SDNinthelarge-So0FIREandbeyond

Orchestra)onofFederatedTestbeds/FieldTrialsonSDN-NFV-5GWorkshop–SanFranciscoMay

3-4,2016RobertoMinerva,TelecomItaliaLab

SusanneKuehrer,EITDigital

SoRFIREinaNutShell•  EuropeanfundedProject,GA687860•  Dura)on: 24months•  Budget: €4.384.510,nearlyhalfofbudgetallocatedtothird

par)esforexperimenta)onontheSoRFIREPla]orm•  Consor)umpartners:EITDigital(Coordinator),DeutscheTelekom,Ericsson,FraunhoferFOKUS,Reply,TechnicalUniversityBerlin,TelecomItalia,UniversityofSurrey•  TheConsor)umispursuingtheintegra)onofexperimental

facili)es,testbedsandlaboratoriesintoFIRE+.•  StrongEITDigitalinvolvementandLeadership

203/05/2016

Objec)ves•  Threekeyelementsareconsidered:interoperability,

programmability,andsecurity.Theseproper)eshavetobestudiedintermsofefficiency,func?onalresponsiveness,endtoendlatencyandgenerallyendtoendQoS.

•  Thethreeproper)esareessen)altodriveadvancedsolu)onstowardsindustrialadop)on.

•  Themainobjec?veofthisprojectistodemonstrateandassessthelevelofmaturityofadoptedsolu?onsandtoshowhowtheycansupportthefullpoten?aloftheseproper?esinarealworldinfrastructurebycrea?ng,nurturingandsuppor?nganecosystemofthirdpar?esabletomakeuseoftheSo0FIREtestbedandtofunc?onallyextendit.

303/05/2016

Interoperability•  Interworkingisthewantedpropertythatshouldguarantee

thatislandswithnewordifferenttechnologicalcapabili)esareinteroperableinspiteofdifferentunderlyingtechnologies.Federa?onandinterworkingbetweendifferentnodesofamul)facetedenvironmentaretobeprovided,checkedandassessed.Inaddi)onnewtechnologiesandsolu)onsshouldalsobeinteroperablewithlegacyonesinordertoensurethesmootherpathpossiblefromini)alinfrastructuretothenewerone.Aeen)onwillalsobepaidtotheemergentapplica)onofSDNandVirtualiza)ontoterminalsandedgedevicesaswellastheevolu)onofthesetechnologiesasafundamentalpartoftheevolu)ontowards5Gforminimisa)onoflatency.

403/05/2016

Programmability•  Programmabilityisthepursuedcapabilityofferedbythe

combina)onofSDNplusNFV,i.e.,thepossibilitytodirectlygovernnetworkresourcesandtocreatevirtualinfrastructuresontheminordertosupportthecommunica)on,storageandprocessingneedsofnetworkedapplica)ons.Programmabilityhastobechallenged,assessedandevaluatedagainstcompositesystemsthatcompriseislandswithdifferenttechnologies,differentmanagementrulesanddifferentnetworkcapabili)es.Aproposi)onoftheprojectistoconsolidatethemiddlewareinfrastructureandempowerEuropeancompaniestobecomeprominentprovidersorusersofthesesolu)ons.Thisaimsatcounterbalancingthecurrentadvantageofotherpartsoftheworldinthesetechnologiesdevelopmentandusage.

503/05/2016

Security•  Securityisthecrucialpropertyofthesenewprogrammablesystems,infacttheopeningupofprogrammableinterfacesshouldoccurinasafeandsecuremanner.Programmabilityisanessen)alfeature,butifthesecurityofinterfaces,underlyingmechanismsandsystemsisnotguaranteed,thenitbecomesariskratherthananopportunity.Thesetechnologieswillnotbeadoptediftheydonotprovesecuresincetheirini)aladop)onanddeploymentphase.Securityisafundamentalrequirementthatdeterminetheacceptabilityofthisenvisagetechnology.

603/05/2016

TheFederatedTestbed•  Theinfrastructurereliesonexis)ngexperimentaltestbedsalreadysetupbypartnersanditincludesnecessaryextensions,integra)ons,adapta)onsandreconfigura)onsthatservetheexperiments.Thefederatedtestbedisopentonewaddi)onsandextensionsastechnologiesandstandardiza)onevolvetowardsadefini)onandsupportofSDN/NFVandtowards5G.

•  AgoodmixrangingfromExperimentaltestbedstopreproduc)onimplementa)ons(Usurrey,Fokus–TUB,TelecomItalia,Ericsson),

703/05/2016

LogicalViewoftheTestbed

803/05/2016

TheTestBeds

Fuseco

T.I.:Jolnet

USurrey

903/05/2016

TIVIM

OSController

OSCompute

OSCompute…

ERICSSONVIM

OSController

OSCompute

OSCompute

FOKUS/TUB

FOKUS/TUBVIM

OSController

OSComputeSURREYVIM

OSController

OSCompute

OSCompute

OpenBaton

FITEagle

Infrastructurearchitecture

TheLogicalView

29/2/2016 11

Iden)tyManagement

Authoriza)on

Thrustworthiness

FITeagle

OpenBaton

NFVOrchestrator

VNFManagerVNFManager

NFVInfrastructure

VNFVNFVNF

VNFVNF

CloudInfrastructure

Compu)ngNetworking

Storage

BizApplica)on

BizApplica)on

VNF(SDNController)

NetworkingInfrastructure OtherResources

ApproachandMethodology•  TheSoRFIREapproachisverystraigh]orwardandeffec)ve.

–  Theproject’spartnerswillprovideaviabletestbedforexperimenta)on.Itwillsupportinteroperabilityanditwillprovideprogrammableinterfacesandbasicsecurityfunc)ons.

