Transcript brent-openx-v1-1x

OpenStack & OpenFlow Demo
Brent Salisbury CCIE#11972
Network Architect
University of Kentucky
9/22/2012
https://twitter.com/#!/networkstatic
Network is the Substrate
• Cloud computing refers to the delivery of computing and storage capacity
as a service to a heterogeneous community of end-recipients. The name
comes from the use of clouds as an abstraction for the complex
infrastructure it contains in system diagrams. Cloud computing entrusts
services with a user's data, software and computation over a network.
• Cloud computing relies on sharing
of resources to achieve coherence
and economies of scale similar to
a utility (like the electricity grid)
over a network. At the foundation
of cloud computing is the broader
concept of converged
infrastructure and shared services
over networks.
OpenStack
“My UI will be easier to use”
“I need a different VM
placement policy”
“I have a much better way to
snapshot machine images”
“I want to report on my
customers SLAs”
“I’ll build in a way to
share revenue with
my customer’s”
“I let my customers span
multiple clouds”
Example of the Future: Open Source Cloud Framework
Good Parents 170+ companies
Typical Provisioning Workflow
-Paperwork
-Storage
-Systems
-Network
-Security
-Licensing
-Scheduling
-Reporting
-Billing
-Repeat
-Efficiency?
Demo Components
•
•
•
•
Nerd Warning
BPDUGuard good
OpenStack - Orchestration
OpenvSwitch - Network Virtualization
Kernel Virtualization Module (KVM) – Hypervisor
Bare Metal x86 Server Dell r910 & r720
10 minute demo the following
 As Provider
• Provision new customer/tenant and UIDs.
• Modify policy for quotas including usage in storage, VCPU, memory,
images OS and capacity, network addressing based on customer need.
 As Customer
• Login as user and self-provision SSL keys and apply 5-tuple security
policy to each host we spin up.
• Launch Windows 2008 R2 and Linux hosts with varying levels of
memory, CPU and ephemeral storage.
• Assign networks to these hosts based on purposing.
 As Provider and Customer
• Review usage data for capacity planning, SLA fulfillment, usage
analytics and billing.
Demo Topology
Software Defined Networking
Warning: Contains optimism (Plug to http://PacketPushers.net for Unicorn Humor!)
Old slide but still valid imo
P
Can I not be a cheaper
Merchant silicon chip?
P
MPLS Core
PE
FlowVisor
Customer A
Customer B
Control Plane
SDN Controller
•
•
PE
FlowVisor
Customer B
Customer A
Control Plane
SDN Controller
It should be the next x86 market. Have we admitted that yet?
The value in abstraction is proven.
Change is Bad
• We are operating far to close to the hardware.
o Do systems administrators configure their services in x86 Bios? Well, we do.
• Generic components decomposed into resources to
consume anywhere, anytime.
• Abstraction of Forwarding, State and Management.
o
o
o
Forwarding: Networking gear with flow tables and firmware.
State: Bag of protocols destruction.
Management: Orchestration, CMDB etc. Join the rest of the data center (and world)
Not New Ideas
VM Farms Today
SDN Network
Physical Server Infrastructure
Servers, CPU, Memory, Disk,
NIC, Bus.
HyperVisors, Vmware,
Hyper-V, KVM, Xen, X86
Instruction Set
Windows
WindowS
Slices
lice
Windows
WindowS
Slices
lice
Windows
WindowS
Slices
lice
Physical Network Infrastructure
Physical HW
Virtualization
Router, Switches, RIB, LIB,
TCAM, Memory, CPU, ASIC.
GENI FlowVisor
Openflow Controller
Research
WindowS
Slices
Slices
lice
General
Purpose
WindowS
lice
Slice
Secure
Network
WindowS
lice
Slice
Planes Trains and Fabrics..
SDN Controller Framework
Generic Switch Architecture
OpenFlow Controller
OpenFlow Protocol (SSL/TCP)
Control Path
OpenFlow
Data Path (Hardware)
Next Few slides are from presentation from Srini Seetharaman Deutsche Telekom
OpenFlow Example
Software
Layer
Controller
PC
OpenFlow Client
Flow Table
Hardware
Layer
MAC
src
MAC
dst
IP
Src
IP
Dst
TCP
TCP
Action
sport dport
*
*
*
5.6.7.8
*
port 1
5.6.7.8
port 2
*
port 3
port 1
port 4
1.2.3.4
OpenFlow Basics
Flow Table Entries
Rule
Action
Stats
Packet + byte counters
1.
2.
3.
4.
5.
Switch VLAN
Port
ID
Forward packet to zero or more ports
Encapsulate and forward to controller
Send to normal processing pipeline
Modify Fields
Any extensions you add!
VLAN MAC
pcp src
MAC
dst
+ mask what fields to match
Eth
type
IP
Src
IP
Dst
IP
L4
IP
ToS Prot sport
L4
dport
Examples
Switching
Switch MAC
Port src
*
MAC Eth
dst
type
00:1f:.. *
*
VLAN IP
ID
Src
IP
Dst
IP
Prot
TCP
TCP
Action
sport dport
*
*
*
*
IP
Dst
IP
Prot
TCP
TCP
Action
sport dport
*
*
port6
Flow Switching
Switch MAC
Port src
MAC Eth
dst
type
port3 00:20.. 00:1f.. 0800
VLAN IP
ID
Src
vlan1 1.2.3.4 5.6.7.8
4
17264 80
port6
Firewall
Switch MAC
Port src
*
*
MAC Eth
dst
type
*
*
VLAN IP
ID
Src
IP
Dst
IP
Prot
TCP
TCP
Action
sport dport
*
*
*
*
*
22
drop
Examples
Routing
Switch MAC
Port src
*
*
MAC Eth
dst
type
*
*
VLAN IP
ID
Src
IP
Dst
*
5.6.7.8 *
*
VLAN IP
ID
Src
IP
Dst
IP
Prot
vlan1 *
*
*
TCP
TCP
Action
sport dport
port6,
port7,
*
*
port9
*
IP
Prot
TCP
TCP
Action
sport dport
*
port6
VLAN Switching
Switch MAC
Port src
*
*
MAC Eth
dst
type
00:1f.. *
Multi-Tenant Slicing
Doh!
>
Jumbled Protocol Picture source: Nick McKeown