A Survey of Network Orchestration in Cloud

Slides:



Advertisements
Similar presentations
Software Defined Networking in Apache CloudStack
Advertisements

Why SDN and MPLS? Saurav Das, Ali Reza Sharafat, Guru Parulkar, Nick McKeown Clean Slate CTO Summit 9 th November, 2011.
CloudWatcher: Network Security Monitoring Using OpenFlow in Dynamic Cloud Networks or: How to Provide Security Monitoring as a Service in Clouds? Seungwon.
The Case for Enterprise Ready Virtual Private Clouds Timothy Wood, Alexandre Gerber *, K.K. Ramakrishnan *, Jacobus van der Merwe *, and Prashant Shenoy.
OpenCloud Connect Overview. 2 Cloud Services Market MEF drove $50B Carrier Ethernet market OCC has similar ambitions for OpenCloud OCC wants open standards.
Network Based Services in Mobile Networks Context, Typical Use Cases, Problem Area, Requirements IETF 87 Berlin, 29 July 2013 BoF Meeting on Network Service.
Virtualization of Fixed Network Functions on the Oracle Fabric Krishna Srinivasan Director, Product Management Oracle Networking Savi Venkatachalapathy.
OpenDaylight: An Open Source SDN for Your OpenStack Cloud Stephan Baucke, Ericsson Kyle Mestery, Cisco Anees Shaikh, IBM Chris Wright,
Agenda Virtual Private Networks (VPNs) Motivation and Basics Deployment Topologies IPSEC (IP Security) Authentication Header (AH) Encapsulating Security.
Making Cellular Networks Scalable and Flexible Li Erran Li Bell Labs, Alcatel-Lucent Joint work with collaborators at university of Michigan, Princeton,
10/04/12 Under the Hood: Network Virtualization with OpenStack Neutron and VMware NSX Somik Behera – NSX Product Manager Dimitri Desmidt - NSX Senior Technical.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Software Defined Networking.
SDN in Openstack - A real-life implementation Leo Wong.
Utilizing OpenStack to Meet Telco Needs
SDN Controller Requirement draft-gu-sdnrg-sdn-controller-requirement-00 Rong Gu (Presenter) Chen Li China Mobile.
Helium Hydrogen. AAA: Authentication, Authorization & Accounting AuthN: Authentication BGP: Border Gateway Protocol COPS: Common Open Policy Service DLUX:
Draft-li-rtgwg-cc-igp-arch-00IETF 88 RTGWG1 An Architecture of Central Controlled Interior Gateway Protocol (IGP) draft-li-rtgwg-cc-igp-arch-00 Zhenbin.
Network as a programmable asset
BGP L3VPN Virtual PE draft-fang-l3vpn-virtual-pe-01
Data Center Network Redesign using SDN
Enabling Innovation Inside the Network Jennifer Rexford Princeton University
Configuring Routing and Remote Access(RRAS) and Wireless Networking
Networking in the cloud: An SDN primer Ben Cherian Chief Strategy Midokura.
Software to Data model Lenos Vacanas, Stelios Sotiriadis, Euripides Petrakis Technical University of Crete (TUC), Greece Workshop.
Lecture 15. IGP and MPLS D. Moltchanov, TUT, Spring 2008 D. Moltchanov, TUT, Spring 2015.
Software-Defined Networks Jennifer Rexford Princeton University.
Draft-bitar-nvo3-vpn-applicability-00.txt Page - 1 Cloud Networking: Framework and VPN Applicability draft-bitar-nvo3-vpn-applicability-00.txt Nabil Bitar.
CON Software-Defined Networking in a Hybrid, Open Data Center Krishna Srinivasan Senior Principal Product Strategy Manager Oracle Virtual Networking.
