When DevOps and Networking Intersect by Brent Salisbury of socketplane.io

D
DevOps4Networks
when network and devops intersect Brent Salisbury socketplane.io
socketplane.io - docker networking John Willis Co-Founder & VP Business Development Formerly: Formerly CTO Stateless Networks Madhu Venugopal Co-Founder & President Formerly: Principal Engineer Office of the CTO, Red Hat Brent Salisbury Co-Founder & VP Engineering Formerly: Senior Engineer Office of the CTO, Red Hat Dave Tucker Co-Founder, VP Product Formerly: Senior Engineer Office of the CTO, Red Hat
lessons_learned struct 1. the evolving network! 2. lessons learned from controller development! 3. netops from an operational+dev view! 4. looking ahead
the problem
Cost Network Compute - Storage Vertical Integration Horizontal Scale Number Widgets - Economies of Scale
Over Provisioned Under Provisioned Network Capacity Needs Network Usage Growth Time
Efficient Provisioning Network Capacity Needs Network Usage Growth Time
Where we were • CLI for everything • vendor management tools did everything and nothing. • used to be Perl, TCL and later Python • zero ip management ! • turned into a who can make the best obscure magic !
Where we are • CLI for everything • vendor management tools did everything and nothing. • used to be Perl, TCL and later Python • zero ip management ! • turned into a who can make the best obscure magic !
where we are(ish) • exponential growth with flat operating budgets! • incessant pressure for uptime + capex/opex cost reduction! • the majority of networks still maintain proprietary hw, sw and api! • datapaths are still barely programmable ! • netops manages very little beyond the ToR.
quick review of node distribution • distributed! • centralized! • de-centralized
Centralized
Centralized the sdn approach Forwarding Population Controller Match + Action
Decentralized
Decentralized the sdn approach Forwarding Population + Clustered Controller Orchestration Topology Match + Action
similarly both hard problems Routing Engine Line Card 1 MAC Source Addres s MAC Destinati on IP Source Address IP Destinati on Sour ce Port Destinati on Port Instructions Ing res s Por t Pri orit y Proto col * * * * * * GOTO/ Drop/ Controller/ Normal 0 *. * Data Plane P1 P2 P... MAC MAC IP IP Source Sour Destinati Bus Destinati Source Destinati Instructions Addres ce on Port on Address on s Port Line Card 2 Ethernet Ing res s Por t Pri orit y Proto col * * * * * * GOTO/ Drop/ Controller/ Normal 0 *. * Data Plane P1 P2 P... Line Card ... MAC Source Addres s MAC Destinati on IP Source Address IP Destinati on Sour ce Port Destinati on Port Instructions Ing res s Por t Pri orit y Proto col * * * * * * GOTO/ Drop/ Controller/ Normal 0 *. * Data Plane P1 P2 P... Controller OVS MAC Source Addres s MAC Destinati on IP Source Address IP Destinati on Sour ce Port Destinati on Port Instructions Ing res s Por t Pri orit y Proto col * * * * * * GOTO/ Drop/ Controller/ Normal 0 *. * Data Plane P1 P2 P... OF Switch MAC Source Addres s MAC Destinati on IP Source Address IP Destinati on Sour ce Port Destinati on Port Instructions Ing res s Por t Pri orit y Proto col * * * * * * GOTO/ Drop/ Controller/ Normal 0 *. * Data Plane P1 P2 P... Random Agent MAC Source Addres s MAC Destinati on IP Source Address IP Destinati on Sour ce Port Destinati on Port Instructions Ing res s Por t Pri orit y Proto col * * * * * * GOTO/ Drop/ Controller/ Normal 0 *. * Data Plane P1 P2 P... Fabric
Distributed
the internets scales Distributed
the barrier to scale Host 1 L2 Flooding and Learning Host 2 Data Plane Data Plane Flooding Flooding VLAN x VLAN x ! • Live workload migration cripples network ops! • subnets for policy groupings are the only reason to think in those terms anymore
shit that doesn't scale • the next few slides are things i thought were possible at some point around the problem of L2! ! • lesson learned prototype and fail faster! ! • ask your team why they really need L2
Proactive L2 Flooding and Learning with Legacy VLANs Proactive Rule - Match: ARP Action: Normal Maintaining Legacy Broadcast Domains Controller Never Punts ARP Host 1 OpenFlow Controller Host 2 Data Plane Data Plane Flooding Flooding VLAN x VLAN x Can Also Serve as a Fallback Failure Mode or Hybrid Mirgration Strategy
Reactive OpenFlow Flow Policy OpenFlow Controller OpenFlow Switch Data Plane 1st Packet in Flow MAC Source Addres s MAC Destinati on IP Source Address P1 P2 P3 IP Destinati on Sour ce Port Destinati on Port Svr 1 Svr 2 Svr 3 Instructions Ing res s Por t Pri orit y * * * * * * GOTO/ Drop/ Controller/ Normal 0 *. Proto col * Packet-In A Flowmod Installs a Flow Rule for Subsequent Matching Packets
Controller Intercepting ARP and Proxy the Reply ARP Request and Reply OpenFlow Controller Host (Key) Location (Value) Host 2 IP, MAC,Tenant ==> Tunnel 200 Tep IP Match: ARP Action: Controller Match: ARP Action: Controller Host 2 Data Plane Data Plane Switch 1 Switch 2 VLAN ID Constraints Becomes Irrelevant Tenancy Maintained in the Controller Host 1 Controllers can Answers and/or Sends ARP (proxy)
Controller Connect Source and Destination Hosts via Packet-In and Flowmods ARP Request Host (Key) Location (Value) Host 2 IP, MAC,Tenant ==> Tunnel 200 Tep IP Flowmod Building Data Path OpenFlow Controller Flowmod Building Data Path Match: ARP Action: Controller Match: ARP Action: Controller Host 2 Data Plane Data Plane Switch 1 Switch 2 Host 1 Data Path (Tunnel, or Flow Path VLAN ID Constraints Becomes Irrelevant Tenancy Maintained in the Controller
not if but when ! • build infrastructure for the worst case scenario, because it will be worse.! • cascading failure suck! • focus on solving the problem not the implementation! • intelligence in the datapath HW is a good thing as long ideally if coupled with open and programmatically manageable Control and Data Plane Split Brain Control Plane Data Plane - DPID ::00:01 P1 P2 P3 DPID DPID DPID ? ? X ? ? ?
this movie has a shitty ending Bridge Linux Bridging Frame In IPTables Frame Egress HAProxy Functions X,Y, Z
What Works: Performance and Reliability First Table 0 Classifier Table 2 …….. Frame Out Table n OVS/DPDK Packet Forwarding Pipeline Frame In Function Foo Function Bar Stages
traffic alignment from the 90’s Data Center L3 Core Data Center L3 Core Physical Switch vSwitch Physical Switch vSwitch Physical Switch vSwitch Firewall North/South Security Policy Data Center Today
new architectures for new workloads Distributed Policy Application For Data Center Data Center L3 Core Data Center L3 Core Physical Switch vSwitch Physical Switch vSwitch Physical Switch vSwitch East West Security Policy
trust what you know • rely your own operational experiences, if you don't have any go get some even if its stalking customers! • don't fall in love with implementations, they are probably wrong! • ask questions but be open minded! • avoid slide jockeys! • avoid the vendor wars! • avoid cults! • complexity w/o abstraction fails! • almost all abstractions fail
serenity now, insanity later • make time for research and planning!! • wether it is a big infra project or an dev sprint, don't let the oppressive demand of execution compromise a practical design! ! • that said, if the plan sucks, change it.
nothing is easy, don't make it harder • prototyping and early feedback should be your compass • when users says, this seems a little too complex, LISTEN! • odds are you aren't going to be able to get the right abstraction to hide your over-engineering
performance and reliability first • network operators are measured in uptime first • don't compromise reliability for cost savings without making it very clear to all leadership, not just the IT manager heroes. • perform consistency checking
/dev • understand the problem first! ! • if you don't understand the problem stalk someone who does! ! • make readable code! ! • code for the worst case scenario
architecture • if it isn't broke, don't break it • architects need understandable components • architects need predictable components • predictive analysis is a big data problem • predict problems with operational tools and data • don't build a nuclear submarine when a bicycle will do
test and prototype ! • verify before you hit enter! • automate all production changes! • setup rollback processes! ! • the result:! • should be shorter change windows! • faster rollbacks! • better trained operators
everybody is smart • "A great team doesn’t mean that they had the smartest people. What made those teams great is that everyone trusted one another. It can be a powerful thing when that magic dynamic exists." -Gene Kim
team culture • not proving how much smarter you are then your co-workers. • give credit to the team first, its just weird otherwise • don't hoard contacts • find peoples passion and maximize it • protect your cultures morale like it is your bank account
where to start? • starting out! • no one can learn for you, find your passion! • learn linux! • explore vswitches, I recommend http://openvswitch.org! • connect with peers in the community and share experiences • explore compute (containers, hypervisors and everything else beyond the top of rack! ! • further along! • code, i recommend Golang atm fwiw! • learn CI tools and sw dev processes! • contributes to upstream open source! • build something that solves others problems and open source it
1 of 39

