SlideShare a Scribd company logo

Networking For Nested Containers: Magnum, Kuryr, Neutron Integration

P
PLUMgrid

In the OpenStack ecosystem, containers were introduced as first class citizens recently with the project Magnum and the networking for containers has also evolved since then. Project Kuryr makes networking available to containers through Neutron. This all brings together how Neutron networking benefits containers like it does virtual machines. However, to make Neutron, Kuryr and Magnum cover all the use cases for containers, nested containers inside Nova VMs require networking to work as seamlessly as it works for virtual machines or bare metal containers. In this session, we will talk about Magnum, Kuryr, Neutron integration and how the problem of nested container networking has been solved in the OpenStack community, it's architecture, the design, current status and next steps.

Technology
1 of 33
Download to read offline
Magnum, Kuryr, Neutron Integration Networking for Nested Containers Fawad Khaliq - @fawadkhaliq Antoni Segura – @celebdor Gal Sagie - @GalSagie
Copyright © PLUMgrid, Inc. 2011-2016 Introduction Speakers Sr. Software Engineer PLUMgrid Khaliq Fawad 2 Senior Engineer Midokura Segura Antoni Architect Huawei Sagie Gal
Copyright © PLUMgrid, Inc. 2011-2016 • Magnum, Neutron • Kuryr • Nested Containers and Networking Problem • Nested Containers Networking – Solution/Design • Capabilities and considerations • Current Status • Next Steps • Q&A Agenda 3
Magnum Container-as-a-service in OpenStack 4
Copyright © PLUMgrid, Inc. 2011-2016 Magnum Container-as-a-service in OpenStack 5 Docker Swarm (Bay) Nova Instance Container Container Container Nova Instance Container Container Container
Copyright © PLUMgrid, Inc. 2011-2016 Magnum Container-as-a-service in OpenStack 6 Kubernetes (Bay) Nova Instance Pod Container Container Nova Instance Pod Container Container
Copyright © PLUMgrid, Inc. 2011-20167
Neutron Networking in OpenStack 8
Copyright © PLUMgrid, Inc. 2011-2016 • Provides “network as a service” • Provides rich network topologies • Technology agnostic; pluggable networking backends • Extensible • Offers advanced services like LBaas, VPNaas, FWaas etc Neutron 9
Kuryr Container Networking in OpenStack 10
Copyright © PLUMgrid, Inc. 2011-2016 Kuryr 11 Neutron as the 
 production-ready 
 networking abstraction
 containers need
Copyright © PLUMgrid, Inc. 2011-2016 VM/Container Networking: Similar Concepts 12 Docker C1 Docker C2 Docker C3 libNetwork Endpoint Endpoint EndpointEndpoint Frontend Network Backend Network Network Sandbox Network Sandbox Network Sandbox VM2 192.168.1.7 192.168.5.2 VM1 Tenant A Net1 192.168.1.0/0 Tenant A Net2 192.168.5.0/0 192.168.1.5 Neutron
Copyright © PLUMgrid, Inc. 2011-2016 • Open source • Part of OpenStack Big-Tent • Brings the Neutron networking model to containers • Aims to support different Container Runtimes (docker, rkt, etc) • E.g. Kubernetes, Mesos, Docker Swarm • Weekly IRC meetings • Working together with OpenStack community • Neutron, Magnum, Kolla Kuryr Project Overview 13
Copyright © PLUMgrid, Inc. 2011-2016 Kuryr Components 14 Configuration ManagementKuryr libNetwork Network Plugin K8S CNI Driver Keystone Authentication & Neutron Client Interface Generic VIF Binding Kuryr libNetwork IPAM Plugin
Problems with current Nested Containers Why do we need to consider this as a special scenario? 15
Copyright © PLUMgrid, Inc. 2011-2016 • Two Separate networking infrastructures • Hard to enforce network policy (N-tier applications) • Security and Isolation • Performance and unneeded overhead Problems with Current Nested Containers Networking 16
Copyright © PLUMgrid, Inc. 2011-2016 Problems with Current Nested Containers Networking 17 Docker 0 OVS VXLAN Overlay VM Docker 0 Neutron Plugin VXLAN Overlay VM SDN Overlay Neutron Overlay
Copyright © PLUMgrid, Inc. 2011-2016 Problems with Current Nested Containers Networking 18 Neutron Networks VMVM VM Tenant A Net1 192.168.1.0/0
Copyright © PLUMgrid, Inc. 2011-2016 Problems with Current Nested Containers Networking 19 Container Networks VMVM VM Backend Network 10.2.0.0/24 Endpoint Endpoint Endpoint Endpoint Endpoint Endpoint Endpoint Frontend Network 10.1.0.0/24
Nested Container Networking Solution Design for the nested container networking in OpenStack 20
Copyright © PLUMgrid, Inc. 2011-2016 • Nested/baremetal container to nested/baremetal container same/ different hosts • Nested/baremetal container to virtual machine communication • Nested/baremetal container to baremetal communication • Container networking as a first class entity in Neutron • Consistent policy enforcement across containers, VMs, bare metal • Enable advanced networking services like FWaas, LBaas, VPNaas etc Nested Container Networking Use Cases 21
Copyright © PLUMgrid, Inc. 2011-2016 Nested Container Networking Design Magnum, Kuryr, Neutron Integration 22 VLAN:100 VLAN:200 VLAN:400 VLAN:100
Copyright © PLUMgrid, Inc. 2011-2016 Neutron Trunk Ports 23 Nova Instance port-1 port-0 port-2 network-1 network-0 network-2 Port combined into one vif by turning port-0 into trunk and other ports into supports of the trunk
Copyright © PLUMgrid, Inc. 2011-201624
Capabilities and Considerations 25
Copyright © PLUMgrid, Inc. 2011-2016 • Neutron resources spec approved and patches under review • Trunk • Subport • Subports bring isolation to container-in-VM use cases • Port forwarding can take us further • Vendors can implement new segmentation types • Tagged traffic that does not match a sub port, is considered of the trunk port Capabilities and Considerations 26
Copyright © PLUMgrid, Inc. 2011-2016 • Limitations • Policy is applied at the Host level • Initial only VLAN tags for segmentation type • Tags are unique per “trunk port” scope • VM users can alter subport traffic • Logging of VM actions is dependent on integration • Can't work with current OVS Capabilities and Considerations 27
Current Status 28
Copyright © PLUMgrid, Inc. 2011-2016 • Trunk Port Extension spec approved and code in progress • Binding profile workaround to proceed in parallel • Nested Container networking spec approved in Kuryr • Docker Swarm Integration completed • Kubernetes in progress • Mesos in design stages Current Status 29
Next Steps 30
Copyright © PLUMgrid, Inc. 2011-2016 • Follow up on the Neutron Trunk port implementation • Finish COE baremetal integration • Policy translation • Make Neutron resources available through native APIs • Magnum deployment prototype of worker VM with Kuryr agent • Magnum administrator VM that communicates with Neutron Next Steps 31
Questions 32
Join us at #openstack-kuryr THANK YOU! irc: #openstack-kuryr @ freenode

