sdn at schuberg philis
Post on 04-Dec-2014
355 Views
Preview:
DESCRIPTION
TRANSCRIPT
SDN at Schuberg Philis
!Who is that guy anyway?
» Hugo Trippaers – Mission Critical Engineer @ Schuberg Philis – PMC @ Apache CloudStack – Contributor @ OpenDaylight OVSDB – Gamer @ Home !
» Contact – @Spark404 @ Twitter – Hugo Trippaers @ LinkedIn – htrippaers@schubergphilis.com
2
!SDN at Schuberg Philis
» Why did we opt for SDN? » Our setup » Where is the automation?
3
Software Defined Networking
“In the SDN architecture, the control and data planes are decoupled, network intelligence and state are logically centralized, and the underlying network infrastructure is abstracted from the applications. As a result, enterprises and carriers gain unprecedented programmability, automation, and network control, enabling them to build highly scalable, flexible networks that readily adapt to changing business needs.” — Software-Defined Networking: The New Norm for Networks ONF White Paper April 13, 2012
4
!Why did we opt for SDN?
» Theoretical versus Practical limits – How much VLAN can you really configure on a switch? – Is 4094 VLANs enough for everybody?
5
!Why did we opt for SDN?
» Security – How isolated is a VLAN? – Stacked VLAN tags
6
!Why did we opt for SDN?
» Automation is key. – Automated hypervisor deployments using bare metal provisioning – Automated VM deployment using CloudStack – Automated Application deployment using Chef – – Manual network deployment using ssh.
7
!Our setup
8
!Our overlay networking solution - VMware NSX (Nicira NVP)
» A commercial SDN solution developed by Nicira and acquired by VMWare. Uses both OpenVSwitch and OpenFlow to build overlay tunnels on an existing network. !
» Pros – STT tunnel protocol is optimized for
high-bandwidth – Includes a gateway to link existing L3 or
L2 networks to the virtual switch
9
!A little more detail
10
Controllers
Virtual Router
STT / GRE / VXLAN Tunnels
Service Nodes
Hypervisors (OpenVswitch)
!A little more detail
11
Virtual Router
STT / GRE / VXLAN Tunnels
Gateways L2 or L3
Legacy Host
VLAN
Controllers
!A little more detail
12
Virtual Router
Controllers
REST APIManager
!Numbers
13
» BetaCloud » Controllers: 3 » Service Nodes: 2 » Gateways: 1 » Hypervisors: 14 » Logical Switches: 120 » Logical Switchports: 404 !
» ~ 28 hosts / hv
!Numbers
» BetaCloud » Controllers: 3 » Service Nodes: 2 » Gateways: 1 » Hypervisors: 14 » Logical Switches: 120 » Logical Switchports: 404 !
» ~ 28 hosts / hv
14
» Mission Critical Cloud » Controllers: 3 » Service Nodes: 2 » Gateways: 21 » Hypervisors: 37 » Logical Switches: 185 » Logical Switchports: 816 !
» ~ 22 hosts / hv
!Where is the automation part?
15
» Cloud Orchestration Framework » Compute (XenServer, KVM, VMWare, HyperV) » Storage (NFS, S3, Swift, Nexenta, NetApp) » Network (Juniper, F5, Palo Alto, Netscaler)
» SDN (VMWare NSX, Midokura, OpenContrail, Stratosphere, OpenDaylight,…)
16
!CloudStack networking - the five minute version
» Separate low-level network configuration from function definition. » Admin configures devices, services » Admin assigns a mix of networking features to a network
offering » Tenant selects a network offering and uses the network
17
CloudStack Networking - Basic Network
» Basic Networking » Amazon style L3 network » Tenant isolation on L3 (security groups)
18
External Router
Public IP Space
Security Group
CloudStack Networking - Advanced Network
» Advanced Networking » Tenant isolation on L2 (VLAN, SDN) » Advanced services model per network
19
External Router
Public IP Space
Virtual Router
CloudStack Networking - Advanced Network VPC
» Advanced Networking » Tenant isolation on L2 (VLAN, SDN) » Advanced services model per network » Tiered networking » Private gateway
20
External Router
Public IP Space
VPC Virtual Router
Future Goals
» Replacing the Virtual Router and the VPC Router with an SDN routing construct.
» ACS Bridging support to manage L2 gateways. !
» And lets not forget the underlay network…
21
!Thats all there is to it
» Questions & Answers !
22
top related