when networks meets apps (open stack atlanta)
DESCRIPTION
Recent advancements in OpenStack capabilities have made the cloud better tuned to enterprise needs by introducing much more flexible network designs and networking services, with the tradeoff of making the cloud more complex. In this session we will describe how we can leverage the power of the new networking advancement without exposing the complexity to the end user. We will present alternative approaches and their tradeoffs for automating the deployment of a typical n-tier enterprise application that include multi-tenant environment, separate network for admin and applications, cross region network, attach a floating IP, setup security groups etc. all through a combination of Heat, TOSCA, Chef, Puppet, and more.TRANSCRIPT
![Page 1: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/1.jpg)
When Network Meets Apps!Putting networking and application
together
Nati ShalomGigaSpaces @natishalom
Samuel BercoviciRadware@samuelbercovici
![Page 2: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/2.jpg)
Agenda
• Overview of Networking and Apps• What’s Changed?• Putting Networking and Apps by
Example• Future Work
![Page 3: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/3.jpg)
Let’s Start With Some
Basic Definitions..
![Page 4: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/4.jpg)
Application
Application & Tiers
WebTier
MiddleTier
DBTier
![Page 5: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/5.jpg)
Zoom into a Tier
Server (Physical/VM)
Operating System (RHEL 6.5 64bits)
Database System (MySQL)
Schema (Word-press)
IP Address
IP Address
TCP Port
![Page 6: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/6.jpg)
Logical Connectivity
WebTier
MiddleTier
DBTier
Internet
![Page 7: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/7.jpg)
Where is the network?
![Page 8: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/8.jpg)
Backend ZoneDMZ
WebTier
MiddleTier
DBTier
Multicast/Broadcast, Isolation
![Page 9: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/9.jpg)
Personal DataBusiness centerDMZ
WebTier
MiddleTier
DBTier
Multicast/Broadcast, Isolation
![Page 10: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/10.jpg)
WebTier
MiddleTier
DBTier
Layer 3 Services
• Subnet• GW• IPAM – DHCP• DNS
• Subnet• GW• IPAM – DHCP• DNS
• Subnet• GW• IPAM – DHCP• DNS
![Page 11: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/11.jpg)
WebTier
MiddleTier
DBTier
Availability
SLB
![Page 12: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/12.jpg)
WebTier
MiddleTier
DBTier
Availability & Scalability
SLB
SLB
SLB
![Page 13: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/13.jpg)
WebTier
MiddleTier
DBTier
Security, Availability & Scalability
SLB
SLB
SLB
FW
![Page 14: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/14.jpg)
WebTier
MiddleTier
DBTier
Management
SLB
SLB
SLB
FW
VPN Monitoring, CI
![Page 15: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/15.jpg)
Expertise & Responsibilities
• Network / Security Manager– Network (L2, L3)– Network Services (Router, NAT, DHCP, DNS, LB)– Network Security (FW, VPN)
• IT / Application Manager– Server– Operating System– Software Stack– Application Artifacts– Server’s Security
![Page 16: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/16.jpg)
Load Balancer - Management
• Network based– L2 and L3– L4 Load balancing
• Application based– Cookie based, L7 Content
Switching, L7 Content Modifications, etc.
Network Manager
Network Manager ? Application Manager ?
![Page 17: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/17.jpg)
What’s Changed?
Everything is Software Defined
![Page 18: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/18.jpg)
We Can Automate Everything..
Orchestration Networking
Compute
![Page 19: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/19.jpg)
Neutron/Nova APIs
• Layer 2 networks• Layer 3 subnets
– IP address management – DHCP based– Router / gateway / NAT
• Port• Security groups• Floating IP
• Layer 4-7 Services– Load balancing– VPN– Firewall
![Page 20: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/20.jpg)
Putting Network and Apps Together by Example
HEAT
• OpenStack Orchestration
TOSCA
• Topology• Orchestration• Specification of• Cloud• Application
![Page 21: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/21.jpg)
Apache Server DB Server
Apache
WordpressMySQL
WordPress Simple Example• App Network• App Subnet• App Port• Security Group• Apache Floating IP• Router Gateway
• Data Network• Data Subnet• Data Port• Security Group
Router
![Page 22: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/22.jpg)
Network Topology View
![Page 23: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/23.jpg)
Heat Topology View
![Page 24: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/24.jpg)
Heat Template
![Page 25: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/25.jpg)
Apache Server DB Server
NodeJS
NodeCellerMongoDB
TOSCA (Like) Example• App Network• App Subnet• App Port• Security Group• Apache Floating IP• Router Gateway
• Data Network• Data Subnet• Data Port• Security Group
Router
Monitoring, Logging CI
![Page 26: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/26.jpg)
Network View
![Page 27: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/27.jpg)
Topology View
![Page 28: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/28.jpg)
TOSCA (Like) Blueprint
![Page 29: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/29.jpg)
Adding AutoScaling & Avaliability..
![Page 30: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/30.jpg)
Scalability & AvailabilityRouter
L3
Tenant1 Network
Tenant1 Project
VIP1
Management Network
Web VM3
VIP1VIP1
Alteon VA Project
VM4
VM5
![Page 31: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/31.jpg)
AutoScaling - Heat Template
• web_server_group - OS::Heat::AutoScalingGroup• web_server_scaleup_policy - OS::Heat::ScalingPolicy• web_server_scaledown_policy - OS::Heat::ScalingPolicy• cpu_alarm_high - OS::Ceilometer::Alarm• cpu_alarm_low - OS::Ceilometer::Alarm• monitor - OS::Neutron::HealthMonitor• pool - OS::Neutron::Pool• lb - OS::Neutron::LoadBalancer
![Page 32: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/32.jpg)
So far so good, but...
![Page 33: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/33.jpg)
Considering Real Life Scenarios
Continuous Availability Across AZ’s and Regions– Adding Affinity Rules for Compute,
Storage– Auto-Scaling, etc.
Continuous Deployment – Updating policies and workflow– Creating new deployments every day
![Page 34: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/34.jpg)
Real Life Example
(HP Print)
• 30 HP Helion Public Cloud accounts
• 500+ compute instances
• 1400 Peak deployments per day
• 100+ compute instances per management cluster
• 100x developers doing deployments in a consistent fashion
• <2H Move from HP Helion Public Cloud tenant to a fully provisioned and deployed service
![Page 35: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/35.jpg)
Networking and Apps in Real Life...
![Page 36: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/36.jpg)
Future work..
![Page 37: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/37.jpg)
Putting TOSCA and
HEAT Closer..
• TOSCA HEAT Translator Project (IBM, GigaSpaces, Huawei, Vnomic ..)
• TOSCA enablement in Heat Juno• Integrating
Cloudify and Heat
![Page 38: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/38.jpg)
Group Based Policies
• Addressing Network Requirements from the application perspective• Delegation of
Responsibilities
![Page 39: When networks meets apps (open stack atlanta)](https://reader035.vdocuments.site/reader035/viewer/2022062419/557cc0aad8b42a59078b4b16/html5/thumbnails/39.jpg)
References
• Examples (Step by Step Guide)– Heat Example– TOSCA (like) Example
• TOSCA Translator Project– Git Project
• OpenStack Heat Project• Cloudify – getcloudify.org• Radware Load Balancing as a Service • Group Based Policies – GPB• AutoScaling Policies – Heat Template