SlideShare una empresa de Scribd logo

CloudStack and SDN

Descargar como PPT, PDF
Sebastien Goasguen
Sebastien Goasguen

Software Defined Networking is seeing a lot of momentum these days. With server virtualization solving the virtual machines problem, and large scale object storage solving the distributed storage challenge, SDN is seen as key in virtual networking. In this talk we don't try to define SDN but rather dive straight into what in our opinion is the core enabled of SDN: the virtual switch OVS. OVS can help manage VLAN for guest network isolation, it can re-route any traffic at L2-L4 by keeping forwarding tables controlled by a remote controller (Openfow controller). We show these few OVS capabilities and highlight how they are used in CloudStack and Xen. Xen Summit presentation of CloudStack and Software Defined Networks. OpenVswitch is the default bridge in Xen and supported in XenServer and Xen Cloud Platform

Tecnología
1 de 36
Xen*, SDN and Apache Cloudstack Sebastien Goasguen, Apache CloudStack Citrix EMEA August 28th 2012 Xen Summit
Outline • A bit about CloudStack • A bit about SDN • A bit about OpenVswitch • Some bits about “SDN” in CloudStack • Slides are on slideshare for download: http://www.slideshare.net/sebastiengoasguen/ cloudstack-and-sdn
Apache CloudStack • IaaS solution to build a • Java application private/public cloud • Ant build but moving to • Hypervisor agnostic: maven (via new – Xen, XS, XCP contributor) – KVM – VMware • Object store support • First Apache release 4.0 – Swift coming Sept 26th – Upcoming support from Caringo • EC2/S3 compatibility
Participating in CloudStack • Apache incubator project • http://www.cloudstack.org • #cloudstack on irc.freenode.net • @CloudStack on Twitter • http://cloudstack.org/discuss/mailing-lists.html Welcoming contributions and feedback, Join the fun !
A Very Flexible IaaS Platform Compute Hypervisor Storage Block & Object Primary Storage Secondary Storage Network Network & Network Services http://www.slideshare.net/cloudstack/cloudstack-architecture
NaaS ? • “Cloud Servers” – On-demand, Elastic, Measured server provisioning • Cloud Storage – Scalable/fault tolerant storage with object stores • Cloud Networks – How to do on-demand, elastic, measured networking provisioning ? – How to program the network ?
A very extensive API • CloudStack orchestrates your network: – Provisioning – Configuration – Updates • For multi-tenants isolation • Using hardware and software devices • At scale: O(10^4) Hyp, O(10^5) VMs…
Software Defined Networking • Enable innovation, experimentation, optimization and customization of networks • Move control of the network to software. i.e Programmable network • Virtualize the network • Vendor-agnostic, standard protocol for control: OpenFlow
OpenFlow • Leading SDN protocol • Decouples control and data plane by giving a controller the ability to install flow rules on switches. • Hardware or software • Google achieved 95% switches can use utilization of WAN OpenFlow backbone by using SDN • Spec driven by ONF
OpenFlow • OpenFlow rules can drop, rewrite, forward packets Rule Action Stats Packet + byte counters 1. Forward packet to port(s) 2. Encapsulate and forward to controller 3. Drop packet 4. Send to normal processing pipeline Switch MAC MAC Eth VLAN IP IP IP TCP TCP Port src dst type ID Src Dst Prot sport dport Diagram Src: http://www.openflow.org/wp/documents/ August 28, 2012 10
OF Controllers • Several controllers out there (NOX, POX,Trema…) • Floodlight from Big Switch. Apache license
OpenVSwitch • “Open vSwitch is a production quality, multilayer virtual switch licensed under the open source Apache 2.0 license. It is designed to enable the massive network automation through programmatic extension…”
OpenVSwitch • Default bridge in XenServer and XCP • Supported in Xen but not integrated in toolstack • Enables: – VLAN tagging – Rate limiting – GRE tunnels – OpenFlow controller – … • High Performance ( http://networkheresy.com/category/
e.g OVS rate limiting • Can enforce QoS with rate limiting controls • ovs-vsctl set Interface tap0 ingress_policing_rate=1000 • ovs-vsctl set Interface tap0 ingress_policing_burst=100
e.g OVS VLAN tagging • ovs-vsctl add-br br0 • ovs-vsctl add-port br0 eth0 • ovs-vsctl add-port br0 tap0 tag=1 • ovs-vsctl add-port br0 tap1 tag=2 • Complement on host2…
e.g OVS and GRE tunnels • No Cookbook on OVS page • ovs-vsctl add-port br1 gre1 -- set interface gre1 type=gre options:remote_ip=192.168.1.152
OVS and Openflow • Point OVS switches to an OF controller: $ovs_vsctl set-controller br0 tcp 192.168.1.33:6633 • Install rules on switch –Proactively (before any packet flows) –Reactively (unknown packets forwarded to controller, who pushes flow mod on switch, then operates at line rate) • Can do SDN with OpenFLOW but also with straight up OVS and managing mappings/rules in CloudStack db.
OpenNebula • Supports VLAN tagging and rate limiting through “hooks” that call ovs_vsctl • Scripts executed on an hypervisor before a VM is launched • Potentially also executed after VM shutdown for cleanup • Also supports OpenFlow
CloudStack Nicira Support • https://cwiki.apache.or g/confluence/display/CL OUDSTACK/Feature+Nic ira+NVP+integration • By Hugo Trippaers, Schuberg Philis
API key to customization of the network • You dream it, CloudStack orchestrates it 
Terminology Zone: Availability zone, aka Regions. Could be worldwide. Different data centers Pods: Racks or aisles in a data center Clusters: Group of machines with a common type of Hypervisor Host: A Single server Primary Storage: Shared storage across a cluster Secondary Storage: Shared storage in a single Zone
Physical Network Operations Users Admin and Cloud API CloudStack Mgmt Server Cluster Router MySQL Load Balancer Availability Zone L3 Core Switch Access Layer Switches … Secondary Servers Storage … … … … Pod 1 Pod 2 Pod 3 Pod N Slide from Chiradeep Vittal, http://www.slideshare.net/cloudstack/cloudstack-networking
Layer-2 Guest Virtual Network 1 VLAN per guest network CS Virtual Router provides Network Services External Devices provide Network Services Network Hardware exposing API can be controlled Guest Virtual Network 10.1.1.1/8 Guest Virtual Network 10.1.1.1/8 VLAN 100 VLAN 100 Public Public Network/Inter Network/Inter net net Guest Guest Private IP VM 1 Public IP 10.1.1.1 VM 1 10.1.1.1 10.1.1.111 Gateway 65.37.141.11 Juniper Public IP 1 SRX address 65.37.141.11 CS Firewall 10.1.1.1 Guest Guest Virtual 10.1.1.3 VM 2 10.1.1.3 VM 2 Router Public IP Private IP DHCP, DNS 65.37.141. 10.1.1.112 NetScaler NAT 112 Guest Load Guest Load Balancing 10.1.1.4 VM 3 Blancer 10.1.1.4 VM 3 VPN Guest Guest 10.1.1.5 VM 4 10.1.1.5 VM 4 CS DHCP, Virtual Router DNS Slide from Chiradeep Vittal, http://www.slideshare.net/cloudstack/cloudstack-networking
Opportunity for Xen • Opportunity to create highly specialized networking services appliances using – OpenMirage VMs – HalVM • See talks in Monday’s session
Networking challenges in a private Cloud • Multi-tenants on hypervisors => isolation between guest networks • VLANs in the datacenter is hard and limit at 4096 VLANs. • Hardware switches may not do it very well or have a lower limit
Networking trend • Move to software switches • Move to L3 isolation • Use tunnels between OVS (GRE tech preview) • Program the network through API • Encapsulation virtualizes the network, between overlays on overlays on overlays.. • L3 on L2 on GRE on L3 on L2… • Then you bring the WAN and you have: • L3 on L2 on GRE on L3 on L2 on GRE on L3 on L2 ….Euhhhh !!!
Back of the enveloppe • ~10,000 hypervisors in your data center • ~100,000 VMs – x10 or x100 if you use HalVM or Openmirage.org  • (10,000*9,999)/2 tunnels for a full mesh – 50x10^6 tunnels to keep track of ?
Slide from Chiradeep Vittal Layer 3 cloud networking Web Web DB DB Web Web VM VM VM VM VM VM Web DB Security Security Group Group Web Web Web Web DB DB VM VM VM VM VM VM … … … Web Web Web Web VM VM VM VM Ingress Rule: Allow VMs in Web Security Group access to VMs in DB Security Group on Port 3306
L3 isolation with distributed firewalls Tenant 10.1.0.2 Public Public IP address 1 VM 1 Internet 65.37.141.11 65.37.141.24 65.37.141.36 10.1.0.1 Pod 1 L2 Tenant 10.1.0.3 65.37.141.80 Switch 2 VM 1 Tenant 10.1.0.4 1 VM 2 L3 Core Pod 2 L2 Switch 10.1.8.1 … 10.1.16.1 Load Pod 3 L2 Balancer Switch … Slide from Chiradeep Vittal
L3 isolation with distributed firewalls Tenant 10.1.0.2 Public Public IP address 1 VM 1 Internet 65.37.141.11 65.37.141.24 65.37.141.36 10.1.0.1 Pod 1 L2 Tenant 10.1.0.3 65.37.141.80 Switch 2 VM 1 Tenant 10.1.0.4 1 VM 2 L3 Core Pod 2 L2 Switch 10.1.8.1 … 10.1.16.1 Load Pod 3 L2 Balancer Switch … Tenant 1 VM 3 10.1.16.47 Tenant 10.1.16.85 1 VM 4 Slide from Chiradeep Vittal
L3 isolation with distributed firewalls Tenant 10.1.0.2 Public Public IP address 1 VM 1 Internet 65.37.141.11 65.37.141.24 65.37.141.36 10.1.0.1 Pod 1 L2 Tenant 10.1.0.3 65.37.141.80 Switch 2 VM 1 Tenant 10.1.0.4 1 VM 2 L3 Core Pod 2 L2 Switch 10.1.8.1 … Tenant 10.1.16.12 10.1.16.1 2 VM 2 Load Pod 3 L2 Balancer Switch Tenant 2 VM 3 10.1.16.21 … Tenant 1 VM 3 10.1.16.47 Tenant 10.1.16.85 1 VM 4 Slide from Chiradeep Vittal
A Million Firewalls? VM VM VM VM … VM VM VM VM … … … VM VM VM VM … VM VM VM VM VM VM VM VMVM VM VM VM VM VM VM VM VMVM VM VM VM VM … VM VM VM VM … … … VM VM VM VM … VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VMVM VM … … VM VM VM VM … … VM VM VM … VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM … VM VM VM VM … … … VM VM VM VM … VM VM VM VM VM VM VMVM VM VM VM VM VM VM VM VM VMVM VM VM VM VM … VM VM VM VM … … … VM VM VM VM … VM VM VM VM VM VM VM VM VM VM VMVM VM VM VM VM VM VM … VM VM VM VM … VM VM VM VM … VM VM VM … VM VM … VM … VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM … … VM VM VM VM … … VM VM VM … VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM … VM VM VM VM … … … VM VM VM VM … VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM Slide from Chiradeep Vittal
Problem: Manage the state of 100s of thousands of firewalls Solution: Well-known software scaling techniques •Message queues •Consistency tradeoffs •Idempotent configuration & retries CloudStack uses •special purpose queues •optimized for large security groups •eventual consistency for rule updates Slide from Chiradeep Vittal
Problem: Firewall (iptables) rules explosion on the host firewall Solution: Use ipsets: ipset –N web_sg iptreemap ipset –A web_sg 10.1.16.31 ipset –A web_sg 10.1.16.112 ipset –A web_sg 10.1.189.5 … ipset –A web_sg 10.21.9.77 -A FORWARD –p tcp –m tcp –dport 3060 –m set –match-set web_sg src -j ACCEPT Slide from Chiradeep Vittal
Conclusions • Programmable networking is here • Software switches are key enabler to network virtualization • Opens the door for scalable, on-demand, ephemeral networks • OVS is the default switch in Xen, and supported in XenServer and XenCP. • CloudStack implements highly scalable network structures and leverages OVS capabilities
Participating in CloudStack • Apache incubator project • http://www.cloudstack.org • #cloudstack on irc.freenode.net • @CloudStack on Twitter • http://cloudstack.org/discuss/mailing-lists.html Welcoming contributions and feedback, Join the fun !