When DevOps and Networking Intersect by Brent Salisbury of socketplane.io

Download to read offline
Technology

When DevOps and Networking Intersect by Brent Salisbury of socketplane.io

D
DevOps4Networks

Recommended

Introduction to OpenFlow by
Introduction to OpenFlowIntroduction to OpenFlow
Introduction to OpenFlowrjain51
12.9K views46 slides
Openflow overview by
Openflow overviewOpenflow overview
Openflow overviewopenflowhub
4.2K views29 slides
OpenFlow tutorial by
OpenFlow tutorialOpenFlow tutorial
OpenFlow tutorialopenflow
33.5K views41 slides
Three years of OFELIA - taking stock by
Three years of OFELIA - taking stockThree years of OFELIA - taking stock
Three years of OFELIA - taking stockFIBRE Testbed
723 views46 slides
Naveen nimmu sdn future of networking by
Naveen nimmu sdn future of networkingNaveen nimmu sdn future of networking
Naveen nimmu sdn future of networkingsuniltomar04
3.3K views32 slides
ARIN 36 IETF IPv6 Activities Report by
ARIN 36 IETF IPv6 Activities ReportARIN 36 IETF IPv6 Activities Report
ARIN 36 IETF IPv6 Activities ReportARIN
643 views74 slides

More Related Content

What's hot

CampusSDN2017 - Jawdat: SDN Technology Evolvement by
CampusSDN2017 - Jawdat: SDN Technology EvolvementCampusSDN2017 - Jawdat: SDN Technology Evolvement
CampusSDN2017 - Jawdat: SDN Technology EvolvementJawdatTI
219 views39 slides
Howto createOpenFlow Switchusing FPGA (at FPGAX#6) by
Howto createOpenFlow Switchusing FPGA (at FPGAX#6)Howto createOpenFlow Switchusing FPGA (at FPGAX#6)
Howto createOpenFlow Switchusing FPGA (at FPGAX#6)Kentaro Ebisawa
2.6K views43 slides
PLNOG 8: Piotr Gierz - Protokół OpenFlow by
PLNOG 8: Piotr Gierz - Protokół OpenFlow PLNOG 8: Piotr Gierz - Protokół OpenFlow
PLNOG 8: Piotr Gierz - Protokół OpenFlow PROIDEA
37 views34 slides
mnNOG 3: IP technology adoption in Mongolia by
mnNOG 3: IP technology adoption in MongoliamnNOG 3: IP technology adoption in Mongolia
mnNOG 3: IP technology adoption in MongoliaAPNIC
265 views46 slides
Learning Multicast Part 7 Bringing Clarity by
Learning Multicast Part 7 Bringing ClarityLearning Multicast Part 7 Bringing Clarity
Learning Multicast Part 7 Bringing ClarityDavid Hedley
14 views26 slides
WebRTC Overview by Dan Burnett by
WebRTC Overview by Dan BurnettWebRTC Overview by Dan Burnett
WebRTC Overview by Dan BurnettMojo Lingo
2.2K views94 slides

