking opportunities at hand, too!
Check out our proposed agenda below 👇👇
08:30 ☕ Welcome coffee (30')
09:00 Opening note/ Intro to UiPath Community (10')
Cristina Vidu, Global Manager, Marketing Community @UiPath
Dawid Kot, Digital Transformation Lead @Proservartner
09:10 Cloud migration - Proservartner & DOVISTA case study (30')
Marcin Drozdowski, Automation CoE Manager @DOVISTA
Pawel Kamiński, RPA developer @DOVISTA
Mikolaj Zielinski, UiPath MVP, Senior Solutions Engineer @Proservartner
09:40 From bottlenecks to breakthroughs: Citizen Development in action (25')
Pawel Poplawski, Director, Improvement and Automation @McCormick & Company
Michał Cieślak, Senior Manager, Automation Programs @McCormick & Company
10:05 Next-level bots: API integration in UiPath Studio (30')
Mikolaj Zielinski, UiPath MVP, Senior Solutions Engineer @Proservartner
10:35 ☕ Coffee Break (15')
10:50 Document Understanding with my RPA Companion (45')
Ewa Gruszka, Enterprise Sales Specialist, AI & ML @UiPath
11:35 Power up your Robots: GenAI and GPT in REFramework (45')
Krzysztof Karaszewski, Global RPA Product Manager
12:20 🍕 Lunch Break (1hr)
13:20 From Concept to Quality: UiPath Test Suite for AI-powered Knowledge Bots (30')
Kamil Miśko, UiPath MVP, Senior RPA Developer @Zurich Insurance
13:50 Communications Mining - focus on AI capabilities (30')
Thomasz Wierzbicki, Business Analyst @Office Samurai
14:20 Polish MVP panel: Insights on MVP award achievements and career profiling
Are you interested in dipping your toes in the cloud native observability waters, but as an engineer you are not sure where to get started with tracing problems through your microservices and application landscapes on Kubernetes? Then this is the session for you, where we take you on your first steps in an active open-source project that offers a buffet of languages, challenges, and opportunities for getting started with telemetry data.
The project is called openTelemetry, but before diving into the specifics, we’ll start with de-mystifying key concepts and terms such as observability, telemetry, instrumentation, cardinality, percentile to lay a foundation. After understanding the nuts and bolts of observability and distributed traces, we’ll explore the openTelemetry community; its Special Interest Groups (SIGs), repositories, and how to become not only an end-user, but possibly a contributor.We will wrap up with an overview of the components in this project, such as the Collector, the OpenTelemetry protocol (OTLP), its APIs, and its SDKs.
Attendees will leave with an understanding of key observability concepts, become grounded in distributed tracing terminology, be aware of the components of openTelemetry, and know how to take their first steps to an open-source contribution!
Key Takeaways: Open source, vendor neutral instrumentation is an exciting new reality as the industry standardizes on openTelemetry for observability. OpenTelemetry is on a mission to enable effective observability by making high-quality, portable telemetry ubiquitous. The world of observability and monitoring today has a steep learning curve and in order to achieve ubiquity, the project would benefit from growing our contributor community.
Quantum Communications Q&A with Gemini LLM. These are based on Shannon's Noisy channel Theorem and offers how the classical theory applies to the quantum world.
7 Most Powerful Solar Storms in the History of Earth.pdfEnterprise Wired
Solar Storms (Geo Magnetic Storms) are the motion of accelerated charged particles in the solar environment with high velocities due to the coronal mass ejection (CME).
Support en anglais diffusé lors de l'événement 100% IA organisé dans les locaux parisiens d'Iguane Solutions, le mardi 2 juillet 2024 :
- Présentation de notre plateforme IA plug and play : ses fonctionnalités avancées, telles que son interface utilisateur intuitive, son copilot puissant et des outils de monitoring performants.
- REX client : Cyril Janssens, CTO d’ easybourse, partage son expérience d’utilisation de notre plateforme IA plug & play.
Transcript: Details of description part II: Describing images in practice - T...BookNet Canada
This presentation explores the practical application of image description techniques. Familiar guidelines will be demonstrated in practice, and descriptions will be developed “live”! If you have learned a lot about the theory of image description techniques but want to feel more confident putting them into practice, this is the presentation for you. There will be useful, actionable information for everyone, whether you are working with authors, colleagues, alone, or leveraging AI as a collaborator.
