SlideShare una empresa de Scribd logo

Developing production OpenFlow controller with Trema

Yasunobu Chiba
Yasunobu Chiba

This document provides tips and common mistakes to avoid when developing an OpenFlow controller using the Trema framework. It discusses key things to know about OpenFlow and Trema, such as Trema being a programming framework rather than a full controller itself. It then presents a use case of developing a production OpenFlow controller to manage virtual networks across thousands of switches and hosts. The design uses a load balancer and three-tier architecture. An evaluation showed the controller could manage over 400 switches and 16,000 virtual networks per controller instance.

Tecnología
1 de 20
Developing production OpenFlow controller with Trema Apr. 20, 2013 Yasunobu Chiba Part-time developer, Trema Project Copyright (C) 2013 NEC Corporation
Agenda • Provide tips and typical mistakes when developing OpenFlow controller with Trema C library • Explain a production OpenFlow controller development use case Copyright (C) 2013 NEC Corporation
THINGS TO KNOW ABOUT OPENFLOW AND TREMA BEFORE DEVELOPING OPENFLOW CONTROLLER Copyright (C) 2013 NEC Corporation
Trema is not an OpenFlow controller • Trema is a programming framework and just a building block for implementing OpenFlow controllers • You may use any other building blocks as well as Trema – For high availability, scalability, network protocol support, and etc. Copyright (C) 2013 NEC Corporation
OpenFlow switch is not a database • OpenFlow switch is not a database and does not have ACID properties • Error messages are returned from switch asynchronously • Send a Barrier Request to complete a previously sent Flow Mod (or any other) operation • See and reuse Transaction Manager: – https://github.com/trema/apps/tree/master/transacti on_manager Copyright (C) 2013 NEC Corporation
Asynchronous events happen before features request/reply exchange • You may receive asynchronous OpenFlow events such as Packet-In from unknown switches that features reply has not been received • In Trema, Switch Ready event is triggered when a features reply is received Copyright (C) 2013 NEC Corporation
send_openflow_message() does not send message actually • send_openflow_message() just pushes a given message to an appropriate send queue • The send queue is automatically flushed inside the main loop • Message ordering is NOT guaranteed among switches Copyright (C) 2013 NEC Corporation
libtrema is not fully thread-safe • The followings may be thread-safe but not guaranteed for all functions – buffer, doubly linked list, hash, linked list, log, match table, OpenFlow message, packet info, packet parser, stat, utility, wrapper • OpenFlow application interface is NOT thread- safe • Call send_openflow_message() from the main thread that trema_run() is running Copyright (C) 2013 NEC Corporation
Length of send queue is limited • The maximum length of send queue (for sending OpenFlow messages) is limited and fixed • send_openflow_message() may return false if the send queue is full Copyright (C) 2013 NEC Corporation
Do not call flush_messenger() • flush_messenger() flushes all send queues and receive queues immediately and synchronously • Calling it in an OpenFlow event handler may recursively call the event handler! • Call only if you known how it works very well Copyright (C) 2013 NEC Corporation
start_trema() may call fork(2) • start_trema() calls fork(2) if your controller is to be daemonized • Use caution if you call functions that may be affected by fork(2) Copyright (C) 2013 NEC Corporation
CONTROLLER DEVELOPMENT USE CASE Copyright (C) 2013 NEC Corporation
Requirements • Functional Requirements – Manage association among virtual networks (based on non-OpenFlow technology) and switch ports – Associate a switch port with MAC addresses located on the switch port – All operations above can be done via REST interface • Non-functional Requirements – 1K+ switches must be handled – 10K+ active virtual networks must be managed – 10K+ end hosts must be connected to virtual networks Copyright (C) 2013 NEC Corporation
Requirements – cont’d Copyright (C) 2013 NEC Corporation Switch #1 Switch #2 Switch #3 Switch #X Virtual Network #N Virtual Network #2 Virtual Network #1 10,000+ Active Virtual Networks 1,000+ Switches 10,000+ End Hosts Physical Network Virtual Networks
Design • Load balancer + three-tiered architecture + α Copyright (C) 2013 NEC Corporation Dispatcher (Load Balancer) Worker Worker Worker Backend Database Configuration Interface External Application OpenFlow Switch REST OpenFlow + REST OpenFlow + REST
Implementation Copyright (C) 2013 NEC Corporation REST I/FController Cluster OpenFlow Load Balancer (LVS) Virtual Network Manager Virtual Network Manager Virtual Network Manager Configuration Frontend Configuration Frontend Configuration Frontend REST Interface Load Balancer (LVS) Backend DB (MySQL) Watchdog Trema Trema Trema OpenFlow Virtual Network Agent REST VM Legacy Network OpenFlow Switch REST OpenFlow VXLAN Tunnel End-Point Virtual Networks Legacy L2/L3 Network VM Legacy Network Virtual Network Agent OpenFlow Switch VXLAN Tunnel End-Point
Evaluation setup Copyright (C) 2013 NEC Corporation Vnet Manager + Config. Frontend #1 Vnet Manager + Config. Frontend #2 Vnet Manager + Config. Frontend #N Backend DB Load Balancer eth0 eth0 eth0 eth0 eth1 eth2 eth2 eth2 eth2 Database Network192.168.17.0/24 192.168.16.1 192.168.16.2 192.168.16.N 192.168.48.16 192.168.17.64 192.168.17.1 192.168.17.2 192.168.17.N 192.168.16.254 eth1 80/tcp 6633/tcp REST Client eth1 eth1 eth1 InternalControlNetwork192.168.16.0/24 192.168.64.17 192.168.64.18 192.168.64.19 192.168.64.16 eth0 ManagementNetwork192.168.64.0/20 192.168.64.(17+N) ControlandData Network192.168.48.0/20 eth0 - 192.168.65.1 VXLAN TEP Vnet Agent VM Host #1 Open vSwitch hp001 sp001 eth1 - 192.168.49.1 hp128 sp128 hp002 sp002 eth0 - 192.168.65.N VXLAN TEP Vnet Agent VM Host #N Open vSwitch hp001 sp001 eth1 - 192.168.49.N hp128 sp128 hp002 sp002 192.168.63.253
Evaluation items and results • # of switches that can be managed – 410 - 412 switches per a single Virtual Network Manager were connected and initialized properly • Switch daemons were not able to run due to insufficient memory (system memory was 2 GB) – 1024 switches were connected and initialized with three Virtual Network Managers Copyright (C) 2013 NEC Corporation
Evaluation items and results • # of virtual networks that can be managed – 16384 virtual networks that have 8 ports (hosts) each were successfully created with 1024 switches and three Virtual Network Managers • Virtual network setup time – Setup time did not increase even if we have a number of virtual networks – Database access time was constant and a minor factor Copyright (C) 2013 NEC Corporation
To be continued… Copyright (C) 2013 NEC Corporation