Recommended

Hands-on Lab: Test Drive Your OpenStack Network
Hands-on Lab: Test Drive Your OpenStack NetworkHands-on Lab: Test Drive Your OpenStack Network
Hands-on Lab: Test Drive Your OpenStack NetworkPLUMgrid
 
Networking For Nested Containers: Magnum, Kuryr, Neutron Integration
Networking For Nested Containers: Magnum, Kuryr, Neutron IntegrationNetworking For Nested Containers: Magnum, Kuryr, Neutron Integration
Networking For Nested Containers: Magnum, Kuryr, Neutron IntegrationFawad Khaliq
 
You Can Build Your OpenStack and Consume it Too
You Can Build Your OpenStack and Consume it TooYou Can Build Your OpenStack and Consume it Too
You Can Build Your OpenStack and Consume it TooPLUMgrid
 
Tap as a service: What you need to know now
Tap as a service: What you need to know nowTap as a service: What you need to know now
Tap as a service: What you need to know nowFawad Khaliq
 
Microservices Architectures with Docker Swarm, etcd, Kuryr and Neutron
Microservices Architectures with Docker Swarm, etcd, Kuryr and NeutronMicroservices Architectures with Docker Swarm, etcd, Kuryr and Neutron
Microservices Architectures with Docker Swarm, etcd, Kuryr and NeutronFawad Khaliq
 
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...Cloud Native Day Tel Aviv
 
Unified Underlay and Overlay SDNs for OpenStack Clouds
Unified Underlay and Overlay SDNs for OpenStack CloudsUnified Underlay and Overlay SDNs for OpenStack Clouds
Unified Underlay and Overlay SDNs for OpenStack CloudsPLUMgrid
 
Lessons learned from global telecom operators' cloud journeys - Zeev Likworni...
Lessons learned from global telecom operators' cloud journeys - Zeev Likworni...Lessons learned from global telecom operators' cloud journeys - Zeev Likworni...
Lessons learned from global telecom operators' cloud journeys - Zeev Likworni...Cloud Native Day Tel Aviv
 

Recommended

Hands-on Lab: Test Drive Your OpenStack Network
Hands-on Lab: Test Drive Your OpenStack NetworkHands-on Lab: Test Drive Your OpenStack Network
Hands-on Lab: Test Drive Your OpenStack NetworkPLUMgrid
 
