SDN at Schuberg Philis
!
Who is that guy anyway?
» Hugo Trippaers
– Mission Critical Engineer @ Schuberg Philis
– PMC @ Apache CloudStack
– Contr...
!
SDN at Schuberg Philis
» Why did we opt for SDN?
» Our setup
» Where is the automation?
3
Software Defined Networking
“In the SDN architecture, the control and data planes are decoupled, network intelligence and ...
!
Why did we opt for SDN?
» Theoretical versus Practical limits
– How much VLAN can you really configure on a switch?
– Is...
!
Why did we opt for SDN?
» Security
– How isolated is a VLAN?
– Stacked VLAN tags
6
!
Why did we opt for SDN?
» Automation is key.
– Automated hypervisor deployments using bare metal provisioning
– Automate...
!
Our setup
8
!
Our overlay networking solution - VMware NSX (Nicira NVP)
» A commercial SDN solution developed by
Nicira and acquired b...
!
A little more detail
10
Controllers
Virtual
Router
STT / GRE / VXLAN Tunnels
Service Nodes
Hypervisors (OpenVswitch)
!
A little more detail
11
Virtual
Router
STT / GRE / VXLAN Tunnels
Gateways
L2 or L3
Legacy Host
VLAN
Controllers
!
A little more detail
12
Virtual
Router
Controllers
REST API
Manager
!
Numbers
13
» BetaCloud
» Controllers: 3
» Service Nodes: 2
» Gateways: 1
» Hypervisors: 14
» Logical Switches: 120
» Log...
!
Numbers
» BetaCloud
» Controllers: 3
» Service Nodes: 2
» Gateways: 1
» Hypervisors: 14
» Logical Switches: 120
» Logica...
!
Where is the automation part?
15
» Cloud Orchestration Framework
» Compute (XenServer, KVM, VMWare, HyperV)
» Storage (NFS, S3, Swift, Nexenta, NetApp)
» N...
!
CloudStack networking - the five minute version
» Separate low-level network configuration from function
definition.
» A...
CloudStack Networking - Basic Network
» Basic Networking
» Amazon style L3 network
» Tenant isolation on L3 (security grou...
CloudStack Networking - Advanced Network
» Advanced Networking
» Tenant isolation on L2 (VLAN, SDN)
» Advanced services mo...
CloudStack Networking - Advanced Network VPC
» Advanced Networking
» Tenant isolation on L2 (VLAN, SDN)
» Advanced service...
Future Goals
» Replacing the Virtual Router and the VPC Router with
an SDN routing construct.
» ACS Bridging support to ma...
!
Thats all there is to it
» Questions & Answers
!
22
Upcoming SlideShare
Loading in …5
×

SDN at schuberg philis

580 views

Published on

My presentation about the Software Defined Networking we use at Schuberg Philis. As presented on the SDN Meetup on March 18

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
580
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
19
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

SDN at schuberg philis

  1. 1. SDN at Schuberg Philis
  2. 2. ! Who is that guy anyway? » Hugo Trippaers – Mission Critical Engineer @ Schuberg Philis – PMC @ Apache CloudStack – Contributor @ OpenDaylight OVSDB – Gamer @ Home ! » Contact – @Spark404 @ Twitter – Hugo Trippaers @ LinkedIn – htrippaers@schubergphilis.com 2
  3. 3. ! SDN at Schuberg Philis » Why did we opt for SDN? » Our setup » Where is the automation? 3
  4. 4. Software Defined Networking “In the SDN architecture, the control and data planes are decoupled, network intelligence and state are logically centralized, and the underlying network infrastructure is abstracted from the applications. As a result, enterprises and carriers gain unprecedented programmability, automation, and network control, enabling them to build highly scalable, flexible networks that readily adapt to changing business needs.” — Software-Defined Networking: The New Norm for Networks ONF White Paper April 13, 2012 4
  5. 5. ! Why did we opt for SDN? » Theoretical versus Practical limits – How much VLAN can you really configure on a switch? – Is 4094 VLANs enough for everybody? 5
  6. 6. ! Why did we opt for SDN? » Security – How isolated is a VLAN? – Stacked VLAN tags 6
  7. 7. ! Why did we opt for SDN? » Automation is key. – Automated hypervisor deployments using bare metal provisioning – Automated VM deployment using CloudStack – Automated Application deployment using Chef – – Manual network deployment using ssh. 7
  8. 8. ! Our setup 8
  9. 9. ! Our overlay networking solution - VMware NSX (Nicira NVP) » A commercial SDN solution developed by Nicira and acquired by VMWare. Uses both OpenVSwitch and OpenFlow to build overlay tunnels on an existing network. ! » Pros – STT tunnel protocol is optimized for high-bandwidth – Includes a gateway to link existing L3 or L2 networks to the virtual switch 9
  10. 10. ! A little more detail 10 Controllers Virtual Router STT / GRE / VXLAN Tunnels Service Nodes Hypervisors (OpenVswitch)
  11. 11. ! A little more detail 11 Virtual Router STT / GRE / VXLAN Tunnels Gateways L2 or L3 Legacy Host VLAN Controllers
  12. 12. ! A little more detail 12 Virtual Router Controllers REST API Manager
  13. 13. ! Numbers 13 » BetaCloud » Controllers: 3 » Service Nodes: 2 » Gateways: 1 » Hypervisors: 14 » Logical Switches: 120 » Logical Switchports: 404 ! » ~ 28 hosts / hv
  14. 14. ! Numbers » BetaCloud » Controllers: 3 » Service Nodes: 2 » Gateways: 1 » Hypervisors: 14 » Logical Switches: 120 » Logical Switchports: 404 ! » ~ 28 hosts / hv 14 » Mission Critical Cloud » Controllers: 3 » Service Nodes: 2 » Gateways: 21 » Hypervisors: 37 » Logical Switches: 185 » Logical Switchports: 816 ! » ~ 22 hosts / hv
  15. 15. ! Where is the automation part? 15
  16. 16. » Cloud Orchestration Framework » Compute (XenServer, KVM, VMWare, HyperV) » Storage (NFS, S3, Swift, Nexenta, NetApp) » Network (Juniper, F5, Palo Alto, Netscaler) » SDN (VMWare NSX, Midokura, OpenContrail, Stratosphere, OpenDaylight,…) 16
  17. 17. ! CloudStack networking - the five minute version » Separate low-level network configuration from function definition. » Admin configures devices, services » Admin assigns a mix of networking features to a network offering » Tenant selects a network offering and uses the network 17
  18. 18. CloudStack Networking - Basic Network » Basic Networking » Amazon style L3 network » Tenant isolation on L3 (security groups) 18 External Router Public IP Space Security Group
  19. 19. CloudStack Networking - Advanced Network » Advanced Networking » Tenant isolation on L2 (VLAN, SDN) » Advanced services model per network 19 External Router Public IP Space Virtual Router
  20. 20. CloudStack Networking - Advanced Network VPC » Advanced Networking » Tenant isolation on L2 (VLAN, SDN) » Advanced services model per network » Tiered networking » Private gateway 20 External Router Public IP Space VPC Virtual Router
  21. 21. Future Goals » Replacing the Virtual Router and the VPC Router with an SDN routing construct. » ACS Bridging support to manage L2 gateways. ! » And lets not forget the underlay network… 21
  22. 22. ! Thats all there is to it » Questions & Answers ! 22

×