Recomendados

Block Storage For VMs With Ceph
Block Storage For VMs With CephBlock Storage For VMs With Ceph
Block Storage For VMs With CephThe Linux Foundation
 
KVM High Availability Regardless of Storage - Gabriel Brascher, VP of Apache ...
KVM High Availability Regardless of Storage - Gabriel Brascher, VP of Apache ...KVM High Availability Regardless of Storage - Gabriel Brascher, VP of Apache ...
KVM High Availability Regardless of Storage - Gabriel Brascher, VP of Apache ...ShapeBlue
 
CloudStack Architecture
CloudStack ArchitectureCloudStack Architecture
CloudStack ArchitectureCloudStack - Open Source Cloud Computing Project
 
CloudStack Networking
CloudStack NetworkingCloudStack Networking
CloudStack NetworkingCloudStack - Open Source Cloud Computing Project
 
Cloud stack for_beginners
Cloud stack for_beginnersCloud stack for_beginners
Cloud stack for_beginnersRadhika Puthiyetath
 
OpenStack Cinder
OpenStack CinderOpenStack Cinder
OpenStack CinderDeepti Ramakrishna
 
Vxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 finalVxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 finalKwonSun Bae
 
Ceph Day Beijing - Ceph All-Flash Array Design Based on NUMA Architecture
Ceph Day Beijing - Ceph All-Flash Array Design Based on NUMA ArchitectureCeph Day Beijing - Ceph All-Flash Array Design Based on NUMA Architecture
Ceph Day Beijing - Ceph All-Flash Array Design Based on NUMA ArchitectureDanielle Womboldt
 