Networking For Nested Containers: Magnum, Kuryr, Neutron Integration
Networking For Nested Containers: Magnum, Kuryr, Neutron IntegrationNetworking For Nested Containers: Magnum, Kuryr, Neutron Integration
Networking For Nested Containers: Magnum, Kuryr, Neutron IntegrationFawad Khaliq
 
You Can Build Your OpenStack and Consume it Too
You Can Build Your OpenStack and Consume it TooYou Can Build Your OpenStack and Consume it Too
You Can Build Your OpenStack and Consume it TooPLUMgrid
 
Tap as a service: What you need to know now
Tap as a service: What you need to know nowTap as a service: What you need to know now
Tap as a service: What you need to know nowFawad Khaliq
 
Microservices Architectures with Docker Swarm, etcd, Kuryr and Neutron
Microservices Architectures with Docker Swarm, etcd, Kuryr and NeutronMicroservices Architectures with Docker Swarm, etcd, Kuryr and Neutron
Microservices Architectures with Docker Swarm, etcd, Kuryr and NeutronFawad Khaliq
 
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...Cloud Native Day Tel Aviv
 
Unified Underlay and Overlay SDNs for OpenStack Clouds
Unified Underlay and Overlay SDNs for OpenStack CloudsUnified Underlay and Overlay SDNs for OpenStack Clouds
Unified Underlay and Overlay SDNs for OpenStack CloudsPLUMgrid
 
Lessons learned from global telecom operators' cloud journeys - Zeev Likworni...
Lessons learned from global telecom operators' cloud journeys - Zeev Likworni...Lessons learned from global telecom operators' cloud journeys - Zeev Likworni...
Lessons learned from global telecom operators' cloud journeys - Zeev Likworni...Cloud Native Day Tel Aviv
 
SDN Scale-out Testing at OpenStack Innovation Center (OSIC)
SDN Scale-out Testing at OpenStack Innovation Center (OSIC)SDN Scale-out Testing at OpenStack Innovation Center (OSIC)
SDN Scale-out Testing at OpenStack Innovation Center (OSIC)PLUMgrid
 
Simple, Scalable and Secure Networking for Data Centers with Project Calico
Simple, Scalable and Secure Networking for Data Centers with Project CalicoSimple, Scalable and Secure Networking for Data Centers with Project Calico
Simple, Scalable and Secure Networking for Data Centers with Project CalicoEmma Gordon
 
VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...
VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...
VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...Vietnam Open Infrastructure User Group
 
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...Cloud Native Day Tel Aviv
 
OpenStack & OpenContrail in Production
OpenStack & OpenContrail in ProductionOpenStack & OpenContrail in Production
OpenStack & OpenContrail in ProductionEdgar Magana
 
OpenStack As A Strategy For Future Growth at Cisco
OpenStack As A Strategy For Future Growth at CiscoOpenStack As A Strategy For Future Growth at Cisco
OpenStack As A Strategy For Future Growth at CiscoLew Tucker
 
Triangle Kubernetes Meetup: Container cloud networking - Contiv for K8S & Ope...
Triangle Kubernetes Meetup: Container cloud networking - Contiv for K8S & Ope...Triangle Kubernetes Meetup: Container cloud networking - Contiv for K8S & Ope...
Triangle Kubernetes Meetup: Container cloud networking - Contiv for K8S & Ope...Sanjeev Rampal
 
How we built Packet's bare metal cloud platform
How we built Packet's bare metal cloud platformHow we built Packet's bare metal cloud platform
How we built Packet's bare metal cloud platformPacket
 
Openstack Summit: Networking and policies across Containers and VMs
Openstack Summit: Networking and policies across Containers and VMsOpenstack Summit: Networking and policies across Containers and VMs
Openstack Summit: Networking and policies across Containers and VMsSanjeev Rampal
 
NYC Docker Meetup: Contiv networking on Docker
NYC Docker Meetup: Contiv networking on DockerNYC Docker Meetup: Contiv networking on Docker
NYC Docker Meetup: Contiv networking on DockerSanjeev Rampal
 
OpenStack and the Transformation of the Data Center - Lew Tucker
OpenStack and the Transformation of the Data Center - Lew TuckerOpenStack and the Transformation of the Data Center - Lew Tucker
OpenStack and the Transformation of the Data Center - Lew TuckerLew Tucker
 
BRKSDN-2115
BRKSDN-2115 BRKSDN-2115
BRKSDN-2115 Rohit Agarwalla
 
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...Karthik Prabhakar
 
Delivering Composable NFV Services for Business, Residential and Mobile Edge
Delivering Composable NFV Services for Business, Residential and Mobile EdgeDelivering Composable NFV Services for Business, Residential and Mobile Edge
Delivering Composable NFV Services for Business, Residential and Mobile EdgePLUMgrid
 
