What’s new with RHOSP10 (Newton) for NFV

Sandro MazziottaNFV Director, Product ManagementOctober 23rd 2016

2

AgendaClick to add subtitle

● Quick Intro of the solution● What’s new● What’s next

INSERT DESIGNATOR, IF NEEDED

NFV  MANAGEMENT  AND  ORCHESTRATION  (MANO)

ELEMENT  MANAGEMENT  SYSTEMS  (EMS)

OPERATIONS/BUSINESS  SUPPORT  SYSTEMS  (OSS/BSS)

TOOLS   AND  RUNTIME  FOR  OSS/BSS   INTEGRATION

+

VALIDATED  VNF1 CERTIFIED  VNF2 CONTAINER3

VNF VNF

OTHER  VNF

DPDK4VNF   app

NETWORK  FUNCTIONS  VIRTUALIZATION  INFRASTRUCTURE  (NFVI)

NETWORK

Instance  HA

SR-­IOV6EPA5 features

CERTIFIED  OPENSTACK  PLUGINS4

CERTIFIED  HARDWARE

Compute Storage Network

+DPDK

Open  vSwitch  (OVS)

SFC7OpenDaylight

COMPUTE

Real-­time  KVM

STORAGE

• Software-­defined  networking  (SDN)

• Software-­defined  storage  (SDS)

NFV  MANAGEMENT  AND  ORCHESTRATION  (MANO)

SYSTEMS   ADMINISTRATION,  AUTOMATIONAND  LIFE-­CYCLE   MANAGEMENT

+

VIRTUAL  NETWORK  FUNCTION   (VNF)MANAGER(S)

VIRTUALIZEDINFRASTRUCTURE

MANAGER(S)   or  VIMs

NFV  ORCHESTRATOR

ENHANCED   OPERATIONS  ANDHYBRID  CLOUD  MANAGEMENT

KEY

Red   Hat  component

Optional   Red  Hat  component

Red   Hat  partner  component8

Other  vendor  component

RED  HAT  NFV  PLATFORM  AND  PARTNER  ECOSYSTEM  

1   Validated   VNFs  run  on  operating   systems  other  than   Red  Hat  Enterprise   Linux.

2 Certified   VNFs  are  tested,  verified,   and  supported   on  Red   Hat  Enterprise   Linux.

3 Future  development.

5 Enhanced   platform  awareness   delivers   performance   improvements   through   CPU  pinning,  memory  hugepages,   and  

non-­uniform    memory  access  (NUMA)  affinity.6 Single-­root   input/output   virtualization.7 Service   function   chaining   with  OpenDaylight   is  in   Technology   Preview.  

8 Red   Hat  partners   can  certify  products  through   the  Red   Hat  Connect   for  Technology   Partners  program.

4

Red Hat Solution coverage

4

Red  Hat  NFV  Solution

5

NFV “OEM” partners + NFV Certified partners

Red  Hat  NFV  Solution

+ Red  Hat  Openstack  Certified  partners

Value  of  NFV  Certification

• NFV  Certification  is  a  program  we  launched  late  2015  (Openstack  Summit  @  Tokyo)• It  is  about

– Supportability– Given  Confidence  to  Customers  that  an  integration  with  a  partner  will  be  supported  in  

production• Tools  are  certification  tests,  review• Deliverables  are

– Joint  testing  activity– Joint  Support  Flow  

7

AgendaClick to add subtitle

● Quick Intro of the solution● What’s new● What’s next

INSERT DESIGNATOR, IF NEEDED

8

SR-IOV & OVS-DPDK Full Support

● Today, configuring SR-IOV or OVS-DPDK (OVS 2.5, DPDK2.2) based NFV platform with appropriate EPA parameters (CPU pinning, NUMA awareness, huge page allocation, ...) requires a lot of manual steps

● OSP-d will properly configures the compute nodes in order to enforce resources partitioning and fine tuning to achieve line rate performance for the guest VNFs○ CPU pinning○ Huge pages○ NUMA topology○ Host isolation○ ...

9

● SR-IOV PF Ports Support:○ Today, a compute node can not allocate an exclusive access to a NIC and request a PF

port○ With this feature, the same NIC can be used either by multiples VMs (VNFs) using SR-

IOV VF or by a single/exclusive one (SR-IOV PF)● Nova Device Role Tagging:

○ Today, when there are several NICs (or HD), a VM has no way to know which NIC is the “management” one and which one is the “data” one.