Recomendados

Block Storage For VMs With Ceph
Block Storage For VMs With CephBlock Storage For VMs With Ceph
Block Storage For VMs With CephThe Linux Foundation
 
KVM High Availability Regardless of Storage - Gabriel Brascher, VP of Apache ...
KVM High Availability Regardless of Storage - Gabriel Brascher, VP of Apache ...KVM High Availability Regardless of Storage - Gabriel Brascher, VP of Apache ...
KVM High Availability Regardless of Storage - Gabriel Brascher, VP of Apache ...ShapeBlue
 
CloudStack Architecture
CloudStack ArchitectureCloudStack Architecture
CloudStack ArchitectureCloudStack - Open Source Cloud Computing Project
 
CloudStack Networking
CloudStack NetworkingCloudStack Networking
CloudStack NetworkingCloudStack - Open Source Cloud Computing Project
 
Cloud stack for_beginners
Cloud stack for_beginnersCloud stack for_beginners
Cloud stack for_beginnersRadhika Puthiyetath
 
OpenStack Cinder
OpenStack CinderOpenStack Cinder
OpenStack CinderDeepti Ramakrishna
 
Vxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 finalVxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 finalKwonSun Bae
 
Ceph Day Beijing - Ceph All-Flash Array Design Based on NUMA Architecture
Ceph Day Beijing - Ceph All-Flash Array Design Based on NUMA ArchitectureCeph Day Beijing - Ceph All-Flash Array Design Based on NUMA Architecture
Ceph Day Beijing - Ceph All-Flash Array Design Based on NUMA ArchitectureDanielle Womboldt
 
Meshing OpenStack and Bare Metal Networks with EVPN - David Iles, Mellanox Te...
Meshing OpenStack and Bare Metal Networks with EVPN - David Iles, Mellanox Te...Meshing OpenStack and Bare Metal Networks with EVPN - David Iles, Mellanox Te...
Meshing OpenStack and Bare Metal Networks with EVPN - David Iles, Mellanox Te...OpenStack
 
VXLAN Integration with CloudStack Advanced Zone
VXLAN Integration with CloudStack Advanced ZoneVXLAN Integration with CloudStack Advanced Zone
VXLAN Integration with CloudStack Advanced ZoneYoshikazu Nojima
 
Argus Production Monitoring at Salesforce
Argus Production Monitoring at SalesforceArgus Production Monitoring at Salesforce
Argus Production Monitoring at SalesforceHBaseCon
 
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksVXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksAPNIC
 
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/NeutronOverview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/Neutronvivekkonnect
 
Openstack Neutron, interconnections with BGP/MPLS VPNs
Openstack Neutron, interconnections with BGP/MPLS VPNsOpenstack Neutron, interconnections with BGP/MPLS VPNs
Openstack Neutron, interconnections with BGP/MPLS VPNsThomas Morin
 
Introduction to CNI (Container Network Interface)
Introduction to CNI (Container Network Interface)Introduction to CNI (Container Network Interface)
Introduction to CNI (Container Network Interface)HungWei Chiu
 
Revisiting CephFS MDS and mClock QoS Scheduler
Revisiting CephFS MDS and mClock QoS SchedulerRevisiting CephFS MDS and mClock QoS Scheduler
Revisiting CephFS MDS and mClock QoS SchedulerYongseok Oh
 
SDN Architecture & Ecosystem
SDN Architecture & EcosystemSDN Architecture & Ecosystem
SDN Architecture & EcosystemKingston Smiler
 
Introduction to vxlan
Introduction to vxlanIntroduction to vxlan
Introduction to vxlanMohammed Umair
 
VXLAN
VXLANVXLAN
VXLANSAliyev1
 
464XLAT Tutorial
464XLAT Tutorial464XLAT Tutorial
464XLAT TutorialAPNIC
 
Deploying IPv6 on OpenStack
Deploying IPv6 on OpenStackDeploying IPv6 on OpenStack
Deploying IPv6 on OpenStackVietnam Open Infrastructure User Group
 
Large scale overlay networks with ovn: problems and solutions
Large scale overlay networks with ovn: problems and solutionsLarge scale overlay networks with ovn: problems and solutions
Large scale overlay networks with ovn: problems and solutionsHan Zhou
 
Why sdn
Why sdnWhy sdn
Why sdnlz1dsb
 
Ceph with CloudStack
Ceph with CloudStackCeph with CloudStack
Ceph with CloudStackShapeBlue
 
Ceph - A distributed storage system
Ceph - A distributed storage systemCeph - A distributed storage system
Ceph - A distributed storage systemItalo Santos
 
Introduction to OpenStack Cinder
Introduction to OpenStack CinderIntroduction to OpenStack Cinder
Introduction to OpenStack CinderSean McGinnis
 
Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...
Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...
Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...confluent
 
CloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and TroubleshootingCloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and TroubleshootingShapeBlue
 
SDN in CloudStack
SDN in CloudStackSDN in CloudStack
SDN in CloudStackbuildacloud
 
3.5 SDN CloudStack Developer Day
3.5 SDN CloudStack Developer Day3.5 SDN CloudStack Developer Day
3.5 SDN CloudStack Developer DayKimihiko Kitase
 

Más contenido relacionado

La actualidad más candente

Meshing OpenStack and Bare Metal Networks with EVPN - David Iles, Mellanox Te...
Meshing OpenStack and Bare Metal Networks with EVPN - David Iles, Mellanox Te...Meshing OpenStack and Bare Metal Networks with EVPN - David Iles, Mellanox Te...
Meshing OpenStack and Bare Metal Networks with EVPN - David Iles, Mellanox Te...OpenStack
 
VXLAN Integration with CloudStack Advanced Zone
VXLAN Integration with CloudStack Advanced ZoneVXLAN Integration with CloudStack Advanced Zone
VXLAN Integration with CloudStack Advanced ZoneYoshikazu Nojima
 
Argus Production Monitoring at Salesforce
Argus Production Monitoring at SalesforceArgus Production Monitoring at Salesforce
Argus Production Monitoring at SalesforceHBaseCon
 
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksVXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksAPNIC
 
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/NeutronOverview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/Neutronvivekkonnect
 
Openstack Neutron, interconnections with BGP/MPLS VPNs
Openstack Neutron, interconnections with BGP/MPLS VPNsOpenstack Neutron, interconnections with BGP/MPLS VPNs
Openstack Neutron, interconnections with BGP/MPLS VPNsThomas Morin
 
Introduction to CNI (Container Network Interface)
Introduction to CNI (Container Network Interface)Introduction to CNI (Container Network Interface)
Introduction to CNI (Container Network Interface)HungWei Chiu
 
Revisiting CephFS MDS and mClock QoS Scheduler
Revisiting CephFS MDS and mClock QoS SchedulerRevisiting CephFS MDS and mClock QoS Scheduler
Revisiting CephFS MDS and mClock QoS SchedulerYongseok Oh
 