What's hot(19)

CampusSDN2017 - Jawdat: SDN Technology Evolvement by JawdatTI
CampusSDN2017 - Jawdat: SDN Technology EvolvementCampusSDN2017 - Jawdat: SDN Technology Evolvement
CampusSDN2017 - Jawdat: SDN Technology Evolvement
JawdatTI219 views
Howto createOpenFlow Switchusing FPGA (at FPGAX#6) by Kentaro Ebisawa
Howto createOpenFlow Switchusing FPGA (at FPGAX#6)Howto createOpenFlow Switchusing FPGA (at FPGAX#6)
Howto createOpenFlow Switchusing FPGA (at FPGAX#6)
Kentaro Ebisawa2.6K views
PLNOG 8: Piotr Gierz - Protokół OpenFlow by PROIDEA
PLNOG 8: Piotr Gierz - Protokół OpenFlow PLNOG 8: Piotr Gierz - Protokół OpenFlow
PLNOG 8: Piotr Gierz - Protokół OpenFlow
PROIDEA37 views
mnNOG 3: IP technology adoption in Mongolia by APNIC
mnNOG 3: IP technology adoption in MongoliamnNOG 3: IP technology adoption in Mongolia
mnNOG 3: IP technology adoption in Mongolia
APNIC265 views
Learning Multicast Part 7 Bringing Clarity by David Hedley
Learning Multicast Part 7 Bringing ClarityLearning Multicast Part 7 Bringing Clarity
Learning Multicast Part 7 Bringing Clarity
David Hedley14 views
WebRTC Overview by Dan Burnett by Mojo Lingo
WebRTC Overview by Dan BurnettWebRTC Overview by Dan Burnett
WebRTC Overview by Dan Burnett
Mojo Lingo2.2K views
Modern Software Architecture by Ahmed Marzouk
Modern Software Architecture Modern Software Architecture
Modern Software Architecture
Ahmed Marzouk243 views
Trick or XFLTReaT a.k.a. Tunnel All The Things by Balazs Bucsay
Trick or XFLTReaT a.k.a. Tunnel All The ThingsTrick or XFLTReaT a.k.a. Tunnel All The Things
Trick or XFLTReaT a.k.a. Tunnel All The Things
Balazs Bucsay27 views
DPDK Summit 2015 - Intel - Keith Wiles by Jim St. Leger
DPDK Summit 2015 - Intel - Keith WilesDPDK Summit 2015 - Intel - Keith Wiles
DPDK Summit 2015 - Intel - Keith Wiles
Jim St. Leger4.6K views
SWIFT: Tango's Infrastructure For Real-Time Video Call Service by Meng ZHANG
SWIFT: Tango's Infrastructure For Real-Time Video Call ServiceSWIFT: Tango's Infrastructure For Real-Time Video Call Service
SWIFT: Tango's Infrastructure For Real-Time Video Call Service
Meng ZHANG20.6K views
PLNOG15 - IRR Lockdown - Job Snijders by PROIDEA
PLNOG15 - IRR Lockdown - Job SnijdersPLNOG15 - IRR Lockdown - Job Snijders
PLNOG15 - IRR Lockdown - Job Snijders
PROIDEA135 views
AstriCon 2015: WebRTC: How it Works, and How it Breaks by Mojo Lingo
AstriCon 2015: WebRTC: How it Works, and How it BreaksAstriCon 2015: WebRTC: How it Works, and How it Breaks
AstriCon 2015: WebRTC: How it Works, and How it Breaks
Mojo Lingo763 views
Building DASH7 Apps with OpenTag by Haystack Technologies
Building DASH7 Apps with OpenTagBuilding DASH7 Apps with OpenTag
Building DASH7 Apps with OpenTag
Haystack Technologies5.2K views
Preso fcul by Tiago Henriques
Preso fculPreso fcul
Preso fcul
Tiago Henriques1.3K views
Utah PHP Users Group - 2012 by Randy Secrist
Utah PHP Users Group - 2012Utah PHP Users Group - 2012
Utah PHP Users Group - 2012
Randy Secrist1.9K views
Building day 2 upload Building the Internet of Things with Thingsquare and ... by Adam Dunkels
Building day 2 upload Building the Internet of Things with Thingsquare and ...Building day 2 upload Building the Internet of Things with Thingsquare and ...
Building day 2 upload Building the Internet of Things with Thingsquare and ...
Adam Dunkels13.7K views
Papers We Love Sept. 2018: 007: Democratically Finding The Cause of Packet Drops by Michael Kehoe
Papers We Love Sept. 2018: 007: Democratically Finding The Cause of Packet DropsPapers We Love Sept. 2018: 007: Democratically Finding The Cause of Packet Drops
Papers We Love Sept. 2018: 007: Democratically Finding The Cause of Packet Drops
Michael Kehoe285 views
ConnectJS 2015: Video Killed the Telephone Star by Mojo Lingo
ConnectJS 2015: Video Killed the Telephone StarConnectJS 2015: Video Killed the Telephone Star
ConnectJS 2015: Video Killed the Telephone Star
Mojo Lingo638 views
OSINT RF Reverse Engineering by Marc Newlin by EC-Council
OSINT RF Reverse Engineering by Marc NewlinOSINT RF Reverse Engineering by Marc Newlin
OSINT RF Reverse Engineering by Marc Newlin
EC-Council873 views