Link to presentation recording and slides: https://bnctechforum.ca/sessions/details-of-description-part-ii-describing-images-in-practice/
Presented by BookNet Canada on June 25, 2024, with support from the Department of Canadian Heritage.
Implementations of Fused Deposition Modeling in real worldEmerging Tech
The presentation showcases the diverse real-world applications of Fused Deposition Modeling (FDM) across multiple industries:
1. **Manufacturing**: FDM is utilized in manufacturing for rapid prototyping, creating custom tools and fixtures, and producing functional end-use parts. Companies leverage its cost-effectiveness and flexibility to streamline production processes.
2. **Medical**: In the medical field, FDM is used to create patient-specific anatomical models, surgical guides, and prosthetics. Its ability to produce precise and biocompatible parts supports advancements in personalized healthcare solutions.
3. **Education**: FDM plays a crucial role in education by enabling students to learn about design and engineering through hands-on 3D printing projects. It promotes innovation and practical skill development in STEM disciplines.
4. **Science**: Researchers use FDM to prototype equipment for scientific experiments, build custom laboratory tools, and create models for visualization and testing purposes. It facilitates rapid iteration and customization in scientific endeavors.
5. **Automotive**: Automotive manufacturers employ FDM for prototyping vehicle components, tooling for assembly lines, and customized parts. It speeds up the design validation process and enhances efficiency in automotive engineering.
6. **Consumer Electronics**: FDM is utilized in consumer electronics for designing and prototyping product enclosures, casings, and internal components. It enables rapid iteration and customization to meet evolving consumer demands.
7. **Robotics**: Robotics engineers leverage FDM to prototype robot parts, create lightweight and durable components, and customize robot designs for specific applications. It supports innovation and optimization in robotic systems.
8. **Aerospace**: In aerospace, FDM is used to manufacture lightweight parts, complex geometries, and prototypes of aircraft components. It contributes to cost reduction, faster production cycles, and weight savings in aerospace engineering.
9. **Architecture**: Architects utilize FDM for creating detailed architectural models, prototypes of building components, and intricate designs. It aids in visualizing concepts, testing structural integrity, and communicating design ideas effectively.
Each industry example demonstrates how FDM enhances innovation, accelerates product development, and addresses specific challenges through advanced manufacturing capabilities.
Choose our Linux Web Hosting for a seamless and successful online presencerajancomputerfbd
Our Linux Web Hosting plans offer unbeatable performance, security, and scalability, ensuring your website runs smoothly and efficiently.
Visit- https://onliveserver.com/linux-web-hosting/
Fluttercon 2024: Showing that you care about security - OpenSSF Scorecards fo...Chris Swan
Have you noticed the OpenSSF Scorecard badges on the official Dart and Flutter repos? It's Google's way of showing that they care about security. Practices such as pinning dependencies, branch protection, required reviews, continuous integration tests etc. are measured to provide a score and accompanying badge.
You can do the same for your projects, and this presentation will show you how, with an emphasis on the unique challenges that come up when working with Dart and Flutter.
The session will provide a walkthrough of the steps involved in securing a first repository, and then what it takes to repeat that process across an organization with multiple repos. It will also look at the ongoing maintenance involved once scorecards have been implemented, and how aspects of that maintenance can be better automated to minimize toil.
Advanced Techniques for Cyber Security Analysis and Anomaly DetectionBert Blevins
Cybersecurity is a major concern in today's connected digital world. Threats to organizations are constantly evolving and have the potential to compromise sensitive information, disrupt operations, and lead to significant financial losses. Traditional cybersecurity techniques often fall short against modern attackers. Therefore, advanced techniques for cyber security analysis and anomaly detection are essential for protecting digital assets. This blog explores these cutting-edge methods, providing a comprehensive overview of their application and importance.
The DealBook is our annual overview of the Ukrainian tech investment industry. This edition comprehensively covers the full year 2023 and the first deals of 2024.
4. What is Network Virtualization (NV)?
3
Taking logical (virtual) networks
and services, and decoupling
them from the underlying network
hardware.
Well suited for highly virtualized
environments.