SDN Architecture & Ecosystem
SDN Architecture & EcosystemSDN Architecture & Ecosystem
SDN Architecture & EcosystemKingston Smiler
 
464XLAT Tutorial
464XLAT Tutorial464XLAT Tutorial
464XLAT TutorialAPNIC
 
Large scale overlay networks with ovn: problems and solutions
Large scale overlay networks with ovn: problems and solutionsLarge scale overlay networks with ovn: problems and solutions
Large scale overlay networks with ovn: problems and solutionsHan Zhou
 
Why sdn
Why sdnWhy sdn
Why sdnlz1dsb
 
Ceph with CloudStack
Ceph with CloudStackCeph with CloudStack
Ceph with CloudStackShapeBlue
 
Ceph - A distributed storage system
Ceph - A distributed storage systemCeph - A distributed storage system
Ceph - A distributed storage systemItalo Santos
 
Introduction to OpenStack Cinder
Introduction to OpenStack CinderIntroduction to OpenStack Cinder
Introduction to OpenStack CinderSean McGinnis
 
Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...
Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...
Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...confluent
 
CloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and TroubleshootingCloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and TroubleshootingShapeBlue
 

La actualidad más candente (20)

Meshing OpenStack and Bare Metal Networks with EVPN - David Iles, Mellanox Te...
Meshing OpenStack and Bare Metal Networks with EVPN - David Iles, Mellanox Te...Meshing OpenStack and Bare Metal Networks with EVPN - David Iles, Mellanox Te...
Meshing OpenStack and Bare Metal Networks with EVPN - David Iles, Mellanox Te...
 
VXLAN Integration with CloudStack Advanced Zone
VXLAN Integration with CloudStack Advanced ZoneVXLAN Integration with CloudStack Advanced Zone
VXLAN Integration with CloudStack Advanced Zone
 
Argus Production Monitoring at Salesforce
Argus Production Monitoring at SalesforceArgus Production Monitoring at Salesforce
Argus Production Monitoring at Salesforce
 
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksVXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building Blocks
 
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/NeutronOverview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
 
Openstack Neutron, interconnections with BGP/MPLS VPNs
Openstack Neutron, interconnections with BGP/MPLS VPNsOpenstack Neutron, interconnections with BGP/MPLS VPNs
Openstack Neutron, interconnections with BGP/MPLS VPNs
 
Introduction to CNI (Container Network Interface)
Introduction to CNI (Container Network Interface)Introduction to CNI (Container Network Interface)
Introduction to CNI (Container Network Interface)
 
Revisiting CephFS MDS and mClock QoS Scheduler
Revisiting CephFS MDS and mClock QoS SchedulerRevisiting CephFS MDS and mClock QoS Scheduler
Revisiting CephFS MDS and mClock QoS Scheduler
 
SDN Architecture & Ecosystem
SDN Architecture & EcosystemSDN Architecture & Ecosystem
SDN Architecture & Ecosystem
 
Introduction to vxlan
Introduction to vxlanIntroduction to vxlan
Introduction to vxlan
 
VXLAN
VXLANVXLAN
VXLAN
 
464XLAT Tutorial
464XLAT Tutorial464XLAT Tutorial
464XLAT Tutorial
 
Deploying IPv6 on OpenStack
Deploying IPv6 on OpenStackDeploying IPv6 on OpenStack
Deploying IPv6 on OpenStack
 
Large scale overlay networks with ovn: problems and solutions
Large scale overlay networks with ovn: problems and solutionsLarge scale overlay networks with ovn: problems and solutions
Large scale overlay networks with ovn: problems and solutions
 
Why sdn
Why sdnWhy sdn
Why sdn
 
Ceph with CloudStack
Ceph with CloudStackCeph with CloudStack
Ceph with CloudStack
 
Ceph - A distributed storage system
Ceph - A distributed storage systemCeph - A distributed storage system
Ceph - A distributed storage system
 
Introduction to OpenStack Cinder
Introduction to OpenStack CinderIntroduction to OpenStack Cinder
Introduction to OpenStack Cinder
 
Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...
Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...
Disaster Recovery with MirrorMaker 2.0 (Ryanne Dolan, Cloudera) Kafka Summit ...
 
CloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and TroubleshootingCloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and Troubleshooting
 

Destacado

SDN in CloudStack
SDN in CloudStackSDN in CloudStack
SDN in CloudStackbuildacloud
 
3.5 SDN CloudStack Developer Day
3.5 SDN CloudStack Developer Day3.5 SDN CloudStack Developer Day
3.5 SDN CloudStack Developer DayKimihiko Kitase
 
My virtual firewall
My virtual firewallMy virtual firewall
My virtual firewallBrian Drew
 
Adventures with acs and odl
Adventures with acs and odlAdventures with acs and odl
Adventures with acs and odlHugo Trippaers
 
Open stack with_openflowsdn-torii
Open stack with_openflowsdn-toriiOpen stack with_openflowsdn-torii
Open stack with_openflowsdn-toriiHui Cheng
 
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud Ajeet Singh
 
CloudStack EU user group making the digital possible
CloudStack EU user group making the digital possibleCloudStack EU user group making the digital possible
CloudStack EU user group making the digital possibleShapeBlue
 
CloudStack EU User Group - Making stuff better through CloudStack
CloudStack EU User Group - Making stuff better through CloudStackCloudStack EU User Group - Making stuff better through CloudStack
CloudStack EU User Group - Making stuff better through CloudStackShapeBlue
 
CloudStack NVP Integration - BACD
CloudStack NVP Integration - BACDCloudStack NVP Integration - BACD
CloudStack NVP Integration - BACDHugo Trippaers
 
CloudStack EU user group - fast SAP provisioning
CloudStack EU user group - fast SAP provisioningCloudStack EU user group - fast SAP provisioning
CloudStack EU user group - fast SAP provisioningShapeBlue
 
Ansible & CloudStack - Configuration Management
Ansible & CloudStack - Configuration ManagementAnsible & CloudStack - Configuration Management
Ansible & CloudStack - Configuration ManagementShapeBlue
 
Network Functions Virtualization and CloudStack
Network Functions Virtualization and CloudStackNetwork Functions Virtualization and CloudStack
Network Functions Virtualization and CloudStackChiradeep Vittal
 
How to configure cisco asa virtual firewall
How to configure cisco asa virtual firewallHow to configure cisco asa virtual firewall
How to configure cisco asa virtual firewallIT Tech
 
CloudStack Container Service
CloudStack Container ServiceCloudStack Container Service
CloudStack Container ServiceShapeBlue
 
CloudStack EU user group - CloudStack news
CloudStack EU user group - CloudStack newsCloudStack EU user group - CloudStack news
CloudStack EU user group - CloudStack newsShapeBlue
 
CloudStack EU user group - Trillian
CloudStack EU user group - TrillianCloudStack EU user group - Trillian
CloudStack EU user group - TrillianShapeBlue
 

Destacado (20)

SDN in CloudStack
SDN in CloudStackSDN in CloudStack
SDN in CloudStack
 
3.5 SDN CloudStack Developer Day
3.5 SDN CloudStack Developer Day3.5 SDN CloudStack Developer Day
3.5 SDN CloudStack Developer Day
 