Viewers also liked

Net Devops Overview by
Net Devops OverviewNet Devops Overview
Net Devops OverviewJoel W. King
3.2K views27 slides
Network Functions Virtualization – Our Strategy by
Network Functions Virtualization – Our StrategyNetwork Functions Virtualization – Our Strategy
Network Functions Virtualization – Our StrategyADVA
2.1K views15 slides
Ansible Tower | Docker | Cisco ACI by
Ansible Tower | Docker | Cisco ACIAnsible Tower | Docker | Cisco ACI
Ansible Tower | Docker | Cisco ACIJoel W. King
3.1K views8 slides
DevOps and the Importance of Single Source Code Repos  by
DevOps and the Importance of Single Source Code Repos DevOps and the Importance of Single Source Code Repos 
DevOps and the Importance of Single Source Code Repos Perforce
794 views68 slides
Evolving to a New Generation Network based on IP, SDN, NFV & Cloud by
Evolving to a New Generation Network based on IP, SDN, NFV & CloudEvolving to a New Generation Network based on IP, SDN, NFV & Cloud
Evolving to a New Generation Network based on IP, SDN, NFV & CloudEricsson
3.2K views10 slides
DevOps & Apps - Building and Operating Successful Mobile Apps by
DevOps & Apps - Building and Operating Successful Mobile AppsDevOps & Apps - Building and Operating Successful Mobile Apps
DevOps & Apps - Building and Operating Successful Mobile AppsApigee | Google Cloud
3.4K views60 slides

Viewers also liked(20)

Net Devops Overview by Joel W. King
Net Devops OverviewNet Devops Overview
Net Devops Overview
Joel W. King3.2K views
Network Functions Virtualization – Our Strategy by ADVA
Network Functions Virtualization – Our StrategyNetwork Functions Virtualization – Our Strategy
Network Functions Virtualization – Our Strategy
ADVA2.1K views
Ansible Tower | Docker | Cisco ACI by Joel W. King
Ansible Tower | Docker | Cisco ACIAnsible Tower | Docker | Cisco ACI
Ansible Tower | Docker | Cisco ACI
Joel W. King3.1K views
DevOps and the Importance of Single Source Code Repos  by Perforce
DevOps and the Importance of Single Source Code Repos DevOps and the Importance of Single Source Code Repos 
DevOps and the Importance of Single Source Code Repos 
Perforce794 views
Evolving to a New Generation Network based on IP, SDN, NFV & Cloud by Ericsson
Evolving to a New Generation Network based on IP, SDN, NFV & CloudEvolving to a New Generation Network based on IP, SDN, NFV & Cloud
Evolving to a New Generation Network based on IP, SDN, NFV & Cloud
Ericsson3.2K views
DevOps & Apps - Building and Operating Successful Mobile Apps by Apigee | Google Cloud
DevOps & Apps - Building and Operating Successful Mobile AppsDevOps & Apps - Building and Operating Successful Mobile Apps
DevOps & Apps - Building and Operating Successful Mobile Apps
Apigee | Google Cloud3.4K views
DOES16 San Francisco - DevOps Workshop: Leading Change by Gene Kim
DOES16 San Francisco - DevOps Workshop: Leading ChangeDOES16 San Francisco - DevOps Workshop: Leading Change
DOES16 San Francisco - DevOps Workshop: Leading Change
Gene Kim299 views
Case Study: Verizon - CA Workload Automation ESP Edition: Best Practice’s, De... by CA Technologies
Case Study: Verizon - CA Workload Automation ESP Edition: Best Practice’s, De...Case Study: Verizon - CA Workload Automation ESP Edition: Best Practice’s, De...
Case Study: Verizon - CA Workload Automation ESP Edition: Best Practice’s, De...
CA Technologies929 views
DOES SFO 2016 - Ross Clanton and Chivas Nambiar - DevOps at Verizon by Gene Kim
DOES SFO 2016 - Ross Clanton and Chivas Nambiar - DevOps at VerizonDOES SFO 2016 - Ross Clanton and Chivas Nambiar - DevOps at Verizon
DOES SFO 2016 - Ross Clanton and Chivas Nambiar - DevOps at Verizon
Gene Kim1.9K views
DOES16 San Francisco - DevOps Workshop: Organizational Design by Gene Kim
DOES16 San Francisco - DevOps Workshop: Organizational DesignDOES16 San Francisco - DevOps Workshop: Organizational Design
DOES16 San Francisco - DevOps Workshop: Organizational Design
Gene Kim936 views
Integrating DevOps and Security by Stijn Muylle
Integrating DevOps and SecurityIntegrating DevOps and Security
Integrating DevOps and Security
Stijn Muylle421 views
Telco 4.0 Business Operating Model Value Proposition Overview by Nigel Tebbutt
Telco 4.0 Business Operating Model Value Proposition OverviewTelco 4.0 Business Operating Model Value Proposition Overview
Telco 4.0 Business Operating Model Value Proposition Overview
Nigel Tebbutt16.9K views
Cloud and Network Transformation using DevOps methodology : Cisco Live 2015 by Vimal Suba
Cloud and Network Transformation using DevOps methodology : Cisco Live 2015Cloud and Network Transformation using DevOps methodology : Cisco Live 2015
Cloud and Network Transformation using DevOps methodology : Cisco Live 2015
Vimal Suba2.6K views
Bewegen naar Werk: een leuk project of noodzakelijke beweging? by Rotterdam Sportsupport
Bewegen naar Werk: een leuk project of noodzakelijke beweging?Bewegen naar Werk: een leuk project of noodzakelijke beweging?
Bewegen naar Werk: een leuk project of noodzakelijke beweging?
Rotterdam Sportsupport835 views
Il difficile "mestiere" dell'avvocato. Lawyers tough job. by Nicola Canestrini
Il difficile "mestiere" dell'avvocato. Lawyers tough job. Il difficile "mestiere" dell'avvocato. Lawyers tough job.
Il difficile "mestiere" dell'avvocato. Lawyers tough job.
Nicola Canestrini340 views
Contumacia , assenza e CEDU. Italian in absentia trials and (lack of) respect... by Nicola Canestrini
Contumacia , assenza e CEDU. Italian in absentia trials and (lack of) respect...Contumacia , assenza e CEDU. Italian in absentia trials and (lack of) respect...
Contumacia , assenza e CEDU. Italian in absentia trials and (lack of) respect...
Nicola Canestrini522 views
1204b5b3823a6947345193ce2af71230 by LybaS1974
1204b5b3823a6947345193ce2af712301204b5b3823a6947345193ce2af71230
1204b5b3823a6947345193ce2af71230
LybaS1974376 views
Question 3 by Jessica Wade
Question 3Question 3
Question 3
Jessica Wade195 views
Loch Ness Monster by ssb21
Loch Ness MonsterLoch Ness Monster
Loch Ness Monster
ssb21350 views
Increasing Productivity and Finding Success by Michael Royce Montrief
Increasing Productivity and Finding SuccessIncreasing Productivity and Finding Success
Increasing Productivity and Finding Success
Michael Royce Montrief417 views