–  Ontopofthispla]ormThirdpar)eswillbecalledtodevelopservicesandapplica)onbymeansofseveralwavesofOpenCalls.Thirdpar)eswillalsobeengagedandchallengedinordertodevelopspecificextensionsorfunc)onali)esusefulforthetestbed.Thosepar)cularlyappealingcouldbeintegratedinthepla]ormonapermanentbasis.

•  Alltheseac)vi)eswillbemeasuredagainstasetofKPIsdefinedattheverybeginningoftheprojectinordertoevaluatethethreemainproper)esofthetestbed:interoperability,programmabilityandsecurity.TheprojectpartnersandtheThirdpar)eswillberequestedtoevaluatetheTestbedagainsttheKPIs.

•  Inaddi)on,Thirdpar)eswillbeprovidedwithrules,guidelinesandminimaltoolsinordertomakeeffec)veuseofthetestbed.Thiswillcons)tuteafirstbulkofopera)onsformanagingtheaccessoftestbedservicesandfunc)onali)es.

1203/05/2016

TheProjectStructure

1303/05/2016

NurturinganEcosystem•  Theprojectwillinterconnectthedifferentavailabletestbeds,andwillextendavailablefunc)onali)esandAPIs

•  ThreewavesofOpenCallsforexperimenta)on•  AfirstPlugTestatM09totestini)alinteroperability

•  Other2HackatonsatM12andM18tonurtureandassessanavailableecosystem

•  AfinalchallengeatM23toassessthematuritylevelofthefederatedtestbed

OPEN

CALLS

1403/05/2016

ExpectedImpacts•  Thecrea)onofafederatedPla]ormthatcanfosterthestudiestowards5G

•  Thedefini)onofKPIsandtheini)alproposi)onofbestprac)ces

•  Thestrongintegra)onofSecuritywithpla]ormdevelopment.

•  Thecrea)onandsupportforarichSDN/NFVecosystem

•  Thepossibilitytointeractandcreatefurtherlinkageswithsimilarini)a)vesinUSA,ASIAandelsewhere

•  Stronginterac)onwithFIRE+community•  Influencetostandards(ETSI,others…)

1503/05/2016

AnImportantByproduct

•  Allthesetestbedswillbeoperatedindifferentways(fromnoopera)ontopre-industrialopera)on)

•  Providingafedera)onwillpushforcommonguidelinesandrules

•  Theycouldbethebasisfordefiningini)albestprac)ceforaneffec)veOpera)onofthesenewpla]orms.

•  SoRFIREisengagedalsointhisobjec)ve

03/05/2016 16

SomeIni)alFindings-General•  NFVisusuallylookedatasamajorgoal–  Networkfunc)onsvirtualiza)onisusedformanyexis)ngcapabili)es

–  Orchestra)ons)llamajorissuewithproprietaryandexperimentalsolu)ons

•  SDNislaggingabitbehindintermsofrealimplementa)ons

•  Lackofintegra)onbetweenthetwotechnologies•  Generallackofalreadywellvirtualizedsolu)ons•  Thesepla]ormarefocusingmoreonthe«proofofconcept»andlessonManagement

•  Securityisusuallynotaconcernsanditisdisregarded

1703/05/2016

Someini)alFindings

•  Interoperability–  SameversionofOpenStackmakelifeeasier,otherpla]ormsordifferentversionrequirealotoftuning

–  NeedforcompetencesonOpenStack(itis)meconsumingtomovetonewerversions)

–  Interworkingatthephysicalandtransportlevelis«easy»unlessofstringentSECURITYrequirements•  Manycompaniesrequirestringentprocessesforopeningupinterfacesandsystemstothirdpar)es.ThereisNOTasimpleorstandardpolicyfordoingso

–  InteroperabilityatthelevelofsoRwareisdifficulttoachieve•  Useriden)ty,segmenta)onandslicing,securityconcerns

1803/05/2016

Interoperability-EndtoEndQoS•  Verydifferentpla]ormswithsignificantlydifferentgoals

–  FormNFVto5Gdemosta)on•  Differen)a)onbetweenKPIs

–  Pla]ormrelatedàshouldbesupportedbyeachtestbed–  Service/applica)onrelatedàstronglyservicespecificshouldbe

implementedwithintheservice•  Pla]ormrelatedKPIs:sofarmorethan60differentKPIs

underconsidera)on–  TheycoveralmostalltheaspectsoftheServiceLifeCycle(fromsetng

uptorunningandclosingtheexeprimenta)on)–  UseofZabbixforcollec)nginfo,need)metounderstandanddefine

generalKPIs–  ThereisaneedforaframeworkforuserdefinedandcontrolledKPIs

03/5/2016 19

Programmability•  Lackofstandardprocessforprogrammingthepla]orm

–  Handbooksandmanualaremissinginalargepartofthem(withfeweccp)on)

–  Programmershavetohaveastrongrela)onshipwithpla]ormproviders

–  Lackofalargesetofvirtualizedandprogrammablefunc)onali)es

–  Needtounderstandhowtorepresentinthepla]or(descrip)onlanguages,interfaces,…)newfunc)onali)es

•  SDNandNFVarenotintegratedyet–  SDNcontrollersarenotusuallyprovided–  Programmershavetodefinetheirownresources

03/5/2016 20

Security

•  Agenerallackofaeen)ontosecurity(verydetrimentalforNFV/SDN)

•  Prototypesverykeentohacking•  Virtualiza)onalonedoesn’tguaranteesecurity

•  Needstodefineprocessandaninforma)onmodelforaccessingandcollec)ngsecurityrelatedinforma)on

03/5/2016 21