CloudStack + SDN
CloudStack + SDNCloudStack + SDN
CloudStack + SDN
 
My virtual firewall
My virtual firewallMy virtual firewall
My virtual firewall
 
Adventures with acs and odl
Adventures with acs and odlAdventures with acs and odl
Adventures with acs and odl
 
Open stack with_openflowsdn-torii
Open stack with_openflowsdn-toriiOpen stack with_openflowsdn-torii
Open stack with_openflowsdn-torii
 
CloudStack Meetup - Introduction
CloudStack Meetup - IntroductionCloudStack Meetup - Introduction
CloudStack Meetup - Introduction
 
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
 
Towards a Reliable SDN Firewall
Towards a Reliable SDN FirewallTowards a Reliable SDN Firewall
Towards a Reliable SDN Firewall
 
CloudStack EU user group making the digital possible
CloudStack EU user group making the digital possibleCloudStack EU user group making the digital possible
CloudStack EU user group making the digital possible
 
CloudStack EU User Group - Making stuff better through CloudStack
CloudStack EU User Group - Making stuff better through CloudStackCloudStack EU User Group - Making stuff better through CloudStack
CloudStack EU User Group - Making stuff better through CloudStack
 
CloudStack NVP Integration - BACD
CloudStack NVP Integration - BACDCloudStack NVP Integration - BACD
CloudStack NVP Integration - BACD
 
CloudStack EU user group - fast SAP provisioning
CloudStack EU user group - fast SAP provisioningCloudStack EU user group - fast SAP provisioning
CloudStack EU user group - fast SAP provisioning
 
Virtual Firewall Management
Virtual Firewall ManagementVirtual Firewall Management
Virtual Firewall Management
 
Ansible & CloudStack - Configuration Management
Ansible & CloudStack - Configuration ManagementAnsible & CloudStack - Configuration Management
Ansible & CloudStack - Configuration Management
 
Network Functions Virtualization and CloudStack
Network Functions Virtualization and CloudStackNetwork Functions Virtualization and CloudStack
Network Functions Virtualization and CloudStack
 
How to configure cisco asa virtual firewall
How to configure cisco asa virtual firewallHow to configure cisco asa virtual firewall
How to configure cisco asa virtual firewall
 
CloudStack Container Service
CloudStack Container ServiceCloudStack Container Service
CloudStack Container Service
 
CloudStack EU user group - CloudStack news
CloudStack EU user group - CloudStack newsCloudStack EU user group - CloudStack news
CloudStack EU user group - CloudStack news
 
CloudStack EU user group - Trillian
CloudStack EU user group - TrillianCloudStack EU user group - Trillian
CloudStack EU user group - Trillian
 

Similar a CloudStack and SDN

Scalable networking in Apache CloudStack
Scalable networking in Apache CloudStackScalable networking in Apache CloudStack
Scalable networking in Apache CloudStackChiradeep Vittal
 
OpenStack Networking and Automation
OpenStack Networking and AutomationOpenStack Networking and Automation
OpenStack Networking and AutomationAdam Johnson
 
Open stack networking_101_update_2014-os-meetups
Open stack networking_101_update_2014-os-meetupsOpen stack networking_101_update_2014-os-meetups
Open stack networking_101_update_2014-os-meetupsyfauser
 
Quantum - Virtual networks for Openstack
Quantum - Virtual networks for OpenstackQuantum - Virtual networks for Openstack
Quantum - Virtual networks for Openstacksalv_orlando
 
Quantum for Cloud Operators - Folsom Conference
Quantum for Cloud Operators - Folsom Conference Quantum for Cloud Operators - Folsom Conference
Quantum for Cloud Operators - Folsom Conference Dan Wendlandt
 
OpenStack 2012 fall summit observation - Quantum/SDN
OpenStack 2012 fall summit observation - Quantum/SDNOpenStack 2012 fall summit observation - Quantum/SDN
OpenStack 2012 fall summit observation - Quantum/SDNTe-Yen Liu
 
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...Dan Mihai Dumitriu
 
Quantum - The Network Mechanics
Quantum - The Network MechanicsQuantum - The Network Mechanics
Quantum - The Network MechanicsKiran Murari
 
Network virtualization with open stack quantum
Network virtualization with open stack quantumNetwork virtualization with open stack quantum
Network virtualization with open stack quantumMiguel Lavalle
 
Integrating OpenStack To Existing Infrastructure
Integrating OpenStack To Existing InfrastructureIntegrating OpenStack To Existing Infrastructure
Integrating OpenStack To Existing InfrastructureHui Cheng
 
CloudStack - LinuxFest NorthWest
CloudStack - LinuxFest NorthWestCloudStack - LinuxFest NorthWest
CloudStack - LinuxFest NorthWestke4qqq
 
Understanding and deploying Network Virtualization
Understanding and deploying Network VirtualizationUnderstanding and deploying Network Virtualization
Understanding and deploying Network VirtualizationSDN Hub
 
Network Multitenancy in Xen-Based Clouds-XPUS13 Vittal
Network Multitenancy in Xen-Based Clouds-XPUS13 VittalNetwork Multitenancy in Xen-Based Clouds-XPUS13 Vittal
Network Multitenancy in Xen-Based Clouds-XPUS13 VittalThe Linux Foundation
 
Quantum grizzly summit
Quantum grizzly summitQuantum grizzly summit
Quantum grizzly summitDan Wendlandt
 
Deploying Apache CloudStack from API to UI
Deploying Apache CloudStack from API to UIDeploying Apache CloudStack from API to UI
Deploying Apache CloudStack from API to UIJoe Brockmeier
 
Quantum PTL Update - Grizzly Summit.pptx
Quantum PTL Update - Grizzly Summit.pptxQuantum PTL Update - Grizzly Summit.pptx
Quantum PTL Update - Grizzly Summit.pptxOpenStack Foundation
 
Openstack Quantum yahoo meetup 1 23-13
Openstack Quantum yahoo meetup 1 23-13Openstack Quantum yahoo meetup 1 23-13
Openstack Quantum yahoo meetup 1 23-13Dan Wendlandt
 
Midokura OpenStack Meetup Taipei
Midokura OpenStack Meetup TaipeiMidokura OpenStack Meetup Taipei
Midokura OpenStack Meetup TaipeiDan Mihai Dumitriu
 

Similar a CloudStack and SDN (20)

Scalable networking in Apache CloudStack
Scalable networking in Apache CloudStackScalable networking in Apache CloudStack
Scalable networking in Apache CloudStack
 
OpenStack Networking and Automation
OpenStack Networking and AutomationOpenStack Networking and Automation
OpenStack Networking and Automation
 
Open stack networking_101_update_2014-os-meetups
Open stack networking_101_update_2014-os-meetupsOpen stack networking_101_update_2014-os-meetups
Open stack networking_101_update_2014-os-meetups
 
Quantum - Virtual networks for Openstack
Quantum - Virtual networks for OpenstackQuantum - Virtual networks for Openstack
Quantum - Virtual networks for Openstack
 
