Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Survey of Network Orchestration in Cloud

Published byAgatha Roberts Modified over 8 years ago

Similar presentations

Presentation on theme: "A Survey of Network Orchestration in Cloud"— Presentation transcript:

1 A Survey of Network Orchestration in Cloud
Xitao Wen

2 Roadmap Framework/platforms Support in cloud providers
Application demands Interesting directions

3 Frameworks/platforms
OpenStack Neutron Flat logical L2 via SDN, NSX or other L2 NVPs* Logical L3 router via iptables Ad-hoc models for NFV orchestration via plug-ins Extensibility via plug-ins No SDN capacity directly exposed to tenants Mainstream vendor support and deployment Called Virtual Private Cloud (VPC) Amazon and Rackspace Ali Cloud CloudStack Similar model but different implementation Less mature than OpenStack NVP: Network virtualization platform

4 OpenStack Neutron Architecture
Observations: SDN Service Node (process) refers to the SDN controller of underlying network Network Node (VM) as logical routers Does not expose SDN/service chaining capacity to tenant natively Might be able to support service chaining via vendor-provided plug-ins

5 Neutron Logical Network
Suitable for multi-tier applications No switch config exposed to tenants Static LB at border, distributed universal ACL

6 Framework/platform VMWare NSX Nuage Gateway based SDN WAN to save cost
Arbitrary L2/L3 topology via overlay NFV orchestration capacity exposed with “service composer” (only for security purpose) No SDN capacity directly exposed to tenants Increasingly wider deployment Nuage Mostly similar to NSX Features capacity to extend into MPLS WAN Gateway based SDN WAN to save cost

7 NSX Service Composer Security group Security policy
VM group identified by app tier, network, etc Traffic group identified by packet header or security tag Security policy Traversal sequence of services (i.e., VNF) Dynamic policy achieved via security tags Mapping security group to security policy

8 Example Model Observations:
Still, no SDN capacity is exposed to tenant, thus traffic orchestration is confined within NSX domain Increased policy management burden Difficulty to optimize TE and latency due to overlay

9 Framework/platform Cloudlab.us Flat virtual L2 network
OpenFlow access to virtual switch Planned feature: bare-metal access to ToR, spine and core switches via console and OpenFlow

10 Roadmap Framework/platforms Support in cloud providers
Application demands Interesting directions

11 Support in Cloud Providers
Status Quo OpenStack is the mainstream model for private clouds All clouds offer a subset of OpenStack Neutron capacity No NFV orchestration capacity provided by any clouds No SDN capacity provided to tenant by any clouds

12 Amazon Virtual Private Cloud
Gateway-Router-Subnet structure L3 configuration capacity VPN tunnel to build hybrid cloud Security groups with limited ACL No dynamic routing, no NFV capacity Virtual load-balancer

13 Rackspace Private Cloud
Three brand-name solutions OpenStack VMware vCloud Microsoft Cloud No add-on services in addition to the original solutions

14 Aliyun VPC Mostly similar to Amazon VPC
More restrictive on # of vRouters, vSwitches and security groups Advertised for SDN but does not expose SDN capacity to tenants

15 QingCloud, UCloud Mostly similar to Amazon VPC Nothing interesting…

16 Roadmap Framework/platforms Support in cloud providers
Application demands Interesting directions

17 Security Appliances Requires logical inline deployment or mirrored traffic redirected to appliance Tenants needs static traffic steering capacity Example: Distill VNF appliance

18 Video Transcoder for Mobile
Live video transcoding helps video provider to stream appropriate video format/quality to mobile devices Verizon is conducting field experiment on SDN to Redirect mis-matched video flow through trans-coder Redirect other video flow through cache in access network

19 Roadmap Framework/platforms Support in cloud providers
Application demands Interesting directions

20 Tracking NFV Visit Consider the scenario that application provider (AP) rent VNF to dynamically process their traffic (not only within cloud but also could be in Internet), e.g., Dynamic video trans-coding On-demand DDoS mitigation On-demand cache service in access network Dynamic service chaining is conducted with SDN capacity by network service provider (NSP), which redirects AP traffic through cloud-hosted Network Function Providers (NFPs) VNF process is typically transparent to APs thus they want to verify the traversals for monitoring and billing purpose (e.g., VNF process indeed done, in correct order, in consistent state for same flow, etc.) Formal reasoning on network rules is impractical because of the complexity and privacy concerns of NSP network

21 Tracking NFV Visit Problem
APs control flow endpoints (e.g., HTTP dst via JavaScript or browser plugin) So verification can be done at flow endpoints VNFs are cooperative AP authenticates with VNFs for billing purpose VNF tags traffic according to certain protocol only if it processes it NSPs can be error-prone or tardy NSP may fail to redirect traffic, redirect wrong traffic or redirect traffic to incorrect VNF sequences NSP may take a while to implement traffic redirection

22

Download ppt "A Survey of Network Orchestration in Cloud"

Similar presentations

Software Defined Networking in Apache CloudStack

Software Defined Networking in Apache CloudStack
Why SDN and MPLS? Saurav Das, Ali Reza Sharafat, Guru Parulkar, Nick McKeown Clean Slate CTO Summit 9 th November, 2011.