Recomendados

Tremashark
TremasharkTremashark
TremasharkYasunobu Chiba
 
EBPF and Linux Networking
EBPF and Linux NetworkingEBPF and Linux Networking
EBPF and Linux NetworkingPLUMgrid
 
Kernel Recipes 2014 - NDIV: a low overhead network traffic diverter
Kernel Recipes 2014 - NDIV: a low overhead network traffic diverterKernel Recipes 2014 - NDIV: a low overhead network traffic diverter
Kernel Recipes 2014 - NDIV: a low overhead network traffic diverterAnne Nicolas
 
Pushing Packets - How do the ML2 Mechanism Drivers Stack Up
Pushing Packets - How do the ML2 Mechanism Drivers Stack UpPushing Packets - How do the ML2 Mechanism Drivers Stack Up
Pushing Packets - How do the ML2 Mechanism Drivers Stack UpJames Denton
 
DevOops - Lessons Learned from an OpenStack Network Architect
DevOops - Lessons Learned from an OpenStack Network ArchitectDevOops - Lessons Learned from an OpenStack Network Architect
DevOops - Lessons Learned from an OpenStack Network ArchitectJames Denton
 
Kernel Recipes 2013 - Nftables, what motivations and what solutions
Kernel Recipes 2013 - Nftables, what motivations and what solutionsKernel Recipes 2013 - Nftables, what motivations and what solutions
Kernel Recipes 2013 - Nftables, what motivations and what solutionsAnne Nicolas
 
Precision Time Synchronization
Precision Time SynchronizationPrecision Time Synchronization
Precision Time SynchronizationKrishna Sankar
 