Quantum for Cloud Operators - Folsom Conference
Quantum for Cloud Operators - Folsom Conference Quantum for Cloud Operators - Folsom Conference
Quantum for Cloud Operators - Folsom Conference
 
OpenStack 2012 fall summit observation - Quantum/SDN
OpenStack 2012 fall summit observation - Quantum/SDNOpenStack 2012 fall summit observation - Quantum/SDN
OpenStack 2012 fall summit observation - Quantum/SDN
 
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
 
Quantum - The Network Mechanics
Quantum - The Network MechanicsQuantum - The Network Mechanics
Quantum - The Network Mechanics
 
OpenStack Quantum
OpenStack QuantumOpenStack Quantum
OpenStack Quantum
 
Network virtualization with open stack quantum
Network virtualization with open stack quantumNetwork virtualization with open stack quantum
Network virtualization with open stack quantum
 
Integrating OpenStack To Existing Infrastructure
Integrating OpenStack To Existing InfrastructureIntegrating OpenStack To Existing Infrastructure
Integrating OpenStack To Existing Infrastructure
 
Apache CloudStack from API to UI
Apache CloudStack from API to UIApache CloudStack from API to UI
Apache CloudStack from API to UI
 
CloudStack - LinuxFest NorthWest
CloudStack - LinuxFest NorthWestCloudStack - LinuxFest NorthWest
CloudStack - LinuxFest NorthWest
 
Understanding and deploying Network Virtualization
Understanding and deploying Network VirtualizationUnderstanding and deploying Network Virtualization
Understanding and deploying Network Virtualization
 
Network Multitenancy in Xen-Based Clouds-XPUS13 Vittal
Network Multitenancy in Xen-Based Clouds-XPUS13 VittalNetwork Multitenancy in Xen-Based Clouds-XPUS13 Vittal
Network Multitenancy in Xen-Based Clouds-XPUS13 Vittal
 
Quantum grizzly summit
Quantum grizzly summitQuantum grizzly summit
Quantum grizzly summit
 
Deploying Apache CloudStack from API to UI
Deploying Apache CloudStack from API to UIDeploying Apache CloudStack from API to UI
Deploying Apache CloudStack from API to UI
 
Quantum PTL Update - Grizzly Summit.pptx
Quantum PTL Update - Grizzly Summit.pptxQuantum PTL Update - Grizzly Summit.pptx
Quantum PTL Update - Grizzly Summit.pptx
 
Openstack Quantum yahoo meetup 1 23-13
Openstack Quantum yahoo meetup 1 23-13Openstack Quantum yahoo meetup 1 23-13
Openstack Quantum yahoo meetup 1 23-13
 
Midokura OpenStack Meetup Taipei
Midokura OpenStack Meetup TaipeiMidokura OpenStack Meetup Taipei
Midokura OpenStack Meetup Taipei
 

Más de Sebastien Goasguen

Kubernetes Native Serverless solution: Kubeless
Kubernetes Native Serverless solution: KubelessKubernetes Native Serverless solution: Kubeless
Kubernetes Native Serverless solution: KubelessSebastien Goasguen
 
On Docker and its use for LHC at CERN
On Docker and its use for LHC at CERNOn Docker and its use for LHC at CERN
On Docker and its use for LHC at CERNSebastien Goasguen
 
CloudStack Conference Public Clouds Use Cases
CloudStack Conference Public Clouds Use CasesCloudStack Conference Public Clouds Use Cases
CloudStack Conference Public Clouds Use CasesSebastien Goasguen
 
Kubernetes on CloudStack with coreOS
Kubernetes on CloudStack with coreOSKubernetes on CloudStack with coreOS
Kubernetes on CloudStack with coreOSSebastien Goasguen
 
Moving from Publican to Read The Docs
Moving from Publican to Read The DocsMoving from Publican to Read The Docs
Moving from Publican to Read The DocsSebastien Goasguen
 
SDN: Network Agility in the Cloud
SDN: Network Agility in the CloudSDN: Network Agility in the Cloud
SDN: Network Agility in the CloudSebastien Goasguen
 
CloudStack / Saltstack lightning talk at DevOps Amsterdam
CloudStack / Saltstack lightning talk at DevOps AmsterdamCloudStack / Saltstack lightning talk at DevOps Amsterdam
CloudStack / Saltstack lightning talk at DevOps AmsterdamSebastien Goasguen
 
Apache CloudStack Google Summer of Code
Apache CloudStack Google Summer of CodeApache CloudStack Google Summer of Code
Apache CloudStack Google Summer of CodeSebastien Goasguen
 

Más de Sebastien Goasguen (20)

Kubernetes Sealed secrets
Kubernetes Sealed secretsKubernetes Sealed secrets
Kubernetes Sealed secrets
 
Kubernetes Native Serverless solution: Kubeless
Kubernetes Native Serverless solution: KubelessKubernetes Native Serverless solution: Kubeless
Kubernetes Native Serverless solution: Kubeless
 
Serverless on Kubernetes
Serverless on KubernetesServerless on Kubernetes
Serverless on Kubernetes
 
Kubernetes kubecon-roundup
Kubernetes kubecon-roundupKubernetes kubecon-roundup
Kubernetes kubecon-roundup
 
Docker and CloudStack
Docker and CloudStackDocker and CloudStack
Docker and CloudStack
 
On Docker and its use for LHC at CERN
On Docker and its use for LHC at CERNOn Docker and its use for LHC at CERN
On Docker and its use for LHC at CERN
 
CloudStack Conference Public Clouds Use Cases
CloudStack Conference Public Clouds Use CasesCloudStack Conference Public Clouds Use Cases
CloudStack Conference Public Clouds Use Cases
 
Kubernetes on CloudStack with coreOS
Kubernetes on CloudStack with coreOSKubernetes on CloudStack with coreOS
Kubernetes on CloudStack with coreOS
 
Apache Libcloud
Apache LibcloudApache Libcloud
Apache Libcloud
 
Moving from Publican to Read The Docs
Moving from Publican to Read The DocsMoving from Publican to Read The Docs
Moving from Publican to Read The Docs
 
Cloud and Big Data trends
Cloud and Big Data trendsCloud and Big Data trends
Cloud and Big Data trends
 
SDN: Network Agility in the Cloud
SDN: Network Agility in the CloudSDN: Network Agility in the Cloud
SDN: Network Agility in the Cloud
 
Build a Cloud Day Paris
Build a Cloud Day ParisBuild a Cloud Day Paris
Build a Cloud Day Paris
 
CloudStack / Saltstack lightning talk at DevOps Amsterdam
CloudStack / Saltstack lightning talk at DevOps AmsterdamCloudStack / Saltstack lightning talk at DevOps Amsterdam
CloudStack / Saltstack lightning talk at DevOps Amsterdam
 
CloudStack Clients and Tools
CloudStack Clients and ToolsCloudStack Clients and Tools
CloudStack Clients and Tools
 