Any Application
Virtual Networks
Any Cloud Management Platform
MidoNet
Virtualiza&on
PlaOorm
Distributed
Firewall
Logical
L2
Existing Network Hardware
service
Distributed
Load
Balancer
ser
Distributed
VPN
Service
Logical
L3
KVM, ESXi, Xen LXC
5. Requirements for NV
4
Requirements
4
Tenant/Project A
Network A1
VM1 VM3
Network A2
VM5
Tenant/Project B
Network B1
VM2 VM4
uplink
Provider Virtual
Router (L3)
Tenant A
Virtual Router
Tenant B
Virtual Router
VM6
Virtual L2
Switch B1
Virtual L2
Switch A1
Virtual L2
Switch A2
TenantB office
Tenant B
VPN Router
Office
Network
6. Requirements for NV
5
Requirements
5
Tenant/Project A
Network A1
VM1 VM3
Network A2
VM5
Tenant/Project B
Network B1
VM2 VM4
uplink
Provider Virtual
Router (L3)
Tenant A
Virtual Router
Tenant B
Virtual Router
VM6
Virtual L2
Switch B1
Virtual L2
Switch A1
Virtual L2
Switch A2
TenantB office
Tenant B
VPN Router
Office
Network
Isolated tenant
networks
(virtual data center)
7. Requirements for NV
6
Requirements
6
Tenant/Project A
Network A1
VM1 VM3
Network A2
VM5
L3 Isolation
(similar to VPC and VRF)
Tenant/Project B
Network B1
VM2 VM4
uplink
Provider Virtual
Router (L3)
Tenant A
Virtual Router
Tenant B
Virtual Router
VM6
Virtual L2
Switch B1
Virtual L2
Switch A1
Virtual L2
Switch A2
TenantB office
Tenant B
VPN Router
Office
Network
8. Requirements for NV
Redundant, optimized, and
fault tolerant paths to to/
from external networks
(e.g. via eBGP)
7
Requirements
7
Tenant/Project A
Network A1
VM1 VM3
Network A2
VM5
Tenant/Project B
Network B1
VM2 VM4
uplink
Provider Virtual
Router (L3)
Tenant A
Virtual Router
Tenant B
Virtual Router
VM6
Virtual L2
Switch B1
Virtual L2
Switch A1
Virtual L2
Switch A2
TenantB office
Tenant B
VPN Router
Office
Network
Fault-tolerant devices and links
9. Requirements for NV
8
8
Tenant/Project A
Network A1
VM1 VM3
Network A2
VM5
Tenant/Project B
Network B1
VM2 VM4
uplink
Provider Virtual
Router (L3)
Tenant A
Virtual Router
Tenant B
Virtual Router
VM6
Virtual L2
Switch B1
Virtual L2
Switch A1
Virtual L2
Switch A2
TenantB office
Tenant B
VPN Router
Office
Network
Fault-tolerant devices and links
Fault tolerant
devices and links
10. Requirements for NV
9
Device-agnostic networking services:
• Load Balancing
• Firewalls
• Stateful NAT
• VPN
Networks and services must be fault
tolerant and scalable
12. Bonus Requirements for NV
11
Integration with cloud or
virtualization management
systems.
Optimize network by exploiting
management configuration.
Single virtual hop for networking
services
Fully distributed control plane
(ARP, DHCP, ICMP)
13. Checklist for Network Virtualization
12
q Multi-tenancy
q Scalable, fault-tolerant devices
(or device-agnostic network
services).
q L2 isolation
q L3 routing isolation
• VPC
• Like VRF (virtual routing
and fwd-ing)
q Scalable gateways
q Scalable control plane
• ARP, DHCP, ICMP
q Floating/Elastic Ips
q Stateful NAT
• Port masquerading
• DNAT
q ACLs
q Stateful (L4) Firewalls
• Security Groups
q Load Balancing with health checks
q Single Pane of Glass (API, CLI, GUI)
q Integration with management platforms
• OpenStack, CloudStack
• vSphere, RHEV, System Center
q Decoupled from Physical Network
14. Evolution of Network Virtualization
13
INNOVATION
IN
NETWORKING
AGILITY
VLAN
APPROACH
Manual End-to-End
VLAN configured
on physical switches
• Static
• Manual
• Complex
• Tenant state
maintained in
physical network
13
15. Using VLANs for NV
14
q Multi-tenancy
q Scalable, fault-tolerant devices
(or device-agnostic network
services).