PART-3 : Mastering RTOS FreeRTOS and STM32Fx with Debugging
PART-3 : Mastering RTOS FreeRTOS and STM32Fx with DebuggingPART-3 : Mastering RTOS FreeRTOS and STM32Fx with Debugging
PART-3 : Mastering RTOS FreeRTOS and STM32Fx with DebuggingFastBit Embedded Brain Academy
 

Recomendados

Tremashark
TremasharkTremashark
TremasharkYasunobu Chiba
 
EBPF and Linux Networking
EBPF and Linux NetworkingEBPF and Linux Networking
EBPF and Linux NetworkingPLUMgrid
 
Kernel Recipes 2014 - NDIV: a low overhead network traffic diverter
Kernel Recipes 2014 - NDIV: a low overhead network traffic diverterKernel Recipes 2014 - NDIV: a low overhead network traffic diverter
Kernel Recipes 2014 - NDIV: a low overhead network traffic diverterAnne Nicolas
 
Pushing Packets - How do the ML2 Mechanism Drivers Stack Up
Pushing Packets - How do the ML2 Mechanism Drivers Stack UpPushing Packets - How do the ML2 Mechanism Drivers Stack Up
Pushing Packets - How do the ML2 Mechanism Drivers Stack UpJames Denton
 
DevOops - Lessons Learned from an OpenStack Network Architect
DevOops - Lessons Learned from an OpenStack Network ArchitectDevOops - Lessons Learned from an OpenStack Network Architect
DevOops - Lessons Learned from an OpenStack Network ArchitectJames Denton
 
Kernel Recipes 2013 - Nftables, what motivations and what solutions
Kernel Recipes 2013 - Nftables, what motivations and what solutionsKernel Recipes 2013 - Nftables, what motivations and what solutions
Kernel Recipes 2013 - Nftables, what motivations and what solutionsAnne Nicolas
 
Precision Time Synchronization
Precision Time SynchronizationPrecision Time Synchronization
Precision Time SynchronizationKrishna Sankar
 
PART-3 : Mastering RTOS FreeRTOS and STM32Fx with Debugging
PART-3 : Mastering RTOS FreeRTOS and STM32Fx with DebuggingPART-3 : Mastering RTOS FreeRTOS and STM32Fx with Debugging
PART-3 : Mastering RTOS FreeRTOS and STM32Fx with DebuggingFastBit Embedded Brain Academy
 
Ieee 1588 ptp
Ieee 1588 ptpIeee 1588 ptp
Ieee 1588 ptpTasuka Hsu
 
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/NeutronOverview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/Neutronvivekkonnect
 
IEEE1588-v2
IEEE1588-v2IEEE1588-v2
IEEE1588-v2Guider Lee
 
Real time data processing with kafla spark integration
Real time data processing with kafla spark integrationReal time data processing with kafla spark integration
Real time data processing with kafla spark integrationTCS
 
LF_DPDK17_Implementation and Testing of Soft Patch Panel
LF_DPDK17_Implementation and Testing of Soft Patch PanelLF_DPDK17_Implementation and Testing of Soft Patch Panel
LF_DPDK17_Implementation and Testing of Soft Patch PanelLF_DPDK
 
Troubleshooting Tracebacks
Troubleshooting TracebacksTroubleshooting Tracebacks
Troubleshooting TracebacksJames Denton
 
TLDK - FD.io Sept 2016
TLDK - FD.io Sept 2016 TLDK - FD.io Sept 2016
TLDK - FD.io Sept 2016 Benoit Hudzia
 
Pipeline Mechanism
Pipeline MechanismPipeline Mechanism
Pipeline MechanismAshik Iqbal
 
Userspace networking
Userspace networkingUserspace networking
Userspace networkingStephen Hemminger
 
Interface between kernel and user space
Interface between kernel and user spaceInterface between kernel and user space
Interface between kernel and user spaceSusant Sahani
 
Integrating Active Networking and Commercial-Grade Routing Platforms
Integrating Active Networking and Commercial-Grade Routing PlatformsIntegrating Active Networking and Commercial-Grade Routing Platforms
Integrating Active Networking and Commercial-Grade Routing PlatformsTal Lavian Ph.D.
 