Similar to When DevOps and Networking Intersect by Brent Salisbury of socketplane.io

OpenFlow Tutorial by
OpenFlow TutorialOpenFlow Tutorial
OpenFlow TutorialJa-seop Kwak
391 views41 slides
Software Defined Networking: Primer by
Software Defined Networking: Primer Software Defined Networking: Primer
Software Defined Networking: Primer Bangladesh Network Operators Group
1.4K views34 slides
FlowER Erlang Openflow Controller by
FlowER Erlang Openflow ControllerFlowER Erlang Openflow Controller
FlowER Erlang Openflow ControllerHolger Winkelmann
3.5K views39 slides
OpenStack Scale-out Networking Architecture by
OpenStack Scale-out Networking ArchitectureOpenStack Scale-out Networking Architecture
OpenStack Scale-out Networking ArchitectureRandy Bias
9.7K views30 slides
Building a Database for the End of the World by
Building a Database for the End of the WorldBuilding a Database for the End of the World
Building a Database for the End of the Worldjhugg
426 views87 slides
Tech Tutorial by Vikram Dham: Let's build MPLS router using SDN by
Tech Tutorial by Vikram Dham: Let's build MPLS router using SDNTech Tutorial by Vikram Dham: Let's build MPLS router using SDN
Tech Tutorial by Vikram Dham: Let's build MPLS router using SDNnvirters
2.2K views20 slides

Similar to When DevOps and Networking Intersect by Brent Salisbury of socketplane.io(20)

OpenFlow Tutorial by Ja-seop Kwak
OpenFlow TutorialOpenFlow Tutorial
OpenFlow Tutorial
Ja-seop Kwak391 views
Software Defined Networking: Primer by Bangladesh Network Operators Group
Software Defined Networking: Primer Software Defined Networking: Primer
Software Defined Networking: Primer
Bangladesh Network Operators Group1.4K views
FlowER Erlang Openflow Controller by Holger Winkelmann
FlowER Erlang Openflow ControllerFlowER Erlang Openflow Controller
FlowER Erlang Openflow Controller
Holger Winkelmann3.5K views
OpenStack Scale-out Networking Architecture by Randy Bias
OpenStack Scale-out Networking ArchitectureOpenStack Scale-out Networking Architecture
OpenStack Scale-out Networking Architecture
Randy Bias9.7K views
Building a Database for the End of the World by jhugg
Building a Database for the End of the WorldBuilding a Database for the End of the World
Building a Database for the End of the World
jhugg426 views
Tech Tutorial by Vikram Dham: Let's build MPLS router using SDN by nvirters
Tech Tutorial by Vikram Dham: Let's build MPLS router using SDNTech Tutorial by Vikram Dham: Let's build MPLS router using SDN
Tech Tutorial by Vikram Dham: Let's build MPLS router using SDN
nvirters2.2K views
Big Data Approaches to Cloud Security by Paul Morse
Big Data Approaches to Cloud SecurityBig Data Approaches to Cloud Security
Big Data Approaches to Cloud Security
Paul Morse2.1K views
Sdn not just a buzzword by Jorge Bonilla
Sdn not just a buzzwordSdn not just a buzzword
Sdn not just a buzzword
Jorge Bonilla508 views
Infrastructure API Lightning Talk by Jeremy Pollard of box.com by DevOps4Networks
Infrastructure API Lightning Talk by Jeremy Pollard of box.comInfrastructure API Lightning Talk by Jeremy Pollard of box.com
Infrastructure API Lightning Talk by Jeremy Pollard of box.com
DevOps4Networks1.4K views
Software defined networking: Primer by Muhammad Moinur Rahman
Software defined networking: PrimerSoftware defined networking: Primer
Software defined networking: Primer
Muhammad Moinur Rahman153 views
Protocol and Integration Challenges for SDN by Gerardo Pardo-Castellote
Protocol and Integration Challenges for SDNProtocol and Integration Challenges for SDN
Protocol and Integration Challenges for SDN
Gerardo Pardo-Castellote1.1K views
What is a Service Mesh and what can it do for your Microservices by Matt Turner
What is a Service Mesh and what can it do for your MicroservicesWhat is a Service Mesh and what can it do for your Microservices
What is a Service Mesh and what can it do for your Microservices
Matt Turner114 views
SDN Demystified, by Dean Pemberton [APNIC 38] by APNIC
SDN Demystified, by Dean Pemberton [APNIC 38]SDN Demystified, by Dean Pemberton [APNIC 38]
SDN Demystified, by Dean Pemberton [APNIC 38]
APNIC636 views
Security defined routing_cybergamut_v1_1 by Joel W. King
Security defined routing_cybergamut_v1_1Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1
Joel W. King1.7K views
John adams talk cloudy by John Adams
John adams talk cloudyJohn adams talk cloudy
John adams talk cloudy
John Adams3.3K views
Realtime traffic analyser by Alex Moskvin
Realtime traffic analyserRealtime traffic analyser
Realtime traffic analyser
Alex Moskvin174 views
Network State Awareness & Troubleshooting by APNIC
Network State Awareness & TroubleshootingNetwork State Awareness & Troubleshooting
Network State Awareness & Troubleshooting
APNIC988 views
Bharath Ram Chandrasekar_Tele 6603_SDN &NFV by Bharath Ram Chandrasekar
Bharath Ram Chandrasekar_Tele 6603_SDN &NFVBharath Ram Chandrasekar_Tele 6603_SDN &NFV
Bharath Ram Chandrasekar_Tele 6603_SDN &NFV
Bharath Ram Chandrasekar282 views
Network troubleshooting by Skillspire LLC
Network troubleshootingNetwork troubleshooting
Network troubleshooting
Skillspire LLC119 views
Introduction to SDN by Muhammad Moinur Rahman
Introduction to SDNIntroduction to SDN
Introduction to SDN
Muhammad Moinur Rahman272 views