ü L2 isolation
q L3 routing isolation
• VPC
• Like VRF (virtual routing
and fwd-ing)
q Scalable gateways
q Scalable control plane
• ARP, DHCP, ICMP
q Floating/Elastic IPs
q Stateful NAT
• Port masquerading
• DNAT
q ACLs
q Stateful (L4) Firewalls
• Security Groups
q Load Balancing with health checks
q Single Pane of Glass (API, CLI, GUI)
q Integration with management platforms
• OpenStack, CloudStack
• vSphere, RHEV, System Center
q Decoupled from Physical Network
16. Evolution of Network Virtualization
15
INNOVATION
IN
NETWORKING
AGILITY
OPENFLOW
REACTIVE
APPOACH
Reactive End-to-End
Requires programming
of flows
• Limited scalability
• Hard to manage
• Impact to
performance
• Still requires tenant
state in physical
network
VLAN
APPROACH
Manual End-to-End
VLAN configured
on physical switches
• Static
• Manual
• Complex
• Tenant state
maintained in
physical network
15
17. What is OpenFlow?
16
A communication protocol that gives access to the forwarding
plane of a network switch over the network.
18. What is OpenFlow?
17
A centralized remote controller
decides the path of packets
through the switches
19. Using OpenFlow for NV
18
ü Multi-tenancy
q Scalable, fault-tolerant devices
(or device-agnostic network
services).
ü L2 isolation
△ L3 routing isolation
• VPC
• Like VRF (virtual routing
and fwd-ing)
q Scalable gateways
q Scalable control plane
• ARP, DHCP, ICMP
q Floating/Elastic IPs
q Stateful NAT
• Port masquerading
• DNAT
q ACLs
q Stateful (L4) Firewalls
• Security Groups
q Load Balancing with health checks
△ Single Pane of Glass (API, CLI, GUI)
△ Integration with management platforms
• OpenStack, CloudStack
• vSphere, RHEV, System Center
q Decoupled from Physical Network
20. Evolution of Network Virtualization
19
PROACTIVE
INNOVATION
IN
NETWORKING
AGILITY
SOFTWARE OVERLAY
Virtual Network
Overlays
Decoupling hardware
and software
• Cloud-ready agility
• Unlimited scalability
• Open, standards-based
• No impact to physical
network
OPENFLOW
REACTIVE
APPOACH
Reactive End-to-End
Requires programming
of flows
• Limited scalability
• Hard to manage
• Impact to
performance
• Still requires tenant
state in physical
network
VLAN
APPROACH
Manual End-to-End
VLAN configured
on physical switches
• Static
• Manual
• Complex
• Tenant state
maintained in
physical network
19
21. 20
How do overlays achieve
real network
virtualization?
34. 33
Before
Neutron:
Nova
Networking
#
Nova-Networking was the only option in OpenStack prior to Quantum/Neutron.
Still available today as an alternative to Neutron, but will likely be phased out.
#
Options Available within nova-networking initially:
• Only Flat
• Flat DHCP
#
Limitations
• No flexibility with topologies (no 3-tier)
• Tenants can’t create/manage L3 Routers
• Scaling limitations (L2 domain)#
• No 3rd party vendors supported
• Complex HA model#
35. 34
Nova-‐network
slightly
evolves
Introduced VLAN DHCP mode
Improvements:
• L2 Isolation – each project gets a
VLAN assigned to it
#
Limitations
• Need to pre-configure VLANs on
physical network.
• Scaling Limitations - VLANs
• No L3
• No 3-tier topologies
• No 3rd party vendors
36. Introducing
Neutron
35
OpenStack Networking as a first
class Service
#
• Pluggable Architecture
• Standard API
• Many choices#
#
Plugins Available!
• MidoNet!
• OVS Plugin
• Linux Bridges
• Flat DHCP
• VLAN DHCP#
• ML2
#
#
• Supports Overlay Technology
• More Services (LBaaS, VPNaaS)
• Flexible network topologies#
#
#
#
• NSX
• Plumgrid#
• Nuage#
• Contrail
• Ryu#
38. OVS Agent - receives tunnel/flow setup info from OVS Plugin, and programs Open
vSwitch to setup tunnels and send traffic through the tunnel#
#
DHCP Agent - Sets up dnsmasq in a namespace per network/subnet and enters mac/
ip into dhcp lease file
#
L3 Agent – OVS Plugin orchestrates to set up IPTables, Routing, NAT tables#
37
OVS
Open
Source
Plugin
39. 38
Challenges
with
OVS
Plugin
Neutron Network Node is a SPOF#
Need to use corosync, etc for active/standby failover.