FD.io - The Universal Dataplane
FD.io - The Universal DataplaneFD.io - The Universal Dataplane
FD.io - The Universal DataplaneOpen Networking Summit
 
Network Programming: Data Plane Development Kit (DPDK)
Network Programming: Data Plane Development Kit (DPDK)Network Programming: Data Plane Development Kit (DPDK)
Network Programming: Data Plane Development Kit (DPDK)Andriy Berestovskyy
 
Precision Time Protocol
Precision Time ProtocolPrecision Time Protocol
Precision Time ProtocolSteven Kreuzer
 
rtnetlink
rtnetlinkrtnetlink
rtnetlinkTaku Fukushima
 
pipelining and hazards occure in assembly language.
pipelining and hazards occure in assembly language.pipelining and hazards occure in assembly language.
pipelining and hazards occure in assembly language.Zohaib Arshid
 
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...Adam Dunkels
 
Danger of Proxy ARP in IX environment
Danger of Proxy ARP in IX environmentDanger of Proxy ARP in IX environment
Danger of Proxy ARP in IX environmentMaksym Tulyuk
 
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...Adam Dunkels
 
Concept of Pipelining
Concept of PipeliningConcept of Pipelining
Concept of PipeliningSHAKOOR AB
 
Mr201304 open flow_security_eng
Mr201304 open flow_security_engMr201304 open flow_security_eng
Mr201304 open flow_security_engFFRI, Inc.
 
SDN Controller - Programming Challenges
SDN Controller - Programming ChallengesSDN Controller - Programming Challenges
SDN Controller - Programming Challengessnrism
 

Más contenido relacionado

La actualidad más candente

Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/NeutronOverview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/Neutronvivekkonnect
 
Real time data processing with kafla spark integration
Real time data processing with kafla spark integrationReal time data processing with kafla spark integration
Real time data processing with kafla spark integrationTCS
 
LF_DPDK17_Implementation and Testing of Soft Patch Panel
LF_DPDK17_Implementation and Testing of Soft Patch PanelLF_DPDK17_Implementation and Testing of Soft Patch Panel
LF_DPDK17_Implementation and Testing of Soft Patch PanelLF_DPDK
 
Troubleshooting Tracebacks
Troubleshooting TracebacksTroubleshooting Tracebacks
Troubleshooting TracebacksJames Denton
 
TLDK - FD.io Sept 2016
TLDK - FD.io Sept 2016 TLDK - FD.io Sept 2016
TLDK - FD.io Sept 2016 Benoit Hudzia
 
Pipeline Mechanism
Pipeline MechanismPipeline Mechanism
Pipeline MechanismAshik Iqbal
 
Interface between kernel and user space
Interface between kernel and user spaceInterface between kernel and user space
Interface between kernel and user spaceSusant Sahani
 
Integrating Active Networking and Commercial-Grade Routing Platforms
Integrating Active Networking and Commercial-Grade Routing PlatformsIntegrating Active Networking and Commercial-Grade Routing Platforms
Integrating Active Networking and Commercial-Grade Routing PlatformsTal Lavian Ph.D.
 
Network Programming: Data Plane Development Kit (DPDK)
Network Programming: Data Plane Development Kit (DPDK)Network Programming: Data Plane Development Kit (DPDK)
Network Programming: Data Plane Development Kit (DPDK)Andriy Berestovskyy
 
Precision Time Protocol
Precision Time ProtocolPrecision Time Protocol
Precision Time ProtocolSteven Kreuzer
 
pipelining and hazards occure in assembly language.
pipelining and hazards occure in assembly language.pipelining and hazards occure in assembly language.
pipelining and hazards occure in assembly language.Zohaib Arshid
 
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...Adam Dunkels
 
Danger of Proxy ARP in IX environment
Danger of Proxy ARP in IX environmentDanger of Proxy ARP in IX environment
Danger of Proxy ARP in IX environmentMaksym Tulyuk
 
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...Adam Dunkels
 
Concept of Pipelining
Concept of PipeliningConcept of Pipelining
Concept of PipeliningSHAKOOR AB
 

La actualidad más candente (20)

Ieee 1588 ptp
Ieee 1588 ptpIeee 1588 ptp
Ieee 1588 ptp
 
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/NeutronOverview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
 