Recently uploaded

iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas... by
iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...
iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...Bernd Ruecker
40 views69 slides
Democratising digital commerce in India-Report by
Democratising digital commerce in India-ReportDemocratising digital commerce in India-Report
Democratising digital commerce in India-ReportKapil Khandelwal (KK)
18 views161 slides
SAP Automation Using Bar Code and FIORI.pdf by
SAP Automation Using Bar Code and FIORI.pdfSAP Automation Using Bar Code and FIORI.pdf
SAP Automation Using Bar Code and FIORI.pdfVirendra Rai, PMP
23 views38 slides
Network Source of Truth and Infrastructure as Code revisited by
Network Source of Truth and Infrastructure as Code revisitedNetwork Source of Truth and Infrastructure as Code revisited
Network Source of Truth and Infrastructure as Code revisitedNetwork Automation Forum
27 views45 slides
Mini-Track: AI and ML in Network Operations Applications by
Mini-Track: AI and ML in Network Operations ApplicationsMini-Track: AI and ML in Network Operations Applications
Mini-Track: AI and ML in Network Operations ApplicationsNetwork Automation Forum
10 views24 slides
Uni Systems for Power Platform.pptx by
Uni Systems for Power Platform.pptxUni Systems for Power Platform.pptx
Uni Systems for Power Platform.pptxUni Systems S.M.S.A.
56 views21 slides

Recently uploaded(20)

iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas... by Bernd Ruecker
iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...
iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...
Bernd Ruecker40 views
Democratising digital commerce in India-Report by Kapil Khandelwal (KK)
Democratising digital commerce in India-ReportDemocratising digital commerce in India-Report
Democratising digital commerce in India-Report
Kapil Khandelwal (KK)18 views
SAP Automation Using Bar Code and FIORI.pdf by Virendra Rai, PMP
SAP Automation Using Bar Code and FIORI.pdfSAP Automation Using Bar Code and FIORI.pdf
SAP Automation Using Bar Code and FIORI.pdf
Virendra Rai, PMP23 views
Network Source of Truth and Infrastructure as Code revisited by Network Automation Forum
Network Source of Truth and Infrastructure as Code revisitedNetwork Source of Truth and Infrastructure as Code revisited
Network Source of Truth and Infrastructure as Code revisited
Network Automation Forum27 views
Mini-Track: AI and ML in Network Operations Applications by Network Automation Forum
Mini-Track: AI and ML in Network Operations ApplicationsMini-Track: AI and ML in Network Operations Applications
Mini-Track: AI and ML in Network Operations Applications
Network Automation Forum10 views
Uni Systems for Power Platform.pptx by Uni Systems S.M.S.A.
Uni Systems for Power Platform.pptxUni Systems for Power Platform.pptx
Uni Systems for Power Platform.pptx
Uni Systems S.M.S.A.56 views
Scaling Knowledge Graph Architectures with AI by Enterprise Knowledge
Scaling Knowledge Graph Architectures with AIScaling Knowledge Graph Architectures with AI
Scaling Knowledge Graph Architectures with AI
Enterprise Knowledge38 views
PRODUCT LISTING.pptx by angelicacueva6
PRODUCT LISTING.pptxPRODUCT LISTING.pptx
PRODUCT LISTING.pptx
angelicacueva614 views
Future of Indian ConsumerTech by Kapil Khandelwal (KK)
Future of Indian ConsumerTechFuture of Indian ConsumerTech
Future of Indian ConsumerTech
Kapil Khandelwal (KK)22 views
Case Study Copenhagen Energy and Business Central.pdf by Aitana
Case Study Copenhagen Energy and Business Central.pdfCase Study Copenhagen Energy and Business Central.pdf
Case Study Copenhagen Energy and Business Central.pdf
Aitana16 views
PharoJS - Zürich Smalltalk Group Meetup November 2023 by Noury Bouraqadi
PharoJS - Zürich Smalltalk Group Meetup November 2023PharoJS - Zürich Smalltalk Group Meetup November 2023
PharoJS - Zürich Smalltalk Group Meetup November 2023
Noury Bouraqadi132 views
STKI Israeli Market Study 2023 corrected forecast 2023_24 v3.pdf by Dr. Jimmy Schwarzkopf
STKI Israeli Market Study 2023 corrected forecast 2023_24 v3.pdfSTKI Israeli Market Study 2023 corrected forecast 2023_24 v3.pdf
STKI Israeli Market Study 2023 corrected forecast 2023_24 v3.pdf
Dr. Jimmy Schwarzkopf20 views
Data Integrity for Banking and Financial Services by Precisely
Data Integrity for Banking and Financial ServicesData Integrity for Banking and Financial Services
Data Integrity for Banking and Financial Services
Precisely25 views
Design Driven Network Assurance by Network Automation Forum
Design Driven Network AssuranceDesign Driven Network Assurance
Design Driven Network Assurance
Network Automation Forum15 views
Igniting Next Level Productivity with AI-Infused Data Integration Workflows by Safe Software
Igniting Next Level Productivity with AI-Infused Data Integration Workflows Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Safe Software280 views
Powerful Google developer tools for immediate impact! (2023-24) by wesley chun
Powerful Google developer tools for immediate impact! (2023-24)Powerful Google developer tools for immediate impact! (2023-24)
Powerful Google developer tools for immediate impact! (2023-24)
wesley chun10 views
Microsoft Power Platform.pptx by Uni Systems S.M.S.A.
Microsoft Power Platform.pptxMicrosoft Power Platform.pptx
Microsoft Power Platform.pptx
Uni Systems S.M.S.A.53 views
Info Session November 2023.pdf by AleksandraKoprivica4
Info Session November 2023.pdfInfo Session November 2023.pdf
Info Session November 2023.pdf
AleksandraKoprivica413 views
HTTP headers that make your website go faster - devs.gent November 2023 by Thijs Feryn
HTTP headers that make your website go faster - devs.gent November 2023HTTP headers that make your website go faster - devs.gent November 2023
HTTP headers that make your website go faster - devs.gent November 2023
Thijs Feryn22 views
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLive by Network Automation Forum
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLiveAutomating a World-Class Technology Conference; Behind the Scenes of CiscoLive
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLive
Network Automation Forum34 views

