Project Creation Review: Maple in OpenDaylight

Andreas Voellmy, Y. Richard Yang, Xiao Shi, Xin Li, Reinaldo Penno

December 18, 2014

2

What’s the Problem: Challenge of Flow Programming

• Programming directly against flow tables can be painful: – Limited computational capability: e.g., no logic

negation– Lost context: why is this rule here? why is a given

rule not there?– Limited action set, e.g., no ARP responses– …

3

Maple: Packet Processing Abstraction

• User defines a packet processing function, f, in a high-level, general purpose language such as Java.

• The abstraction: f processes every packet entering the network.

• f can look at packet fields, query control state, compute a route, send packets, etc.

4

Maple ExampleRoute f(Packet p, Env e) { if (p.tcpDstIs(22)) return nullRoute(); else { Location sloc = e.location(p.ethSrc()); Location dloc = e.location(p.ethDst()); Path path = myShortestPath(e.links(), sloc,dloc); return unicast(sloc,dloc,path); }}

Does not specify anything on flow tables!

Specified in a high-level language with a centralized view.

5

From a Maple Programto Switch Flow Table Rules

6

Maple Compiler and Runtime

• Key design goals

– Language independent core: to support multiple programming languages

– Simple, efficient data structures to support correct, optimized rule generations

7

Maple Compiler and Runtime1. Executes f on an arriving packet, observing traces of data accesses.

Observing packet data accesses by asking f to access pkt using libraries

Route f(Packet p, Env e) { if (p.tcpDstIs(22)) return nullRoute();

else { if (p.ethDst() == 2) return nullRoute(); Location dloc = e.location(p.ethDst()); Location sloc = e.location(p.ethSrc()); Path path = myShortestPath(e.links(), sloc,dloc); return unicast(sloc,dloc,path); }}

8

Maple Compiler and Runtime

Prio Match Action

1 tcpDst:22ToControll

er

0 ethDst:2 discard

0ethDst:4, ethSrc:6

port 30

Prio Match Action

1 tcpDst:22ToControll

er

0 ethDst:2 discard

0ethDst:4, ethSrc:6

port 30

Prio Match Action

1 tcpDst:22ToControll

er

0 ethDst:2 discard

0ethDst:4, ethSrc:6

port 30

1. Executes f on an arriving packet, observing traces of data accesses.

2. Combine traces to form a trace tree (TT), a language-independent, partial decision tree representation of f.

3. Optimizing compiler to compile trace tree to flow tables (FTs)

9

Maple in ODL: A New Programming Model (North Bound Interface) for ODL Programmers

• A new programming model in ODL so that control programs do not need to generate flow tables directly– Programmers provides Java modules about how they want

to treat traffic.– Programmer provides a top-level module defining how

multiple modules are composed to determine the overall packet processing function

– Example: • top-level function calls access control module to determine

permit or deny;• if deny, drop, else call service chaining module to get next service; • if found service, route to it; otherwise …

10

Dependency on ODL Components

• Use the MD-SAL design• Use ODL Flow Manager to program flow-

capable devices• Need access and modification notifications of

ODL managed states (e.g., topology, ports)

11

Deliverables (Scope) of Maple in ODL-Lithium

• Provide Java-based programming abstraction, comparable to Maple today.

• Tracing runtime and compiler to target flow-capable devices via MD-SAL.

• Implement sample applications (e.g., SFC, GBP).

• API documentation and getting started guide.

12

Committers

• Andreas Voellmy (Project Lead, Cisco)• Reinaldo Penno (Cisco)• Xiao Shi (Nominated: Project Contact, Yale U)• Xin Li (Nominated: Test Lead, Yale U)• Y. Richard Yang (Yale U)

13

Thank you

• Questions?