IEEE1588-v2
IEEE1588-v2IEEE1588-v2
IEEE1588-v2
 
Real time data processing with kafla spark integration
Real time data processing with kafla spark integrationReal time data processing with kafla spark integration
Real time data processing with kafla spark integration
 
LF_DPDK17_Implementation and Testing of Soft Patch Panel
LF_DPDK17_Implementation and Testing of Soft Patch PanelLF_DPDK17_Implementation and Testing of Soft Patch Panel
LF_DPDK17_Implementation and Testing of Soft Patch Panel
 
Troubleshooting Tracebacks
Troubleshooting TracebacksTroubleshooting Tracebacks
Troubleshooting Tracebacks
 
TLDK - FD.io Sept 2016
TLDK - FD.io Sept 2016 TLDK - FD.io Sept 2016
TLDK - FD.io Sept 2016
 
Pipeline Mechanism
Pipeline MechanismPipeline Mechanism
Pipeline Mechanism
 
Userspace networking
Userspace networkingUserspace networking
Userspace networking
 
Interface between kernel and user space
Interface between kernel and user spaceInterface between kernel and user space
Interface between kernel and user space
 
Integrating Active Networking and Commercial-Grade Routing Platforms
Integrating Active Networking and Commercial-Grade Routing PlatformsIntegrating Active Networking and Commercial-Grade Routing Platforms
Integrating Active Networking and Commercial-Grade Routing Platforms
 
FD.io - The Universal Dataplane
FD.io - The Universal DataplaneFD.io - The Universal Dataplane
FD.io - The Universal Dataplane
 
Network Programming: Data Plane Development Kit (DPDK)
Network Programming: Data Plane Development Kit (DPDK)Network Programming: Data Plane Development Kit (DPDK)
Network Programming: Data Plane Development Kit (DPDK)
 
Precision Time Protocol
Precision Time ProtocolPrecision Time Protocol
Precision Time Protocol
 
rtnetlink
rtnetlinkrtnetlink
rtnetlink
 
pipelining and hazards occure in assembly language.
pipelining and hazards occure in assembly language.pipelining and hazards occure in assembly language.
pipelining and hazards occure in assembly language.
 
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
 
Danger of Proxy ARP in IX environment
Danger of Proxy ARP in IX environmentDanger of Proxy ARP in IX environment
Danger of Proxy ARP in IX environment
 
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
 
Concept of Pipelining
Concept of PipeliningConcept of Pipelining
Concept of Pipelining
 

Similar a Developing production OpenFlow controller with Trema

Mr201304 open flow_security_eng
Mr201304 open flow_security_engMr201304 open flow_security_eng
Mr201304 open flow_security_engFFRI, Inc.
 
SDN Controller - Programming Challenges
SDN Controller - Programming ChallengesSDN Controller - Programming Challenges
SDN Controller - Programming Challengessnrism
 
OpenStack Neutron Dragonflow l3 SDNmeetup
OpenStack Neutron Dragonflow l3 SDNmeetupOpenStack Neutron Dragonflow l3 SDNmeetup
OpenStack Neutron Dragonflow l3 SDNmeetupEran Gampel
 
Tempest scenariotests 20140512
Tempest scenariotests 20140512Tempest scenariotests 20140512
Tempest scenariotests 20140512Masayuki Igawa
 
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...Introduction to Software Defined Networking (SDN) presentation by Warren Finc...
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...APNIC
 
Hands on with CoAP and Californium
Hands on with CoAP and CaliforniumHands on with CoAP and Californium
Hands on with CoAP and CaliforniumJulien Vermillard
 
btNOG 9 presentation Introduction to Software Defined Networking
btNOG 9 presentation Introduction to Software Defined NetworkingbtNOG 9 presentation Introduction to Software Defined Networking
btNOG 9 presentation Introduction to Software Defined NetworkingAPNIC
 
Ebs performance tuning session feb 13 2013---Presented by Oracle
Ebs performance tuning session feb 13 2013---Presented by OracleEbs performance tuning session feb 13 2013---Presented by Oracle
Ebs performance tuning session feb 13 2013---Presented by OracleAkash Pramanik
 
OSDC 2014: Yves Fauser - OpenStack Networking (Neutron) - Overview of network...
OSDC 2014: Yves Fauser - OpenStack Networking (Neutron) - Overview of network...OSDC 2014: Yves Fauser - OpenStack Networking (Neutron) - Overview of network...
OSDC 2014: Yves Fauser - OpenStack Networking (Neutron) - Overview of network...NETWAYS
 
Osdc2014 openstack networking yves_fauser
Osdc2014 openstack networking yves_fauserOsdc2014 openstack networking yves_fauser
Osdc2014 openstack networking yves_fauseryfauser
 
Container Orchestration from Theory to Practice
Container Orchestration from Theory to PracticeContainer Orchestration from Theory to Practice
Container Orchestration from Theory to PracticeDocker, Inc.
 