Revolutionizing IT and Telecom Industry with OpenStack, SDN and NFV
Revolutionizing IT and Telecom Industry with OpenStack, SDN and NFVRevolutionizing IT and Telecom Industry with OpenStack, SDN and NFV
Revolutionizing IT and Telecom Industry with OpenStack, SDN and NFVPLUMgrid
 
Agile OpenStack Networking with Cisco Solutions
Agile OpenStack Networking with Cisco SolutionsAgile OpenStack Networking with Cisco Solutions
Agile OpenStack Networking with Cisco SolutionsCisco DevNet
 
Container security within Cisco Container Platform
Container security within Cisco Container PlatformContainer security within Cisco Container Platform
Container security within Cisco Container PlatformSanjeev Rampal
 
Container Networking Meetup March 31 2016
Container Networking Meetup March 31 2016Container Networking Meetup March 31 2016
Container Networking Meetup March 31 2016Andrew Randall
 
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFVOpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFVCloud Native Day Tel Aviv
 
Navigating OpenStack Networking
Navigating OpenStack NetworkingNavigating OpenStack Networking
Navigating OpenStack NetworkingPLUMgrid
 
On Docker and its use for LHC at CERN
On Docker and its use for LHC at CERNOn Docker and its use for LHC at CERN
On Docker and its use for LHC at CERNSebastien Goasguen
 
Openstack Magnum: Container-as-a-Service
Openstack Magnum: Container-as-a-ServiceOpenstack Magnum: Container-as-a-Service
Openstack Magnum: Container-as-a-ServiceChhavi Agarwal
 

More Related Content

What's hot

SDN Scale-out Testing at OpenStack Innovation Center (OSIC)
SDN Scale-out Testing at OpenStack Innovation Center (OSIC)SDN Scale-out Testing at OpenStack Innovation Center (OSIC)
SDN Scale-out Testing at OpenStack Innovation Center (OSIC)PLUMgrid
 
Simple, Scalable and Secure Networking for Data Centers with Project Calico
Simple, Scalable and Secure Networking for Data Centers with Project CalicoSimple, Scalable and Secure Networking for Data Centers with Project Calico
Simple, Scalable and Secure Networking for Data Centers with Project CalicoEmma Gordon
 
VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...
VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...
VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...Vietnam Open Infrastructure User Group
 
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...Cloud Native Day Tel Aviv
 
OpenStack & OpenContrail in Production
OpenStack & OpenContrail in ProductionOpenStack & OpenContrail in Production
OpenStack & OpenContrail in ProductionEdgar Magana
 
OpenStack As A Strategy For Future Growth at Cisco
OpenStack As A Strategy For Future Growth at CiscoOpenStack As A Strategy For Future Growth at Cisco
OpenStack As A Strategy For Future Growth at CiscoLew Tucker
 
Triangle Kubernetes Meetup: Container cloud networking - Contiv for K8S & Ope...
Triangle Kubernetes Meetup: Container cloud networking - Contiv for K8S & Ope...Triangle Kubernetes Meetup: Container cloud networking - Contiv for K8S & Ope...
Triangle Kubernetes Meetup: Container cloud networking - Contiv for K8S & Ope...Sanjeev Rampal
 
How we built Packet's bare metal cloud platform
How we built Packet's bare metal cloud platformHow we built Packet's bare metal cloud platform
How we built Packet's bare metal cloud platformPacket
 
Openstack Summit: Networking and policies across Containers and VMs
Openstack Summit: Networking and policies across Containers and VMsOpenstack Summit: Networking and policies across Containers and VMs
Openstack Summit: Networking and policies across Containers and VMsSanjeev Rampal
 
NYC Docker Meetup: Contiv networking on Docker
NYC Docker Meetup: Contiv networking on DockerNYC Docker Meetup: Contiv networking on Docker
NYC Docker Meetup: Contiv networking on DockerSanjeev Rampal
 
OpenStack and the Transformation of the Data Center - Lew Tucker
OpenStack and the Transformation of the Data Center - Lew TuckerOpenStack and the Transformation of the Data Center - Lew Tucker
OpenStack and the Transformation of the Data Center - Lew TuckerLew Tucker
 
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...Karthik Prabhakar
 
Delivering Composable NFV Services for Business, Residential and Mobile Edge
Delivering Composable NFV Services for Business, Residential and Mobile EdgeDelivering Composable NFV Services for Business, Residential and Mobile Edge
Delivering Composable NFV Services for Business, Residential and Mobile EdgePLUMgrid
 
Revolutionizing IT and Telecom Industry with OpenStack, SDN and NFV
Revolutionizing IT and Telecom Industry with OpenStack, SDN and NFVRevolutionizing IT and Telecom Industry with OpenStack, SDN and NFV
Revolutionizing IT and Telecom Industry with OpenStack, SDN and NFVPLUMgrid
 
