red hat nfv roadmap - openstack summit 2016/red hat nfv mini summit
TRANSCRIPT
What’s new with RHOSP10 (Newton) for NFV
Sandro MazziottaNFV Director, Product ManagementOctober 23rd 2016
2
AgendaClick to add subtitle
● Quick Intro of the solution● What’s new● What’s next
INSERT DESIGNATOR, IF NEEDED
NFV MANAGEMENT AND ORCHESTRATION (MANO)
ELEMENT MANAGEMENT SYSTEMS (EMS)
OPERATIONS/BUSINESS SUPPORT SYSTEMS (OSS/BSS)
TOOLS AND RUNTIME FOR OSS/BSS INTEGRATION
+
VALIDATED VNF1 CERTIFIED VNF2 CONTAINER3
VNF VNF
OTHER VNF
DPDK4VNF app
NETWORK FUNCTIONS VIRTUALIZATION INFRASTRUCTURE (NFVI)
NETWORK
Instance HA
SR-IOV6EPA5 features
CERTIFIED OPENSTACK PLUGINS4
CERTIFIED HARDWARE
Compute Storage Network
+DPDK
Open vSwitch (OVS)
SFC7OpenDaylight
COMPUTE
Real-time KVM
STORAGE
• Software-defined networking (SDN)
• Software-defined storage (SDS)
NFV MANAGEMENT AND ORCHESTRATION (MANO)
SYSTEMS ADMINISTRATION, AUTOMATIONAND LIFE-CYCLE MANAGEMENT
+
VIRTUAL NETWORK FUNCTION (VNF)MANAGER(S)
VIRTUALIZEDINFRASTRUCTURE
MANAGER(S) or VIMs
NFV ORCHESTRATOR
ENHANCED OPERATIONS ANDHYBRID CLOUD MANAGEMENT
KEY
Red Hat component
Optional Red Hat component
Red Hat partner component8
Other vendor component
RED HAT NFV PLATFORM AND PARTNER ECOSYSTEM
1 Validated VNFs run on operating systems other than Red Hat Enterprise Linux.
2 Certified VNFs are tested, verified, and supported on Red Hat Enterprise Linux.
3 Future development.
5 Enhanced platform awareness delivers performance improvements through CPU pinning, memory hugepages, and
non-uniform memory access (NUMA) affinity.6 Single-root input/output virtualization.7 Service function chaining with OpenDaylight is in Technology Preview.
8 Red Hat partners can certify products through the Red Hat Connect for Technology Partners program.
4
Red Hat Solution coverage
4
Red Hat NFV Solution
5
NFV “OEM” partners + NFV Certified partners
Red Hat NFV Solution
+ Red Hat Openstack Certified partners
Value of NFV Certification
• NFV Certification is a program we launched late 2015 (Openstack Summit @ Tokyo)• It is about
– Supportability– Given Confidence to Customers that an integration with a partner will be supported in
production• Tools are certification tests, review• Deliverables are
– Joint testing activity– Joint Support Flow
7
AgendaClick to add subtitle
● Quick Intro of the solution● What’s new● What’s next
INSERT DESIGNATOR, IF NEEDED
8
SR-IOV & OVS-DPDK Full Support
● Today, configuring SR-IOV or OVS-DPDK (OVS 2.5, DPDK2.2) based NFV platform with appropriate EPA parameters (CPU pinning, NUMA awareness, huge page allocation, ...) requires a lot of manual steps
● OSP-d will properly configures the compute nodes in order to enforce resources partitioning and fine tuning to achieve line rate performance for the guest VNFs○ CPU pinning○ Huge pages○ NUMA topology○ Host isolation○ ...
9
● SR-IOV PF Ports Support:○ Today, a compute node can not allocate an exclusive access to a NIC and request a PF
port○ With this feature, the same NIC can be used either by multiples VMs (VNFs) using SR-
IOV VF or by a single/exclusive one (SR-IOV PF)● Nova Device Role Tagging:
○ Today, when there are several NICs (or HD), a VM has no way to know which NIC is the “management” one and which one is the “data” one.
○ This feature permits to assign a label per peripheral
○ The mapping peripheral-> label is injected in the VM during its boot via cloud init.