CampusSDN2017 - Jawdat: SDN Technology Evolvement
CampusSDN2017 - Jawdat: SDN Technology EvolvementCampusSDN2017 - Jawdat: SDN Technology Evolvement
CampusSDN2017 - Jawdat: SDN Technology EvolvementJawdatTI
 
Open Source XMPP for Cloud Services
Open Source XMPP for Cloud ServicesOpen Source XMPP for Cloud Services
Open Source XMPP for Cloud Servicesmattjive
 
Creating Real-Time Data Streaming powered by SQL on Kubernetes - Albert Lewan...
Creating Real-Time Data Streaming powered by SQL on Kubernetes - Albert Lewan...Creating Real-Time Data Streaming powered by SQL on Kubernetes - Albert Lewan...
Creating Real-Time Data Streaming powered by SQL on Kubernetes - Albert Lewan...GetInData
 
Introduction to Apache Apex
Introduction to Apache ApexIntroduction to Apache Apex
Introduction to Apache ApexApache Apex
 
FlowER Erlang Openflow Controller
FlowER Erlang Openflow ControllerFlowER Erlang Openflow Controller
FlowER Erlang Openflow ControllerHolger Winkelmann
 
Container orchestration from theory to practice
Container orchestration from theory to practiceContainer orchestration from theory to practice
Container orchestration from theory to practiceDocker, Inc.
 
Implementing MPLS Services using Openflow
Implementing MPLS Services using OpenflowImplementing MPLS Services using Openflow
Implementing MPLS Services using OpenflowAPNIC
 

Similar a Developing production OpenFlow controller with Trema (20)

Mr201304 open flow_security_eng
Mr201304 open flow_security_engMr201304 open flow_security_eng
Mr201304 open flow_security_eng
 
SDN Controller - Programming Challenges
SDN Controller - Programming ChallengesSDN Controller - Programming Challenges
SDN Controller - Programming Challenges
 
OpenStack Neutron Dragonflow l3 SDNmeetup
OpenStack Neutron Dragonflow l3 SDNmeetupOpenStack Neutron Dragonflow l3 SDNmeetup
OpenStack Neutron Dragonflow l3 SDNmeetup
 
Tempest scenariotests 20140512
Tempest scenariotests 20140512Tempest scenariotests 20140512
Tempest scenariotests 20140512
 
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...Introduction to Software Defined Networking (SDN) presentation by Warren Finc...
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...
 
Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)
 
Hands on with CoAP and Californium
Hands on with CoAP and CaliforniumHands on with CoAP and Californium
Hands on with CoAP and Californium
 
btNOG 9 presentation Introduction to Software Defined Networking
btNOG 9 presentation Introduction to Software Defined NetworkingbtNOG 9 presentation Introduction to Software Defined Networking
btNOG 9 presentation Introduction to Software Defined Networking
 
Ebs performance tuning session feb 13 2013---Presented by Oracle
Ebs performance tuning session feb 13 2013---Presented by OracleEbs performance tuning session feb 13 2013---Presented by Oracle
Ebs performance tuning session feb 13 2013---Presented by Oracle
 
OSDC 2014: Yves Fauser - OpenStack Networking (Neutron) - Overview of network...
OSDC 2014: Yves Fauser - OpenStack Networking (Neutron) - Overview of network...OSDC 2014: Yves Fauser - OpenStack Networking (Neutron) - Overview of network...
OSDC 2014: Yves Fauser - OpenStack Networking (Neutron) - Overview of network...
 