Agile OpenStack Networking with Cisco Solutions
Agile OpenStack Networking with Cisco SolutionsAgile OpenStack Networking with Cisco Solutions
Agile OpenStack Networking with Cisco SolutionsCisco DevNet
 
Container security within Cisco Container Platform
Container security within Cisco Container PlatformContainer security within Cisco Container Platform
Container security within Cisco Container PlatformSanjeev Rampal
 
Container Networking Meetup March 31 2016
Container Networking Meetup March 31 2016Container Networking Meetup March 31 2016
Container Networking Meetup March 31 2016Andrew Randall
 
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFVOpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFVCloud Native Day Tel Aviv
 
Navigating OpenStack Networking
Navigating OpenStack NetworkingNavigating OpenStack Networking
Navigating OpenStack NetworkingPLUMgrid
 

What's hot (20)

SDN Scale-out Testing at OpenStack Innovation Center (OSIC)
SDN Scale-out Testing at OpenStack Innovation Center (OSIC)SDN Scale-out Testing at OpenStack Innovation Center (OSIC)
SDN Scale-out Testing at OpenStack Innovation Center (OSIC)
 
Simple, Scalable and Secure Networking for Data Centers with Project Calico
Simple, Scalable and Secure Networking for Data Centers with Project CalicoSimple, Scalable and Secure Networking for Data Centers with Project Calico
Simple, Scalable and Secure Networking for Data Centers with Project Calico
 
VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...
VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...
VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...
 
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
 
OpenStack & OpenContrail in Production
OpenStack & OpenContrail in ProductionOpenStack & OpenContrail in Production
OpenStack & OpenContrail in Production
 
OpenStack As A Strategy For Future Growth at Cisco
OpenStack As A Strategy For Future Growth at CiscoOpenStack As A Strategy For Future Growth at Cisco
OpenStack As A Strategy For Future Growth at Cisco
 
Triangle Kubernetes Meetup: Container cloud networking - Contiv for K8S & Ope...
Triangle Kubernetes Meetup: Container cloud networking - Contiv for K8S & Ope...Triangle Kubernetes Meetup: Container cloud networking - Contiv for K8S & Ope...
Triangle Kubernetes Meetup: Container cloud networking - Contiv for K8S & Ope...
 
How we built Packet's bare metal cloud platform
How we built Packet's bare metal cloud platformHow we built Packet's bare metal cloud platform
How we built Packet's bare metal cloud platform
 
Openstack Summit: Networking and policies across Containers and VMs
Openstack Summit: Networking and policies across Containers and VMsOpenstack Summit: Networking and policies across Containers and VMs
Openstack Summit: Networking and policies across Containers and VMs
 
NYC Docker Meetup: Contiv networking on Docker
NYC Docker Meetup: Contiv networking on DockerNYC Docker Meetup: Contiv networking on Docker
NYC Docker Meetup: Contiv networking on Docker
 
OpenStack and the Transformation of the Data Center - Lew Tucker
OpenStack and the Transformation of the Data Center - Lew TuckerOpenStack and the Transformation of the Data Center - Lew Tucker
OpenStack and the Transformation of the Data Center - Lew Tucker
 
BRKSDN-2115
BRKSDN-2115 BRKSDN-2115
BRKSDN-2115
 
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
 
Delivering Composable NFV Services for Business, Residential and Mobile Edge
Delivering Composable NFV Services for Business, Residential and Mobile EdgeDelivering Composable NFV Services for Business, Residential and Mobile Edge
Delivering Composable NFV Services for Business, Residential and Mobile Edge
 
Revolutionizing IT and Telecom Industry with OpenStack, SDN and NFV
Revolutionizing IT and Telecom Industry with OpenStack, SDN and NFVRevolutionizing IT and Telecom Industry with OpenStack, SDN and NFV
Revolutionizing IT and Telecom Industry with OpenStack, SDN and NFV
 
Agile OpenStack Networking with Cisco Solutions
Agile OpenStack Networking with Cisco SolutionsAgile OpenStack Networking with Cisco Solutions
Agile OpenStack Networking with Cisco Solutions
 
Container security within Cisco Container Platform
Container security within Cisco Container PlatformContainer security within Cisco Container Platform
Container security within Cisco Container Platform
 
Container Networking Meetup March 31 2016
Container Networking Meetup March 31 2016Container Networking Meetup March 31 2016
Container Networking Meetup March 31 2016
 
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFVOpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV
 
Navigating OpenStack Networking
Navigating OpenStack NetworkingNavigating OpenStack Networking
Navigating OpenStack Networking
 

Viewers also liked

On Docker and its use for LHC at CERN
On Docker and its use for LHC at CERNOn Docker and its use for LHC at CERN
On Docker and its use for LHC at CERNSebastien Goasguen
 