When DevOps and Networking Intersect by Brent Salisbury of socketplane.io

  • 1. when network and devops intersect Brent Salisbury socketplane.io
  • 2. socketplane.io - docker networking John Willis Co-Founder & VP Business Development Formerly: Formerly CTO Stateless Networks Madhu Venugopal Co-Founder & President Formerly: Principal Engineer Office of the CTO, Red Hat Brent Salisbury Co-Founder & VP Engineering Formerly: Senior Engineer Office of the CTO, Red Hat Dave Tucker Co-Founder, VP Product Formerly: Senior Engineer Office of the CTO, Red Hat
  • 3. lessons_learned struct 1. the evolving network! 2. lessons learned from controller development! 3. netops from an operational+dev view! 4. looking ahead
  • 5. Cost Network Compute - Storage Vertical Integration Horizontal Scale Number Widgets - Economies of Scale
  • 6. Over Provisioned Under Provisioned Network Capacity Needs Network Usage Growth Time
  • 7. Efficient Provisioning Network Capacity Needs Network Usage Growth Time
  • 8. Where we were • CLI for everything • vendor management tools did everything and nothing. • used to be Perl, TCL and later Python • zero ip management ! • turned into a who can make the best obscure magic !
  • 9. Where we are • CLI for everything • vendor management tools did everything and nothing. • used to be Perl, TCL and later Python • zero ip management ! • turned into a who can make the best obscure magic !
  • 10. where we are(ish) • exponential growth with flat operating budgets! • incessant pressure for uptime + capex/opex cost reduction! • the majority of networks still maintain proprietary hw, sw and api! • datapaths are still barely programmable ! • netops manages very little beyond the ToR.
  • 11. quick review of node distribution • distributed! • centralized! • de-centralized
  • 13. Centralized the sdn approach Forwarding Population Controller Match + Action
  • 15. Decentralized the sdn approach Forwarding Population + Clustered Controller Orchestration Topology Match + Action
  • 16. similarly both hard problems Routing Engine Line Card 1 MAC Source Addres s MAC Destinati on IP Source Address IP Destinati on Sour ce Port Destinati on Port Instructions Ing res s Por t Pri orit y Proto col * * * * * * GOTO/ Drop/ Controller/ Normal 0 *. * Data Plane P1 P2 P... MAC MAC IP IP Source Sour Destinati Bus Destinati Source Destinati Instructions Addres ce on Port on Address on s Port Line Card 2 Ethernet Ing res s Por t Pri orit y Proto col * * * * * * GOTO/ Drop/ Controller/ Normal 0 *. * Data Plane P1 P2 P... Line Card ... MAC Source Addres s MAC Destinati on IP Source Address IP Destinati on Sour ce Port Destinati on Port Instructions Ing res s Por t Pri orit y Proto col * * * * * * GOTO/ Drop/ Controller/ Normal 0 *. * Data Plane P1 P2 P... Controller OVS MAC Source Addres s MAC Destinati on IP Source Address IP Destinati on Sour ce Port Destinati on Port Instructions Ing res s Por t Pri orit y Proto col * * * * * * GOTO/ Drop/ Controller/ Normal 0 *. * Data Plane P1 P2 P... OF Switch MAC Source Addres s MAC Destinati on IP Source Address IP Destinati on Sour ce Port Destinati on Port Instructions Ing res s Por t Pri orit y Proto col * * * * * * GOTO/ Drop/ Controller/ Normal 0 *. * Data Plane P1 P2 P... Random Agent MAC Source Addres s MAC Destinati on IP Source Address IP Destinati on Sour ce Port Destinati on Port Instructions Ing res s Por t Pri orit y Proto col * * * * * * GOTO/ Drop/ Controller/ Normal 0 *. * Data Plane P1 P2 P... Fabric
  • 18. the internets scales Distributed
  • 19. the barrier to scale Host 1 L2 Flooding and Learning Host 2 Data Plane Data Plane Flooding Flooding VLAN x VLAN x ! • Live workload migration cripples network ops! • subnets for policy groupings are the only reason to think in those terms anymore
  • 20. shit that doesn't scale • the next few slides are things i thought were possible at some point around the problem of L2! ! • lesson learned prototype and fail faster! ! • ask your team why they really need L2
  • 21. Proactive L2 Flooding and Learning with Legacy VLANs Proactive Rule - Match: ARP Action: Normal Maintaining Legacy Broadcast Domains Controller Never Punts ARP Host 1 OpenFlow Controller Host 2 Data Plane Data Plane Flooding Flooding VLAN x VLAN x Can Also Serve as a Fallback Failure Mode or Hybrid Mirgration Strategy
  • 22. Reactive OpenFlow Flow Policy OpenFlow Controller OpenFlow Switch Data Plane 1st Packet in Flow MAC Source Addres s MAC Destinati on IP Source Address P1 P2 P3 IP Destinati on Sour ce Port Destinati on Port Svr 1 Svr 2 Svr 3 Instructions Ing res s Por t Pri orit y * * * * * * GOTO/ Drop/ Controller/ Normal 0 *. Proto col * Packet-In A Flowmod Installs a Flow Rule for Subsequent Matching Packets