CloudMonkey
CloudMonkeyCloudMonkey
CloudMonkey
 
Intro to CloudStack API
Intro to CloudStack APIIntro to CloudStack API
Intro to CloudStack API
 
Apache CloudStack Google Summer of Code
Apache CloudStack Google Summer of CodeApache CloudStack Google Summer of Code
Apache CloudStack Google Summer of Code
 
DevCloud and CloudMonkey
DevCloud and CloudMonkeyDevCloud and CloudMonkey
DevCloud and CloudMonkey
 
Git 101 for CloudStack
Git 101 for CloudStackGit 101 for CloudStack
Git 101 for CloudStack
 

Último

Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 

Último (20)

Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 

CloudStack and SDN

  • 1. Xen*, SDN and Apache Cloudstack Sebastien Goasguen, Apache CloudStack Citrix EMEA August 28th 2012 Xen Summit
  • 2. Outline • A bit about CloudStack • A bit about SDN • A bit about OpenVswitch • Some bits about “SDN” in CloudStack • Slides are on slideshare for download: http://www.slideshare.net/sebastiengoasguen/ cloudstack-and-sdn
  • 3. Apache CloudStack • IaaS solution to build a • Java application private/public cloud • Ant build but moving to • Hypervisor agnostic: maven (via new – Xen, XS, XCP contributor) – KVM – VMware • Object store support • First Apache release 4.0 – Swift coming Sept 26th – Upcoming support from Caringo • EC2/S3 compatibility
  • 4. Participating in CloudStack • Apache incubator project • http://www.cloudstack.org • #cloudstack on irc.freenode.net • @CloudStack on Twitter • http://cloudstack.org/discuss/mailing-lists.html Welcoming contributions and feedback, Join the fun !
  • 5. A Very Flexible IaaS Platform Compute Hypervisor Storage Block & Object Primary Storage Secondary Storage Network Network & Network Services http://www.slideshare.net/cloudstack/cloudstack-architecture
  • 6. NaaS ? • “Cloud Servers” – On-demand, Elastic, Measured server provisioning • Cloud Storage – Scalable/fault tolerant storage with object stores • Cloud Networks – How to do on-demand, elastic, measured networking provisioning ? – How to program the network ?
  • 7. A very extensive API • CloudStack orchestrates your network: – Provisioning – Configuration – Updates • For multi-tenants isolation • Using hardware and software devices • At scale: O(10^4) Hyp, O(10^5) VMs…
  • 8. Software Defined Networking • Enable innovation, experimentation, optimization and customization of networks • Move control of the network to software. i.e Programmable network • Virtualize the network • Vendor-agnostic, standard protocol for control: OpenFlow
  • 9. OpenFlow • Leading SDN protocol • Decouples control and data plane by giving a controller the ability to install flow rules on switches. • Hardware or software • Google achieved 95% switches can use utilization of WAN OpenFlow backbone by using SDN • Spec driven by ONF
  • 10. OpenFlow • OpenFlow rules can drop, rewrite, forward packets Rule Action Stats Packet + byte counters 1. Forward packet to port(s) 2. Encapsulate and forward to controller 3. Drop packet 4. Send to normal processing pipeline Switch MAC MAC Eth VLAN IP IP IP TCP TCP Port src dst type ID Src Dst Prot sport dport Diagram Src: http://www.openflow.org/wp/documents/ August 28, 2012 10
  • 11. OF Controllers • Several controllers out there (NOX, POX,Trema…) • Floodlight from Big Switch. Apache license
  • 12. OpenVSwitch • “Open vSwitch is a production quality, multilayer virtual switch licensed under the open source Apache 2.0 license. It is designed to enable the massive network automation through programmatic extension…”
  • 13. OpenVSwitch • Default bridge in XenServer and XCP • Supported in Xen but not integrated in toolstack • Enables: – VLAN tagging – Rate limiting – GRE tunnels – OpenFlow controller – … • High Performance ( http://networkheresy.com/category/
  • 14. e.g OVS rate limiting • Can enforce QoS with rate limiting controls • ovs-vsctl set Interface tap0 ingress_policing_rate=1000 • ovs-vsctl set Interface tap0 ingress_policing_burst=100
  • 15. e.g OVS VLAN tagging • ovs-vsctl add-br br0 • ovs-vsctl add-port br0 eth0 • ovs-vsctl add-port br0 tap0 tag=1 • ovs-vsctl add-port br0 tap1 tag=2 • Complement on host2…
  • 16. e.g OVS and GRE tunnels • No Cookbook on OVS page • ovs-vsctl add-port br1 gre1 -- set interface gre1 type=gre options:remote_ip=192.168.1.152
  • 17. OVS and Openflow • Point OVS switches to an OF controller: $ovs_vsctl set-controller br0 tcp 192.168.1.33:6633 • Install rules on switch –Proactively (before any packet flows) –Reactively (unknown packets forwarded to controller, who pushes flow mod on switch, then operates at line rate) • Can do SDN with OpenFLOW but also with straight up OVS and managing mappings/rules in CloudStack db.
  • 18. OpenNebula • Supports VLAN tagging and rate limiting through “hooks” that call ovs_vsctl • Scripts executed on an hypervisor before a VM is launched • Potentially also executed after VM shutdown for cleanup • Also supports OpenFlow
  • 19. CloudStack Nicira Support • https://cwiki.apache.or g/confluence/display/CL OUDSTACK/Feature+Nic ira+NVP+integration • By Hugo Trippaers, Schuberg Philis
  • 20. API key to customization of the network • You dream it, CloudStack orchestrates it 
  • 21. Terminology Zone: Availability zone, aka Regions. Could be worldwide. Different data centers Pods: Racks or aisles in a data center Clusters: Group of machines with a common type of Hypervisor Host: A Single server Primary Storage: Shared storage across a cluster Secondary Storage: Shared storage in a single Zone
  • 22. Physical Network Operations Users Admin and Cloud API CloudStack Mgmt Server Cluster Router MySQL Load Balancer Availability Zone L3 Core Switch Access Layer Switches … Secondary Servers Storage … … … … Pod 1 Pod 2 Pod 3 Pod N Slide from Chiradeep Vittal, http://www.slideshare.net/cloudstack/cloudstack-networking
  • 23. Layer-2 Guest Virtual Network 1 VLAN per guest network CS Virtual Router provides Network Services External Devices provide Network Services Network Hardware exposing API can be controlled Guest Virtual Network 10.1.1.1/8 Guest Virtual Network 10.1.1.1/8 VLAN 100 VLAN 100 Public Public Network/Inter Network/Inter net net Guest Guest Private IP VM 1 Public IP 10.1.1.1 VM 1 10.1.1.1 10.1.1.111 Gateway 65.37.141.11 Juniper Public IP 1 SRX address 65.37.141.11 CS Firewall 10.1.1.1 Guest Guest Virtual 10.1.1.3 VM 2 10.1.1.3 VM 2 Router Public IP Private IP DHCP, DNS 65.37.141. 10.1.1.112 NetScaler NAT 112 Guest Load Guest Load Balancing 10.1.1.4 VM 3 Blancer 10.1.1.4 VM 3 VPN Guest Guest 10.1.1.5 VM 4 10.1.1.5 VM 4 CS DHCP, Virtual Router DNS Slide from Chiradeep Vittal, http://www.slideshare.net/cloudstack/cloudstack-networking
  • 24. Opportunity for Xen • Opportunity to create highly specialized networking services appliances using – OpenMirage VMs – HalVM • See talks in Monday’s session
  • 25. Networking challenges in a private Cloud • Multi-tenants on hypervisors => isolation between guest networks • VLANs in the datacenter is hard and limit at 4096 VLANs. • Hardware switches may not do it very well or have a lower limit
  • 26. Networking trend • Move to software switches • Move to L3 isolation • Use tunnels between OVS (GRE tech preview) • Program the network through API • Encapsulation virtualizes the network, between overlays on overlays on overlays.. • L3 on L2 on GRE on L3 on L2… • Then you bring the WAN and you have: • L3 on L2 on GRE on L3 on L2 on GRE on L3 on L2 ….Euhhhh !!!
  • 27. Back of the enveloppe • ~10,000 hypervisors in your data center • ~100,000 VMs – x10 or x100 if you use HalVM or Openmirage.org  • (10,000*9,999)/2 tunnels for a full mesh – 50x10^6 tunnels to keep track of ?
  • 28. Slide from Chiradeep Vittal Layer 3 cloud networking Web Web DB DB Web Web VM VM VM VM VM VM Web DB Security Security Group Group Web Web Web Web DB DB VM VM VM VM VM VM … … … Web Web Web Web VM VM VM VM Ingress Rule: Allow VMs in Web Security Group access to VMs in DB Security Group on Port 3306
  • 29. L3 isolation with distributed firewalls Tenant 10.1.0.2 Public Public IP address 1 VM 1 Internet 65.37.141.11 65.37.141.24 65.37.141.36 10.1.0.1 Pod 1 L2 Tenant 10.1.0.3 65.37.141.80 Switch 2 VM 1 Tenant 10.1.0.4 1 VM 2 L3 Core Pod 2 L2 Switch 10.1.8.1 … 10.1.16.1 Load Pod 3 L2 Balancer Switch … Slide from Chiradeep Vittal
  • 30. L3 isolation with distributed firewalls Tenant 10.1.0.2 Public Public IP address 1 VM 1 Internet 65.37.141.11 65.37.141.24 65.37.141.36 10.1.0.1 Pod 1 L2 Tenant 10.1.0.3 65.37.141.80 Switch 2 VM 1 Tenant 10.1.0.4 1 VM 2 L3 Core Pod 2 L2 Switch 10.1.8.1 … 10.1.16.1 Load Pod 3 L2 Balancer Switch … Tenant 1 VM 3 10.1.16.47 Tenant 10.1.16.85 1 VM 4 Slide from Chiradeep Vittal
  • 31. L3 isolation with distributed firewalls Tenant 10.1.0.2 Public Public IP address 1 VM 1 Internet 65.37.141.11 65.37.141.24 65.37.141.36 10.1.0.1 Pod 1 L2 Tenant 10.1.0.3 65.37.141.80 Switch 2 VM 1 Tenant 10.1.0.4 1 VM 2 L3 Core Pod 2 L2 Switch 10.1.8.1 … Tenant 10.1.16.12 10.1.16.1 2 VM 2 Load Pod 3 L2 Balancer Switch Tenant 2 VM 3 10.1.16.21 … Tenant 1 VM 3 10.1.16.47 Tenant 10.1.16.85 1 VM 4 Slide from Chiradeep Vittal
  • 32. A Million Firewalls? VM VM VM VM … VM VM VM VM … … … VM VM VM VM … VM VM VM VM VM VM VM VMVM VM VM VM VM VM VM VM VMVM VM VM VM VM … VM VM VM VM … … … VM VM VM VM … VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VMVM VM … … VM VM VM VM … … VM VM VM … VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM … VM VM VM VM … … … VM VM VM VM … VM VM VM VM VM VM VMVM VM VM VM VM VM VM VM VM VMVM VM VM VM VM … VM VM VM VM … … … VM VM VM VM … VM VM VM VM VM VM VM VM VM VM VMVM VM VM VM VM VM VM … VM VM VM VM … VM VM VM VM … VM VM VM … VM VM … VM … VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM … … VM VM VM VM … … VM VM VM … VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM … VM VM VM VM … … … VM VM VM VM … VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM Slide from Chiradeep Vittal
  • 33. Problem: Manage the state of 100s of thousands of firewalls Solution: Well-known software scaling techniques •Message queues •Consistency tradeoffs •Idempotent configuration & retries CloudStack uses •special purpose queues •optimized for large security groups •eventual consistency for rule updates Slide from Chiradeep Vittal
  • 34. Problem: Firewall (iptables) rules explosion on the host firewall Solution: Use ipsets: ipset –N web_sg iptreemap ipset –A web_sg 10.1.16.31 ipset –A web_sg 10.1.16.112 ipset –A web_sg 10.1.189.5 … ipset –A web_sg 10.21.9.77 -A FORWARD –p tcp –m tcp –dport 3060 –m set –match-set web_sg src -j ACCEPT Slide from Chiradeep Vittal
  • 35. Conclusions • Programmable networking is here • Software switches are key enabler to network virtualization • Opens the door for scalable, on-demand, ephemeral networks • OVS is the default switch in Xen, and supported in XenServer and XenCP. • CloudStack implements highly scalable network structures and leverages OVS capabilities
  • 36. Participating in CloudStack • Apache incubator project • http://www.cloudstack.org • #cloudstack on irc.freenode.net • @CloudStack on Twitter • http://cloudstack.org/discuss/mailing-lists.html Welcoming contributions and feedback, Join the fun !