○ This feature permits to assign a label per peripheral

○ The mapping peripheral-> label is injected in the VM during its boot via cloud init.

SR-IOV PF Ports Support & Nova Device Role Tagging

10

● Today, some NFV workload (vCPE, VRAN) need to be deployed at the edge of Service Providers networks on top of limited Hardware footprint.

● Instead of having separate compute and storage nodes, this feature is enabling OSP-d to configure physical nodes running both compute and storage services. This will limit the minimum required Hardware to run a small openstack.

● To maximize performance and prevent side effect, we leverage resource fencing techniques like CPU pinning.

Hyper Converged InfrastructureTECH PREVIEW

11

● In a traditional network, a trunk is a type of interface that carries multiple VLANs, as defined by the 802.1Q standard

● Certain types of virtual machines and Virtual Network Functions (VNFs) require the ability to pass VLAN tagged traffic over one interface

● Creating a trunk for use by a virtual machine involves creating a single parent port and one or more sub-ports. All of the ports and respective networks will be available to the instance. Rather than being connected as separate virtual interfaces, however, the instance will be able to tag traffic on a single interface

● Neutron is aware of the topology and can dynamically assign IP addresses for the sub-ports using DHCP

VLAN aware VMsTECH PREVIEW

12

● OpenDaylight○ Based on upstream OpenDaylight Boron release and featuring a new NetVirt architecture○ OSP-D integration

● RT-KVM

○ Today, Virtual RAN or 5G NFV workloads requires low latency to prevent service disruption

○ With Real time KVM integration, we can achieve an average low predictable latency

○ This feature requires RHEL for Real Time

Still in Tech Preview

13

AgendaClick to add subtitle

● Quick Intro of the solution● What’s new● What’s next

INSERT DESIGNATOR, IF NEEDED

RHEL  OS:DPDK  (Guest) Fast  Data  Path Containers

SDK

RH  CloudForm:Hybrid  Mgmt Operational  Mgmt Orchestration

RHEL,  RHOSP:Numa  Awareness,  EPACPU  Pinning,  Huge  Pages...

OVS-­DPDK  (Host)SR-­IOV

Service  Function  Chaining,  Security,  Distributed  NFVReliability,  Availability,  Serviceability,  VPP(FD.io)ARM  

VNF

NFVI

MANO

Today Tomorrow Future

NFV  Solution  direction

15

Red Hat area of focus

15

Red  Hat  NFV  Solution

Tools  for  the  NFV  Operation

Operational  Tools:• RHOSP10  ships  with  Log  Mgmt  and  Availability  Mgmt• Ceilometer• Fast  Fault  Detection/Fast  Failover• Multi-­Site  deployment,  DR

Skydive

Main  Features:➢ Distributed  Network  Toolbox➢ Topology/Flows  visualizer➢ Graph/Flows  API➢ SDN  Agnostic,  ➢ Pluggable  Probes

Resources➢ https://github.com/skydive-­project/skydive➢ http://skydive-­project.github.io/skydive/

➢ Latest  release  V0.6.0➢ https://github.com/skydive-­project/skydive/releases/tag/v0.6.0

Visible

Invisible

Genesis Custom Product Commodity

(use

r nee

d)

EVOLUTION

Compliance Awareness

Technical ControlsResolution

Automated Remediation

Remediation Content (STIGS, OVAL,

XCCDF)

RHEL Remediation

Content

Customer

wants

Application & Interface Security

Change Control & Config Mgmt

Encryption & Key Mgmt

Governance & Risk Mgmt

Interoperability & Portability

Identity & Access Management

Infra & Virt Security

CloudForms

RH SSO

OpenSCAP Profiles

Threat and Vuln. Mgmt

directorDocumented

Controls Resolution

Field Input

Security Best Practices Guide

OpenStack Platform- Barbican

Security Enhanced RH OpenStack

- - Denotes control groups from the CSA CCM

Software Vuln. Management

(See Mark’s Map)

Configuration Remediation

Tools  for  the  VNF  ISV

• VNF  SDK– Building  a  “PaaS”  like  SDK  to  design  or  re-­design  the  VNF

• VNF  Onboarding– Using  Red  Hat  CloudForm  &  Red  Hat  Ansible,  Proof  of  Concept  of  Multi-­VIM  (RHOSP,  Containers,  …)  for  vIMS,  vCPE

THANK YOUplus.google.com/+RedHat

linkedin.com/company/red-hat

youtube.com/user/RedHatVideos

facebook.com/redhatinc

twitter.com/RedHatNews