Osdc2014 openstack networking yves_fauser
Osdc2014 openstack networking yves_fauserOsdc2014 openstack networking yves_fauser
Osdc2014 openstack networking yves_fauser
 
Container Orchestration from Theory to Practice
Container Orchestration from Theory to PracticeContainer Orchestration from Theory to Practice
Container Orchestration from Theory to Practice
 
CampusSDN2017 - Jawdat: SDN Technology Evolvement
CampusSDN2017 - Jawdat: SDN Technology EvolvementCampusSDN2017 - Jawdat: SDN Technology Evolvement
CampusSDN2017 - Jawdat: SDN Technology Evolvement
 
Open Source XMPP for Cloud Services
Open Source XMPP for Cloud ServicesOpen Source XMPP for Cloud Services
Open Source XMPP for Cloud Services
 
Creating Real-Time Data Streaming powered by SQL on Kubernetes - Albert Lewan...
Creating Real-Time Data Streaming powered by SQL on Kubernetes - Albert Lewan...Creating Real-Time Data Streaming powered by SQL on Kubernetes - Albert Lewan...
Creating Real-Time Data Streaming powered by SQL on Kubernetes - Albert Lewan...
 
ECI OpenFlow 2.0 the Future of SDN
ECI OpenFlow 2.0 the Future of SDN ECI OpenFlow 2.0 the Future of SDN
ECI OpenFlow 2.0 the Future of SDN
 
Introduction to Apache Apex
Introduction to Apache ApexIntroduction to Apache Apex
Introduction to Apache Apex
 
FlowER Erlang Openflow Controller
FlowER Erlang Openflow ControllerFlowER Erlang Openflow Controller
FlowER Erlang Openflow Controller
 
Container orchestration from theory to practice
Container orchestration from theory to practiceContainer orchestration from theory to practice
Container orchestration from theory to practice
 
Implementing MPLS Services using Openflow
Implementing MPLS Services using OpenflowImplementing MPLS Services using Openflow
Implementing MPLS Services using Openflow
 

Último

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 

Último (20)