Openstack Magnum: Container-as-a-Service
Openstack Magnum: Container-as-a-ServiceOpenstack Magnum: Container-as-a-Service
Openstack Magnum: Container-as-a-ServiceChhavi Agarwal
 
Securing Micro Services in Cloud Foundry
Securing Micro Services in Cloud FoundrySecuring Micro Services in Cloud Foundry
Securing Micro Services in Cloud FoundryPLUMgrid
 
วัดขวด
วัดขวดวัดขวด
วัดขวดkurumi1414
 
School spirit through virtual engagement
School spirit through virtual engagementSchool spirit through virtual engagement
School spirit through virtual engagementSara Katine
 
Mtc learnings from isv & enterprise (dated - Dec -2014)
Mtc learnings from isv & enterprise (dated - Dec -2014)Mtc learnings from isv & enterprise (dated - Dec -2014)
Mtc learnings from isv & enterprise (dated - Dec -2014)Govind Kanshi
 
เล่าเรื่องจากภาพ
เล่าเรื่องจากภาพเล่าเรื่องจากภาพ
เล่าเรื่องจากภาพkurumi1414
 
CHEMIST - FAWZY FAWZY MASSOUD
CHEMIST - FAWZY FAWZY MASSOUDCHEMIST - FAWZY FAWZY MASSOUD
CHEMIST - FAWZY FAWZY MASSOUDfawzy massoud
 
CHEMIST - FAWZY FAWZY MASSOUD
CHEMIST - FAWZY FAWZY MASSOUDCHEMIST - FAWZY FAWZY MASSOUD
CHEMIST - FAWZY FAWZY MASSOUDfawzy massoud
 
Comprehensive diebetic care at Base Hospital Panadura
Comprehensive diebetic care at Base Hospital PanaduraComprehensive diebetic care at Base Hospital Panadura
Comprehensive diebetic care at Base Hospital Panaduradianasagari kiriwandeniya
 
View and Data API のご紹介 @ WebGL Meetup #2
View and Data API のご紹介 @ WebGL Meetup #2View and Data API のご紹介 @ WebGL Meetup #2
View and Data API のご紹介 @ WebGL Meetup #2Isezaki Toshiaki
 
Factors affecting the Sustainable Waste Management program
Factors affecting the Sustainable Waste Management programFactors affecting the Sustainable Waste Management program
Factors affecting the Sustainable Waste Management programdianasagari kiriwandeniya
 

Viewers also liked (18)

On Docker and its use for LHC at CERN
On Docker and its use for LHC at CERNOn Docker and its use for LHC at CERN
On Docker and its use for LHC at CERN
 
Openstack Magnum: Container-as-a-Service
Openstack Magnum: Container-as-a-ServiceOpenstack Magnum: Container-as-a-Service
Openstack Magnum: Container-as-a-Service
 
Securing Micro Services in Cloud Foundry
Securing Micro Services in Cloud FoundrySecuring Micro Services in Cloud Foundry
Securing Micro Services in Cloud Foundry
 
วัดขวด
วัดขวดวัดขวด
วัดขวด
 
APEX v15a 02162015
APEX v15a 02162015APEX v15a 02162015
APEX v15a 02162015
 
School spirit through virtual engagement
School spirit through virtual engagementSchool spirit through virtual engagement
School spirit through virtual engagement
 
Mtc learnings from isv & enterprise (dated - Dec -2014)
Mtc learnings from isv & enterprise (dated - Dec -2014)Mtc learnings from isv & enterprise (dated - Dec -2014)
Mtc learnings from isv & enterprise (dated - Dec -2014)
 
เล่าเรื่องจากภาพ
เล่าเรื่องจากภาพเล่าเรื่องจากภาพ
เล่าเรื่องจากภาพ
 
CHEMIST - FAWZY FAWZY MASSOUD
CHEMIST - FAWZY FAWZY MASSOUDCHEMIST - FAWZY FAWZY MASSOUD
CHEMIST - FAWZY FAWZY MASSOUD
 
CHEMIST - FAWZY FAWZY MASSOUD
CHEMIST - FAWZY FAWZY MASSOUDCHEMIST - FAWZY FAWZY MASSOUD
CHEMIST - FAWZY FAWZY MASSOUD
 
Gasoline
GasolineGasoline
Gasoline
 
Jeegar Rathod - QA
Jeegar Rathod - QAJeegar Rathod - QA
Jeegar Rathod - QA
 
Sandeep G Resume
Sandeep G ResumeSandeep G Resume
Sandeep G Resume
 
Intern Paper
Intern PaperIntern Paper
Intern Paper
 
Code Orange
Code OrangeCode Orange
Code Orange
 
Comprehensive diebetic care at Base Hospital Panadura
Comprehensive diebetic care at Base Hospital PanaduraComprehensive diebetic care at Base Hospital Panadura
Comprehensive diebetic care at Base Hospital Panadura
 