#
Challenging at Scale
Since there’s a single network node, this becomes a bottleneck fairly quickly.
!
Inefficient Networking
IPTables, L3 Agent, multiple hops for single flow are causing unnecessary traffic
and added latency on your physical network
!
41. 40
MidoNet
Network
Virtualiza&on
PlaOorm
Logical
L2
Switching
-‐
L2
isola&on
and
path
op&miza&on
with
distributed
virtual
switching
Interconnect
with
VLAN
enabled
network
via
L2
Gateway
Logical
L3
Rou&ng
–
L3
isola&on
and
rou&ng
between
virtual
networks
No
need
to
exit
the
so]ware
container
-‐
no
hardware
required
Distributed
Firewall
–
Provides
ACLs,
high
performance
kernel
integrated
firewall
via
a
flexible
rule
chain
system
Logical
Layer
4
Load
Balancer
–
Provides
applica&on
load
balancing
in
so]ware
form
-‐
no
need
for
hardware
based
firewalls
VxLAN/GRE
–
Provides
VxLAN
and
GRE
tunneling
Provides
L2
connec&vity
across
L3
transport.
This
is
useful
when
L2
fabric
doesn’t
reach
all
the
way
from
the
racks
hos&ng
the
VMs
to
the
physical
L2
segment
of
interest.
MidoNet/Neutron
API–
Alignment
with
OpenStack
Neutron’s
API
for
integra&on
into
compa&ble
cloud
management
so]ware
Any Application
OpenStack/Cloud Management System
MidoNet
Network
Virtualiza&on
PlaOorm
v
Distributed
Firewall
Layer
4
Load
Balancer
Logical
L2
Logical
L3
Any Network Hardware
VxLAN/GRE
Any Hypervisor
NAT
MidoNet
/
Neutron
API
NAT
–
Provides
Dynamic
NAT,
Port
masquerading
42. OpenStack
Integra&on
5
Easy
integra&on
with
OpenStack:
MidoNet
provides
a
plugin
for
Neutron.
MidoNet Plugin
44. Use
Cases
Automated
Provisioning
Isolated
Sandboxes
Enhanced
Security
Enable
Compliance
Scale
out
L3
Gateway
Bridge
legacy
VLANs
Do it Faster Do it Bigger
Val u e
Agility
Provide rapid
provisioning of isolated
network infrastructure for
labs and devops.
Logical
Network
Provisioning
Control
Network admins can
better secure, control &
view network traffic.
Single
Pane
of
Glass
OpsTools
Do it Better
IaaS
Cloud
Build multi-tenant
clouds with visibility
into usage.
Tenant
Control
Automated
Self Service
Metering
Performance
Improve network
performance using edge
overlay & complementary
technologies.
Single
Hop
Virtual
Networking
VXLAN
Hardware
Gateway
Massive
performance
with
40Gb
Support
Scale
Add virtual network infra
& services simply &
resiliently without
hardware & bottlenecks.
Distributed
Logical
Networking
FW,
LB,
L2/3,
NAT
Limitless
“VLANs”
IPv6
Solution for
OpenStack
Networking
Use MN to overcome
limitations of Neutron for
OpenStack users.
Replaces OVS
Plugin
48. NVOs can’t ignore the physical network
47
Dynamic changes to logical
network are not dependent on the
physical network configuration.
Sharing state to and from the
physical network can be
supplementary.
- Monitoring
- Traffic Engineering
50. NVOs provide a wealth of information
49
NVOs centralize information on
your network
We can start taking advantage of
this information
- Security
- Compliance
- Optimizing Networks
52. Midokura VTEP Solution
51
IP Fabric
MidoNet MidoNet
Virtual
Any
Cloud
Management
PlaHorm
MidoNet
Network
State
Database
VM VM VM VM VM VM
OVSDBc
Server
Storage
Services
Physical
VM VM
VTEP
TCP/IP
OVSDB
VxLAN Tunnel
Physical Connection
Key
OVSDBs
54. Performance
40Gb
VxLAN
Offloading:
virtualized
environments
require
high
throughput
infrastructure
• Integra&on
with
Mellanox
provides
40
Gbps
satura&on
• VxLAN
offloading
improves
CPU
u&liza&on
levels
• Scale
with
performance
through
HW
interconnect
• Increase
throughput
with
offloading
where
no
offloading
would
otherwise
have
flat
results
• High
bandwidth
can
now
be
achieved
in
so]ware