Why SDN and MPLS? Saurav Das, Ali Reza Sharafat, Guru Parulkar, Nick McKeown Clean Slate CTO Summit 9 th November, 2011.
CloudWatcher: Network Security Monitoring Using OpenFlow in Dynamic Cloud Networks or: How to Provide Security Monitoring as a Service in Clouds? Seungwon.

CloudWatcher: Network Security Monitoring Using OpenFlow in Dynamic Cloud Networks or: How to Provide Security Monitoring as a Service in Clouds? Seungwon.
The Case for Enterprise Ready Virtual Private Clouds Timothy Wood, Alexandre Gerber *, K.K. Ramakrishnan *, Jacobus van der Merwe *, and Prashant Shenoy.

The Case for Enterprise Ready Virtual Private Clouds Timothy Wood, Alexandre Gerber *, K.K. Ramakrishnan *, Jacobus van der Merwe *, and Prashant Shenoy.
OpenCloud Connect Overview. 2 Cloud Services Market MEF drove $50B Carrier Ethernet market OCC has similar ambitions for OpenCloud OCC wants open standards.

OpenCloud Connect Overview. 2 Cloud Services Market MEF drove $50B Carrier Ethernet market OCC has similar ambitions for OpenCloud OCC wants open standards.
Network Based Services in Mobile Networks Context, Typical Use Cases, Problem Area, Requirements IETF 87 Berlin, 29 July 2013 BoF Meeting on Network Service.

Network Based Services in Mobile Networks Context, Typical Use Cases, Problem Area, Requirements IETF 87 Berlin, 29 July 2013 BoF Meeting on Network Service.
Virtualization of Fixed Network Functions on the Oracle Fabric Krishna Srinivasan Director, Product Management Oracle Networking Savi Venkatachalapathy.

Virtualization of Fixed Network Functions on the Oracle Fabric Krishna Srinivasan Director, Product Management Oracle Networking Savi Venkatachalapathy.
Www.opendaylight.org OpenDaylight: An Open Source SDN for Your OpenStack Cloud Stephan Baucke, Ericsson Kyle Mestery, Cisco Anees Shaikh, IBM Chris Wright,

OpenDaylight: An Open Source SDN for Your OpenStack Cloud Stephan Baucke, Ericsson Kyle Mestery, Cisco Anees Shaikh, IBM Chris Wright,
Agenda Virtual Private Networks (VPNs) Motivation and Basics Deployment Topologies IPSEC (IP Security) Authentication Header (AH) Encapsulating Security.

Agenda Virtual Private Networks (VPNs) Motivation and Basics Deployment Topologies IPSEC (IP Security) Authentication Header (AH) Encapsulating Security.
Making Cellular Networks Scalable and Flexible Li Erran Li Bell Labs, Alcatel-Lucent Joint work with collaborators at university of Michigan, Princeton,

Making Cellular Networks Scalable and Flexible Li Erran Li Bell Labs, Alcatel-Lucent Joint work with collaborators at university of Michigan, Princeton,
10/04/12 Under the Hood: Network Virtualization with OpenStack Neutron and VMware NSX Somik Behera – NSX Product Manager Dimitri Desmidt - NSX Senior Technical.

10/04/12 Under the Hood: Network Virtualization with OpenStack Neutron and VMware NSX Somik Behera – NSX Product Manager Dimitri Desmidt - NSX Senior Technical.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Software Defined Networking.

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Software Defined Networking.
SDN in Openstack - A real-life implementation Leo Wong.

SDN in Openstack - A real-life implementation Leo Wong.
Utilizing OpenStack to Meet Telco Needs

Utilizing OpenStack to Meet Telco Needs
SDN Controller Requirement draft-gu-sdnrg-sdn-controller-requirement-00 Rong Gu (Presenter) Chen Li China Mobile.

SDN Controller Requirement draft-gu-sdnrg-sdn-controller-requirement-00 Rong Gu (Presenter) Chen Li China Mobile.
Helium Hydrogen. AAA: Authentication, Authorization & Accounting AuthN: Authentication BGP: Border Gateway Protocol COPS: Common Open Policy Service DLUX:

Helium Hydrogen. AAA: Authentication, Authorization & Accounting AuthN: Authentication BGP: Border Gateway Protocol COPS: Common Open Policy Service DLUX:
Draft-li-rtgwg-cc-igp-arch-00IETF 88 RTGWG1 An Architecture of Central Controlled Interior Gateway Protocol (IGP) draft-li-rtgwg-cc-igp-arch-00 Zhenbin.

Draft-li-rtgwg-cc-igp-arch-00IETF 88 RTGWG1 An Architecture of Central Controlled Interior Gateway Protocol (IGP) draft-li-rtgwg-cc-igp-arch-00 Zhenbin.
Network as a programmable asset

Network as a programmable asset
BGP L3VPN Virtual PE draft-fang-l3vpn-virtual-pe-01

BGP L3VPN Virtual PE draft-fang-l3vpn-virtual-pe-01
Data Center Network Redesign using SDN

Data Center Network Redesign using SDN

Similar presentations

Ads by Google