  • 23. Controller Intercepting ARP and Proxy the Reply ARP Request and Reply OpenFlow Controller Host (Key) Location (Value) Host 2 IP, MAC,Tenant ==> Tunnel 200 Tep IP Match: ARP Action: Controller Match: ARP Action: Controller Host 2 Data Plane Data Plane Switch 1 Switch 2 VLAN ID Constraints Becomes Irrelevant Tenancy Maintained in the Controller Host 1 Controllers can Answers and/or Sends ARP (proxy)
  • 24. Controller Connect Source and Destination Hosts via Packet-In and Flowmods ARP Request Host (Key) Location (Value) Host 2 IP, MAC,Tenant ==> Tunnel 200 Tep IP Flowmod Building Data Path OpenFlow Controller Flowmod Building Data Path Match: ARP Action: Controller Match: ARP Action: Controller Host 2 Data Plane Data Plane Switch 1 Switch 2 Host 1 Data Path (Tunnel, or Flow Path VLAN ID Constraints Becomes Irrelevant Tenancy Maintained in the Controller
  • 25. not if but when ! • build infrastructure for the worst case scenario, because it will be worse.! • cascading failure suck! • focus on solving the problem not the implementation! • intelligence in the datapath HW is a good thing as long ideally if coupled with open and programmatically manageable Control and Data Plane Split Brain Control Plane Data Plane - DPID ::00:01 P1 P2 P3 DPID DPID DPID ? ? X ? ? ?
  • 26. this movie has a shitty ending Bridge Linux Bridging Frame In IPTables Frame Egress HAProxy Functions X,Y, Z
  • 27. What Works: Performance and Reliability First Table 0 Classifier Table 2 …….. Frame Out Table n OVS/DPDK Packet Forwarding Pipeline Frame In Function Foo Function Bar Stages
  • 28. traffic alignment from the 90’s Data Center L3 Core Data Center L3 Core Physical Switch vSwitch Physical Switch vSwitch Physical Switch vSwitch Firewall North/South Security Policy Data Center Today
  • 29. new architectures for new workloads Distributed Policy Application For Data Center Data Center L3 Core Data Center L3 Core Physical Switch vSwitch Physical Switch vSwitch Physical Switch vSwitch East West Security Policy
  • 30. trust what you know • rely your own operational experiences, if you don't have any go get some even if its stalking customers! • don't fall in love with implementations, they are probably wrong! • ask questions but be open minded! • avoid slide jockeys! • avoid the vendor wars! • avoid cults! • complexity w/o abstraction fails! • almost all abstractions fail
  • 31. serenity now, insanity later • make time for research and planning!! • wether it is a big infra project or an dev sprint, don't let the oppressive demand of execution compromise a practical design! ! • that said, if the plan sucks, change it.
  • 32. nothing is easy, don't make it harder • prototyping and early feedback should be your compass • when users says, this seems a little too complex, LISTEN! • odds are you aren't going to be able to get the right abstraction to hide your over-engineering
  • 33. performance and reliability first • network operators are measured in uptime first • don't compromise reliability for cost savings without making it very clear to all leadership, not just the IT manager heroes. • perform consistency checking
  • 34. /dev • understand the problem first! ! • if you don't understand the problem stalk someone who does! ! • make readable code! ! • code for the worst case scenario
  • 35. architecture • if it isn't broke, don't break it • architects need understandable components • architects need predictable components • predictive analysis is a big data problem • predict problems with operational tools and data • don't build a nuclear submarine when a bicycle will do
  • 36. test and prototype ! • verify before you hit enter! • automate all production changes! • setup rollback processes! ! • the result:! • should be shorter change windows! • faster rollbacks! • better trained operators
  • 37. everybody is smart • "A great team doesn’t mean that they had the smartest people. What made those teams great is that everyone trusted one another. It can be a powerful thing when that magic dynamic exists." -Gene Kim
  • 38. team culture • not proving how much smarter you are then your co-workers. • give credit to the team first, its just weird otherwise • don't hoard contacts • find peoples passion and maximize it • protect your cultures morale like it is your bank account
  • 39. where to start? • starting out! • no one can learn for you, find your passion! • learn linux! • explore vswitches, I recommend http://openvswitch.org! • connect with peers in the community and share experiences • explore compute (containers, hypervisors and everything else beyond the top of rack! ! • further along! • code, i recommend Golang atm fwiw! • learn CI tools and sw dev processes! • contributes to upstream open source! • build something that solves others problems and open source it