SDN: Network Agility in the Cloud

Sebastien Goasguen,
July 24th 2013
#OSCON @sebgoa
SDN: Adding Network
Agility to the Cloud

Outline
Introduction to SDN
Controllers and Switches
Quick start demo of OpenDaylight
SDN in Cloud Platforms

My SDN experience
~March 2012
Elastic IP and Security Group in
Opennebula
Using NOX Open flow controller
http://blog.opennebula.org/?p=2695
http://code.google.com/p/onenox/

My SDN experience
~Summer 2013
Google Summer of Code project
Xen/XCP support for native GRE controller
in Apache CloudStack
http://ngtuna.blogspot.com

Software Defined Networking
SDN: Adding Network Agility to the Cloud #oscon

What is SDN ?
https://www.opennetworking.org/competition

What is SDN ?
https://www.opennetworking.org/sdn-resources/sdn-library/whitepapers

SDN:
A new network architecture that abstracts
the physical network to provide:
• Automation
• Dynamic provisioning
In order to enable business innovation

Architecture
https://www.opennetworking.org/sdn-resources/sdn-definition

Software Defined Networking
• Enable innovation, experimentation,
optimization and customization of networks
• Move control of the network to software. i.e
Programmable network
• Virtualize the network
• Beyond traditional network virtualization ala VPN
and VLAN
• Enables overlays with control at the edges
• Existing Vendor-agnostic, standard protocol for
control: OpenFlow

OpenFlow
• Leading SDN protocol
• Decouples control and
data plane by giving a
controller the ability
to install flow rules on
switches.
• Hardware or software
switches can use
OpenFlow
• Spec driven by ONF
• Google achieved 95%
utilization of WAN
backbone by using SDN

OpenFlow Protocol
OpenFlow rules can drop, rewrite, forward packets
http://www.openflow.org/wp/documents/
Switch
Port
MAC
src
MAC
dst
Eth
type
VLAN
ID
IP
Src
IP
Dst
IP
Prot
TCP
sport
TCP
dport
Rule Action Stats
1. Forward packet to port(s)
2. Encapsulate and forward to controller
3. Drop packet
4. Send to normal processing pipeline
Packet + byte counters

OF scalability ?
• Central Logical
controller not a single
point of failure
• ONOS to be Open
Sourced in the ~fall
• Scale-out design,
availability
• Cassandra +
message bus
http://onlab.us/tools.html

“SDN” Timeline
Feb 2011: OF v 1.1
Dec 2011: OF v 1.2
Feb 2012: Floodlight project
April 2012: ONF talk by Google
July 2012: Vmware acquires Nicira
April 2013: OpenDayLight

GENI
http://www.geni.net
http://www.openflow.org/wp/tag/demo/
http://groups.geni.net/geni/wiki/GENIRacksHome
“GENI is a virtual laboratory at the frontiers of network science
and engineering for exploring future internets at scale. GENI
creates major opportunities to understand, innovate and
transform global networks and their interactions with society.”
Dec 2008: VM Mobility June 2010: Aster*x Load Balancing
~ 2011: GENI Racks2009: FlowVisor

Controllers and Switches

OF Controllers and more …
• Several controllers out there (NOX,
POX,Trema, Beacon…)
http://yuba.stanford.edu/~casado/of-sw.html
https://networkheresy.com

OpenVSwitch
• “Open vSwitch is a
production quality,
multilayer virtual
switch licensed under
the open source
Apache 2.0 license. It
is designed to enable
the massive network
automation through
programmatic
extension…”

e.g OVS rate limiting
• Can enforce QoS with rate limiting controls
• ovs-vsctl set Interface tap0 ingress_policing_rate=1000
• ovs-vsctl set Interface tap0 ingress_policing_burst=100

e.g OVS VLAN tagging
• ovs-vsctl add-br br0
• ovs-vsctl add-port br0 eth0
• ovs-vsctl add-port br0 tap0 tag=1
• ovs-vsctl add-port br0 tap1 tag=2
• Complement on host2…

e.g OVS and GRE tunnels
No Cookbook on OVS page
ovs-vsctl add-port br1 gre1 -- set interface gre1 type=gre
options:remote_ip=192.168.1.152
http://blog.scottlowe.org/2013/05/07/using-gre-tunnels-with-open-vswitch/

OVS and Openflow
Point OVS switches to an OF controller:
$ovs_vsctl set-controller br0 tcp 192.168.1.33:6633
Install rules on switch
• Proactively (before any packet flows)
• Reactively (unknown packets forwarded to
controller, who pushes flow mod on switch, then
operates at line rate)

Switch Light, Indigo (IVS)
http://www.projectfloodlight.org/indigo/

OpenDaylight
http://www.opendaylight.org

SDN in Cloud Platforms

OpenNebula
• Supports VLAN tagging
and rate limiting through
“hooks” that call
ovs_vsctl
• Scripts executed on an
hypervisor before a VM
is launched
• Potentially also executed
after VM shutdown for
cleanup
• Also supports OpenFlow
http://opennebula.org/documentation:rel4.0:vgg

Quantum == Neutron
https://wiki.openstack.org/wiki/Neutron
Thanks to @hui_kenneth for diagram

Quantum == Neutron
https://wiki.openstack.org/wiki/Neutron

CloudStack Nicira NVP Support
• By Hugo Trippaers
@Spark404,
Schuberg Philis
• Isolated Networks in
advanced Zone 4.0+
• L3 functionalities in
4.2
http://www.youtube.com/watch?v=F-FgHni7W34

CloudStack + Nicira NVP
Insert Presentation Title Here

CloudStack SDN Plugins
Thanks to @spark404 for table

Conclusions
• Network abstractions to decouple from the
physical network is the last leg of Cloud
• SDN provides an architecture to abstract the
network
• OpenFlow is a standard that can be used to
create SDN implementations
• SDN is key to innovation in networking
• The Open Cloud Platforms are embracing SDN
solutions as network providers for multi-
tenancy

Get Involved with Apache
CloudStack
Web: http://cloudstack.apache.org/
Mailing Lists: cloudstack.apache.org/mailing-lists.html
IRC: irc.freenode.net: 6667 #cloudstack
Twitter: @cloudstack
LinkedIn: www.linkedin.com/groups/CloudStack-Users-Group-3144859
If it didn’t happen on the mailing list, it didn’t happen.

SDN: Network Agility in the Cloud

More Related Content

SDN: Network Agility in the Cloud