FUTURE OF NETWORKING SAJAN PAUL JUNIPER NETWORKS.
Vic Liu Liang Xia Zu Qiang Speaker: Vic Liu China Mobile Network as a Service Architecture draft-liu-nvo3-naas-arch-01.
© 2015 BROCADE COMMUNICATIONS SYSTEMS, INC THAT’S THE ANSWER WHAT’S THE QUESTION? Software Defined Networking Dan DeBacker Principal.
Software Defined Networks for Dynamic Datacenter and Cloud Environments.
BGP L3VPN Virtual CE draft-fang-l3vpn-virtual-ce-01 Luyuan Fang Cisco John Evans Cisco David Ward Cisco Rex Fernando Cisco John Mullooly Cisco Ning So.
Aaron Gember, Theophilus Benson, Aditya Akella University of Wisconsin-Madison.
Extending OVN Forwarding Pipeline Topology-based Service Injection
1 | © 2015 Infinera Open SDN in Metro P-OTS Networks Sten Nordell CTO Metro Business Group
Network Virtualization in Multi-tenant Datacenters Author: VMware, UC Berkeley and ICSI Publisher: 11th USENIX Symposium on Networked Systems Design and.
SOFTWARE DEFINED NETWORKING/OPENFLOW: A PATH TO PROGRAMMABLE NETWORKS April 23, 2012 © Brocade Communications Systems, Inc.
3/12/2013Computer Engg, IIT(BHU)1 CLOUD COMPUTING-1.
Network Virtualization Sandip Chakraborty. In routing table we keep both the next hop IP (gateway) as well as the default interface. Why do we require.
Internet Traffic Engineering Motivation: –The Fish problem, congested links. –Two properties of IP routing Destination based Local optimization TE: optimizing.
Introduction to Avaya’s SDN Architecture February 2015.
OpenContrail at OPNFV Summit 2015
Brocade Software Defined Networking Muhammad Durrani Principle Engineer July, 2013.
Fabric: A Retrospective on Evolving SDN Presented by: Tarek Elgamal.
Why Fabric? 1 Complicated technology/vendor/device specific provisioning for networks, especially heterogeneous network DC Network – STP, TRILL, SPB, VXLAN,
NEWS: Network Function Virtualization Enablement within SDN Data Plane.
Software Defined Networking and OpenFlow Geddings Barrineau Ryan Izard.
IETF95.
100GE Upgrades at FNAL Phil DeMar; Andrey Bobyshev CHEP 2015 April 14, 2015.
Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing Grant.
J. Halpern (Ericsson), C. Pignataro (Cisco)
Atrium Router Project Proposal Subhas Mondal, Manoj Nair, Subhash Singh.
Network Virtualization Ben Pfaff Nicira Networks, Inc.
Shaopeng, Ho Architect of Chinac Group
Unit 3 Virtualization.
CLOUD ARCHITECTURE Many organizations and researchers have defined the architecture for cloud computing. Basically the whole system can be divided into.
Xin Li, Chen Qian University of Kentucky
Examples based on draft-cheng-supa-applicability-00.txt
SECURITY ZONES.
NETW 208 RANK The power of possibility/netw208rank.com
VDP extension for SR-IOV
Planning and Troubleshooting Routing and Switching
CORD Build Event.
Bin Hu, AT&T Dave Lenrow, HP
Management and Orchestration in Complex and Dynamic Environment
See your OpenStack Network Like Never Before
Sangfor Cloud Security Pool, The First-ever NSH Use Case
Kenwa Chin Executive Architect, CCDP
NFV and SD-WAN Multi vendor deployment
Presentation transcript:

A Survey of Network Orchestration in Cloud Xitao Wen

Roadmap Framework/platforms Support in cloud providers Application demands Interesting directions

Frameworks/platforms OpenStack Neutron Flat logical L2 via SDN, NSX or other L2 NVPs* Logical L3 router via iptables Ad-hoc models for NFV orchestration via plug-ins Extensibility via plug-ins No SDN capacity directly exposed to tenants Mainstream vendor support and deployment Called Virtual Private Cloud (VPC) Amazon and Rackspace Ali Cloud CloudStack Similar model but different implementation Less mature than OpenStack NVP: Network virtualization platform

OpenStack Neutron Architecture Observations: SDN Service Node (process) refers to the SDN controller of underlying network Network Node (VM) as logical routers Does not expose SDN/service chaining capacity to tenant natively Might be able to support service chaining via vendor-provided plug-ins

Neutron Logical Network Suitable for multi-tier applications No switch config exposed to tenants Static LB at border, distributed universal ACL

Framework/platform VMWare NSX Nuage Gateway based SDN WAN to save cost Arbitrary L2/L3 topology via overlay NFV orchestration capacity exposed with “service composer” (only for security purpose) No SDN capacity directly exposed to tenants Increasingly wider deployment Nuage Mostly similar to NSX Features capacity to extend into MPLS WAN Gateway based SDN WAN to save cost

NSX Service Composer Security group Security policy VM group identified by app tier, network, etc Traffic group identified by packet header or security tag Security policy Traversal sequence of services (i.e., VNF) Dynamic policy achieved via security tags Mapping security group to security policy

Example Model Observations: Still, no SDN capacity is exposed to tenant, thus traffic orchestration is confined within NSX domain Increased policy management burden Difficulty to optimize TE and latency due to overlay

Framework/platform Cloudlab.us Flat virtual L2 network OpenFlow access to virtual switch Planned feature: bare-metal access to ToR, spine and core switches via console and OpenFlow

Roadmap Framework/platforms Support in cloud providers Application demands Interesting directions

Support in Cloud Providers Status Quo OpenStack is the mainstream model for private clouds All clouds offer a subset of OpenStack Neutron capacity No NFV orchestration capacity provided by any clouds No SDN capacity provided to tenant by any clouds

Amazon Virtual Private Cloud Gateway-Router-Subnet structure L3 configuration capacity VPN tunnel to build hybrid cloud Security groups with limited ACL No dynamic routing, no NFV capacity Virtual load-balancer

Rackspace Private Cloud Three brand-name solutions OpenStack VMware vCloud Microsoft Cloud No add-on services in addition to the original solutions

Aliyun VPC Mostly similar to Amazon VPC More restrictive on # of vRouters, vSwitches and security groups Advertised for SDN but does not expose SDN capacity to tenants

QingCloud, UCloud Mostly similar to Amazon VPC Nothing interesting…

Roadmap Framework/platforms Support in cloud providers Application demands Interesting directions

Security Appliances Requires logical inline deployment or mirrored traffic redirected to appliance Tenants needs static traffic steering capacity Example: Distill VNF appliance

Video Transcoder for Mobile Live video transcoding helps video provider to stream appropriate video format/quality to mobile devices Verizon is conducting field experiment on SDN to Redirect mis-matched video flow through trans-coder Redirect other video flow through cache in access network

Roadmap Framework/platforms Support in cloud providers Application demands Interesting directions

Tracking NFV Visit Consider the scenario that application provider (AP) rent VNF to dynamically process their traffic (not only within cloud but also could be in Internet), e.g., Dynamic video trans-coding On-demand DDoS mitigation On-demand cache service in access network Dynamic service chaining is conducted with SDN capacity by network service provider (NSP), which redirects AP traffic through cloud-hosted Network Function Providers (NFPs) VNF process is typically transparent to APs thus they want to verify the traversals for monitoring and billing purpose (e.g., VNF process indeed done, in correct order, in consistent state for same flow, etc.) Formal reasoning on network rules is impractical because of the complexity and privacy concerns of NSP network

Tracking NFV Visit Problem APs control flow endpoints (e.g., HTTP dst via JavaScript or browser plugin) So verification can be done at flow endpoints VNFs are cooperative AP authenticates with VNFs for billing purpose VNF tags traffic according to certain protocol only if it processes it NSPs can be error-prone or tardy NSP may fail to redirect traffic, redirect wrong traffic or redirect traffic to incorrect VNF sequences NSP may take a while to implement traffic redirection

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.