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 

Developing production OpenFlow controller with Trema

  • 1. Developing production OpenFlow controller with Trema Apr. 20, 2013 Yasunobu Chiba Part-time developer, Trema Project Copyright (C) 2013 NEC Corporation
  • 2. Agenda • Provide tips and typical mistakes when developing OpenFlow controller with Trema C library • Explain a production OpenFlow controller development use case Copyright (C) 2013 NEC Corporation
  • 3. THINGS TO KNOW ABOUT OPENFLOW AND TREMA BEFORE DEVELOPING OPENFLOW CONTROLLER Copyright (C) 2013 NEC Corporation
  • 4. Trema is not an OpenFlow controller • Trema is a programming framework and just a building block for implementing OpenFlow controllers • You may use any other building blocks as well as Trema – For high availability, scalability, network protocol support, and etc. Copyright (C) 2013 NEC Corporation
  • 5. OpenFlow switch is not a database • OpenFlow switch is not a database and does not have ACID properties • Error messages are returned from switch asynchronously • Send a Barrier Request to complete a previously sent Flow Mod (or any other) operation • See and reuse Transaction Manager: – https://github.com/trema/apps/tree/master/transacti on_manager Copyright (C) 2013 NEC Corporation
  • 6. Asynchronous events happen before features request/reply exchange • You may receive asynchronous OpenFlow events such as Packet-In from unknown switches that features reply has not been received • In Trema, Switch Ready event is triggered when a features reply is received Copyright (C) 2013 NEC Corporation
  • 7. send_openflow_message() does not send message actually • send_openflow_message() just pushes a given message to an appropriate send queue • The send queue is automatically flushed inside the main loop • Message ordering is NOT guaranteed among switches Copyright (C) 2013 NEC Corporation
  • 8. libtrema is not fully thread-safe • The followings may be thread-safe but not guaranteed for all functions – buffer, doubly linked list, hash, linked list, log, match table, OpenFlow message, packet info, packet parser, stat, utility, wrapper • OpenFlow application interface is NOT thread- safe • Call send_openflow_message() from the main thread that trema_run() is running Copyright (C) 2013 NEC Corporation
  • 9. Length of send queue is limited • The maximum length of send queue (for sending OpenFlow messages) is limited and fixed • send_openflow_message() may return false if the send queue is full Copyright (C) 2013 NEC Corporation
  • 10. Do not call flush_messenger() • flush_messenger() flushes all send queues and receive queues immediately and synchronously • Calling it in an OpenFlow event handler may recursively call the event handler! • Call only if you known how it works very well Copyright (C) 2013 NEC Corporation
  • 11. start_trema() may call fork(2) • start_trema() calls fork(2) if your controller is to be daemonized • Use caution if you call functions that may be affected by fork(2) Copyright (C) 2013 NEC Corporation
  • 12. CONTROLLER DEVELOPMENT USE CASE Copyright (C) 2013 NEC Corporation
  • 13. Requirements • Functional Requirements – Manage association among virtual networks (based on non-OpenFlow technology) and switch ports – Associate a switch port with MAC addresses located on the switch port – All operations above can be done via REST interface • Non-functional Requirements – 1K+ switches must be handled – 10K+ active virtual networks must be managed – 10K+ end hosts must be connected to virtual networks Copyright (C) 2013 NEC Corporation
  • 14. Requirements – cont’d Copyright (C) 2013 NEC Corporation Switch #1 Switch #2 Switch #3 Switch #X Virtual Network #N Virtual Network #2 Virtual Network #1 10,000+ Active Virtual Networks 1,000+ Switches 10,000+ End Hosts Physical Network Virtual Networks
  • 15. Design • Load balancer + three-tiered architecture + α Copyright (C) 2013 NEC Corporation Dispatcher (Load Balancer) Worker Worker Worker Backend Database Configuration Interface External Application OpenFlow Switch REST OpenFlow + REST OpenFlow + REST
  • 16. Implementation Copyright (C) 2013 NEC Corporation REST I/FController Cluster OpenFlow Load Balancer (LVS) Virtual Network Manager Virtual Network Manager Virtual Network Manager Configuration Frontend Configuration Frontend Configuration Frontend REST Interface Load Balancer (LVS) Backend DB (MySQL) Watchdog Trema Trema Trema OpenFlow Virtual Network Agent REST VM Legacy Network OpenFlow Switch REST OpenFlow VXLAN Tunnel End-Point Virtual Networks Legacy L2/L3 Network VM Legacy Network Virtual Network Agent OpenFlow Switch VXLAN Tunnel End-Point
  • 17. Evaluation setup Copyright (C) 2013 NEC Corporation Vnet Manager + Config. Frontend #1 Vnet Manager + Config. Frontend #2 Vnet Manager + Config. Frontend #N Backend DB Load Balancer eth0 eth0 eth0 eth0 eth1 eth2 eth2 eth2 eth2 Database Network192.168.17.0/24 192.168.16.1 192.168.16.2 192.168.16.N 192.168.48.16 192.168.17.64 192.168.17.1 192.168.17.2 192.168.17.N 192.168.16.254 eth1 80/tcp 6633/tcp REST Client eth1 eth1 eth1 InternalControlNetwork192.168.16.0/24 192.168.64.17 192.168.64.18 192.168.64.19 192.168.64.16 eth0 ManagementNetwork192.168.64.0/20 192.168.64.(17+N) ControlandData Network192.168.48.0/20 eth0 - 192.168.65.1 VXLAN TEP Vnet Agent VM Host #1 Open vSwitch hp001 sp001 eth1 - 192.168.49.1 hp128 sp128 hp002 sp002 eth0 - 192.168.65.N VXLAN TEP Vnet Agent VM Host #N Open vSwitch hp001 sp001 eth1 - 192.168.49.N hp128 sp128 hp002 sp002 192.168.63.253
  • 18. Evaluation items and results • # of switches that can be managed – 410 - 412 switches per a single Virtual Network Manager were connected and initialized properly • Switch daemons were not able to run due to insufficient memory (system memory was 2 GB) – 1024 switches were connected and initialized with three Virtual Network Managers Copyright (C) 2013 NEC Corporation
  • 19. Evaluation items and results • # of virtual networks that can be managed – 16384 virtual networks that have 8 ports (hosts) each were successfully created with 1024 switches and three Virtual Network Managers • Virtual network setup time – Setup time did not increase even if we have a number of virtual networks – Database access time was constant and a minor factor Copyright (C) 2013 NEC Corporation
  • 20. To be continued… Copyright (C) 2013 NEC Corporation