SR-IOV PF Ports Support & Nova Device Role Tagging
10
● Today, some NFV workload (vCPE, VRAN) need to be deployed at the edge of Service Providers networks on top of limited Hardware footprint.
● Instead of having separate compute and storage nodes, this feature is enabling OSP-d to configure physical nodes running both compute and storage services. This will limit the minimum required Hardware to run a small openstack.
● To maximize performance and prevent side effect, we leverage resource fencing techniques like CPU pinning.
Hyper Converged InfrastructureTECH PREVIEW
11
● In a traditional network, a trunk is a type of interface that carries multiple VLANs, as defined by the 802.1Q standard
● Certain types of virtual machines and Virtual Network Functions (VNFs) require the ability to pass VLAN tagged traffic over one interface
● Creating a trunk for use by a virtual machine involves creating a single parent port and one or more sub-ports. All of the ports and respective networks will be available to the instance. Rather than being connected as separate virtual interfaces, however, the instance will be able to tag traffic on a single interface
● Neutron is aware of the topology and can dynamically assign IP addresses for the sub-ports using DHCP
VLAN aware VMsTECH PREVIEW
12
● OpenDaylight○ Based on upstream OpenDaylight Boron release and featuring a new NetVirt architecture○ OSP-D integration
● RT-KVM
○ Today, Virtual RAN or 5G NFV workloads requires low latency to prevent service disruption
○ With Real time KVM integration, we can achieve an average low predictable latency
○ This feature requires RHEL for Real Time
Still in Tech Preview
13
AgendaClick to add subtitle
● Quick Intro of the solution● What’s new● What’s next
INSERT DESIGNATOR, IF NEEDED
RHEL OS:DPDK (Guest) Fast Data Path Containers
SDK
RH CloudForm:Hybrid Mgmt Operational Mgmt Orchestration
RHEL, RHOSP:Numa Awareness, EPACPU Pinning, Huge Pages...
OVS-DPDK (Host)SR-IOV
Service Function Chaining, Security, Distributed NFVReliability, Availability, Serviceability, VPP(FD.io)ARM
VNF
NFVI
MANO
Today Tomorrow Future
NFV Solution direction
15
Red Hat area of focus
15
Red Hat NFV Solution
Tools for the NFV Operation
Operational Tools:• RHOSP10 ships with Log Mgmt and Availability Mgmt• Ceilometer• Fast Fault Detection/Fast Failover• Multi-Site deployment, DR
Skydive
Main Features:➢ Distributed Network Toolbox➢ Topology/Flows visualizer➢ Graph/Flows API➢ SDN Agnostic, ➢ Pluggable Probes
Resources➢ https://github.com/skydive-project/skydive➢ http://skydive-project.github.io/skydive/
➢ Latest release V0.6.0➢ https://github.com/skydive-project/skydive/releases/tag/v0.6.0
Visible
Invisible
Genesis Custom Product Commodity
(use
r nee
d)
EVOLUTION
Compliance Awareness
Technical ControlsResolution
Automated Remediation
Remediation Content (STIGS, OVAL,
XCCDF)
RHEL Remediation
Content
Customer
wants
Application & Interface Security
Change Control & Config Mgmt
Encryption & Key Mgmt
Governance & Risk Mgmt
Interoperability & Portability
Identity & Access Management
Infra & Virt Security
CloudForms
RH SSO
OpenSCAP Profiles
Threat and Vuln. Mgmt
directorDocumented
Controls Resolution
Field Input
Security Best Practices Guide
OpenStack Platform- Barbican
Security Enhanced RH OpenStack
- - Denotes control groups from the CSA CCM
Software Vuln. Management
(See Mark’s Map)
Configuration Remediation
Tools for the VNF ISV
• VNF SDK– Building a “PaaS” like SDK to design or re-design the VNF
• VNF Onboarding– Using Red Hat CloudForm & Red Hat Ansible, Proof of Concept of Multi-VIM (RHOSP, Containers, …) for vIMS, vCPE
THANK YOUplus.google.com/+RedHat
linkedin.com/company/red-hat
youtube.com/user/RedHatVideos
facebook.com/redhatinc
twitter.com/RedHatNews