Notas del editor

  1. Related VMs are placed into security groups: for example, web vms are placed in the web security group and the db vms are in the DB security group. By default all ingress traffic to the vm is dropped. To allow web vms to communicate to DB vms, the cloud user calls an api to allow access on the database’s tcp port.
  2. Each pod has a different subnet. When a VM is started in a pod, it acquires a free ip in that pod’s subnet. Different tenants can land up in the same pod and hence share the same L2 subnet. Because security groups deny all by default, each VM needs a host-based firewall (embedded in the hypervisor dom0) to enforce this. This also prevents stuff like DHCP and ARP snooping. To prevent attacks, multicast and broadcast are blocked by the firewall
  3. As a tenant starts more vms, the vms can land in different pods. The cloud user cannot make any assumptions about L2 connectivity between their vms.
  4. As vms get created and destroyed, CloudStack has to ensure the configuration of the host-based firewalls (iptables) is consistent with the security group rules programmed by the cloud user
  5. 40,000 hypervisors in a data center x 25 vms / hypervisor = 1 million firewalls to be orchestrated by CloudStack
  6. An ipset is a kernel datastructure that can match an ip very efficiently against a large set of ips. For example, using a tree structure, an ip address can be quickly tested for containment. The ipset is supplied to the iptables rule leading to a single iptable rule.