View and Data API のご紹介 @ WebGL Meetup #2
View and Data API のご紹介 @ WebGL Meetup #2View and Data API のご紹介 @ WebGL Meetup #2
View and Data API のご紹介 @ WebGL Meetup #2
 
Factors affecting the Sustainable Waste Management program
Factors affecting the Sustainable Waste Management programFactors affecting the Sustainable Waste Management program
Factors affecting the Sustainable Waste Management program
 

Similar to Networking For Nested Containers: Magnum, Kuryr, Neutron Integration

MidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a BoostMidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a BoostOpenStack_Online
 
OpenStack Neutron: What's New In Kilo and a Look Toward Liberty
OpenStack Neutron: What's New In Kilo and a Look Toward LibertyOpenStack Neutron: What's New In Kilo and a Look Toward Liberty
OpenStack Neutron: What's New In Kilo and a Look Toward Libertymestery
 
MidoNet Overview - OpenStack and SDN integration
MidoNet Overview - OpenStack and SDN integrationMidoNet Overview - OpenStack and SDN integration
MidoNet Overview - OpenStack and SDN integrationAkhilesh Dhawan
 
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack NetworkingONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networkingmarkmcclain
 
Building managedprivatecloud kvh_vancouversummit
Building managedprivatecloud kvh_vancouversummitBuilding managedprivatecloud kvh_vancouversummit
Building managedprivatecloud kvh_vancouversummitmatsunota
 
The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...
The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...
The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...Daniel Krook
 
You Can Build Your OpenStack and Consume it Too
You Can Build Your OpenStack and Consume it TooYou Can Build Your OpenStack and Consume it Too
You Can Build Your OpenStack and Consume it TooPLUMgrid
 
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlow
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlowCloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlow
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlowCohesive Networks
 
OpenStack Neutron Liberty Updates
OpenStack Neutron Liberty UpdatesOpenStack Neutron Liberty Updates
OpenStack Neutron Liberty Updatesmestery
 
Implementing vCPE with OpenStack and Software Defined Networks
Implementing vCPE with OpenStack and Software Defined NetworksImplementing vCPE with OpenStack and Software Defined Networks
Implementing vCPE with OpenStack and Software Defined NetworksPLUMgrid
 
Neutron Updates - Liberty Edition
Neutron Updates - Liberty Edition Neutron Updates - Liberty Edition
Neutron Updates - Liberty Edition OpenStack Foundation
 
OVNC 2015-Open Ethernet과 SDN을 통한 Mellanox의 차세대 네트워크 혁신 방안
OVNC 2015-Open Ethernet과 SDN을 통한 Mellanox의 차세대 네트워크 혁신 방안OVNC 2015-Open Ethernet과 SDN을 통한 Mellanox의 차세대 네트워크 혁신 방안
OVNC 2015-Open Ethernet과 SDN을 통한 Mellanox의 차세대 네트워크 혁신 방안NAIM Networks, Inc.
 
Unlock Your Cloud Potential with Mirantis OpenStack & Cumulus Linux
Unlock Your Cloud Potential with Mirantis OpenStack & Cumulus LinuxUnlock Your Cloud Potential with Mirantis OpenStack & Cumulus Linux
Unlock Your Cloud Potential with Mirantis OpenStack & Cumulus LinuxCumulus Networks
 
Mirantis OpenStack and Cumulus Linux Webinar
Mirantis OpenStack and Cumulus Linux WebinarMirantis OpenStack and Cumulus Linux Webinar
Mirantis OpenStack and Cumulus Linux WebinarKamesh Pemmaraju
 
Cloud Computing with OpenStack
Cloud Computing with OpenStackCloud Computing with OpenStack
Cloud Computing with OpenStackinside-BigData.com
 
DESIGN OF BARE METAL FABRICS - Built with SDN, Bare Metal Switches, and Merch...
DESIGN OF BARE METAL FABRICS - Built with SDN, Bare Metal Switches, and Merch...DESIGN OF BARE METAL FABRICS - Built with SDN, Bare Metal Switches, and Merch...
DESIGN OF BARE METAL FABRICS - Built with SDN, Bare Metal Switches, and Merch...Open Networking Summits
 
NSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
NSX: La Virtualizzazione di Rete e il Futuro della SicurezzaNSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
NSX: La Virtualizzazione di Rete e il Futuro della SicurezzaVMUG IT
 
Open stack networking_101_update_2014-os-meetups
Open stack networking_101_update_2014-os-meetupsOpen stack networking_101_update_2014-os-meetups
Open stack networking_101_update_2014-os-meetupsyfauser
 

Similar to Networking For Nested Containers: Magnum, Kuryr, Neutron Integration (20)

MidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a BoostMidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a Boost
 
OpenStack Neutron: What's New In Kilo and a Look Toward Liberty
OpenStack Neutron: What's New In Kilo and a Look Toward LibertyOpenStack Neutron: What's New In Kilo and a Look Toward Liberty
OpenStack Neutron: What's New In Kilo and a Look Toward Liberty
 
MidoNet Overview - OpenStack and SDN integration
MidoNet Overview - OpenStack and SDN integrationMidoNet Overview - OpenStack and SDN integration
MidoNet Overview - OpenStack and SDN integration
 
5G Microservices
5G Microservices5G Microservices
5G Microservices
 
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack NetworkingONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
 
Building managedprivatecloud kvh_vancouversummit
Building managedprivatecloud kvh_vancouversummitBuilding managedprivatecloud kvh_vancouversummit
Building managedprivatecloud kvh_vancouversummit
 
The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...
The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...
The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...
 
You Can Build Your OpenStack and Consume it Too
You Can Build Your OpenStack and Consume it TooYou Can Build Your OpenStack and Consume it Too
You Can Build Your OpenStack and Consume it Too
 
Microservices K8S
Microservices K8SMicroservices K8S
Microservices K8S
 
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlow
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlowCloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlow
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlow
 
OpenStack Neutron Liberty Updates
OpenStack Neutron Liberty UpdatesOpenStack Neutron Liberty Updates
OpenStack Neutron Liberty Updates
 
Implementing vCPE with OpenStack and Software Defined Networks
Implementing vCPE with OpenStack and Software Defined NetworksImplementing vCPE with OpenStack and Software Defined Networks
Implementing vCPE with OpenStack and Software Defined Networks
 
Neutron Updates - Liberty Edition
Neutron Updates - Liberty Edition Neutron Updates - Liberty Edition
Neutron Updates - Liberty Edition
 
OVNC 2015-Open Ethernet과 SDN을 통한 Mellanox의 차세대 네트워크 혁신 방안
OVNC 2015-Open Ethernet과 SDN을 통한 Mellanox의 차세대 네트워크 혁신 방안OVNC 2015-Open Ethernet과 SDN을 통한 Mellanox의 차세대 네트워크 혁신 방안
OVNC 2015-Open Ethernet과 SDN을 통한 Mellanox의 차세대 네트워크 혁신 방안
 
Unlock Your Cloud Potential with Mirantis OpenStack & Cumulus Linux
Unlock Your Cloud Potential with Mirantis OpenStack & Cumulus LinuxUnlock Your Cloud Potential with Mirantis OpenStack & Cumulus Linux
Unlock Your Cloud Potential with Mirantis OpenStack & Cumulus Linux
 
Mirantis OpenStack and Cumulus Linux Webinar
Mirantis OpenStack and Cumulus Linux WebinarMirantis OpenStack and Cumulus Linux Webinar
Mirantis OpenStack and Cumulus Linux Webinar
 
Cloud Computing with OpenStack
Cloud Computing with OpenStackCloud Computing with OpenStack
Cloud Computing with OpenStack
 
DESIGN OF BARE METAL FABRICS - Built with SDN, Bare Metal Switches, and Merch...
DESIGN OF BARE METAL FABRICS - Built with SDN, Bare Metal Switches, and Merch...DESIGN OF BARE METAL FABRICS - Built with SDN, Bare Metal Switches, and Merch...
DESIGN OF BARE METAL FABRICS - Built with SDN, Bare Metal Switches, and Merch...
 
NSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
NSX: La Virtualizzazione di Rete e il Futuro della SicurezzaNSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
NSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
 
Open stack networking_101_update_2014-os-meetups
Open stack networking_101_update_2014-os-meetupsOpen stack networking_101_update_2014-os-meetups
Open stack networking_101_update_2014-os-meetups
 

More from PLUMgrid

In-kernel Analytics and Tracing with eBPF for OpenStack Clouds
In-kernel Analytics and Tracing with eBPF for OpenStack CloudsIn-kernel Analytics and Tracing with eBPF for OpenStack Clouds
In-kernel Analytics and Tracing with eBPF for OpenStack CloudsPLUMgrid
 
Monitoring Security Policies for Container and OpenStack Clouds
Monitoring Security Policies for Container and OpenStack CloudsMonitoring Security Policies for Container and OpenStack Clouds
Monitoring Security Policies for Container and OpenStack CloudsPLUMgrid
 
Service Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices ArchitectureService Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices ArchitecturePLUMgrid
 
Design and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use CasesDesign and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use CasesPLUMgrid
 
How to Quickly Implement a Secure Cloud for Government and Military | Webinar
How to Quickly Implement a Secure Cloud for Government and Military | WebinarHow to Quickly Implement a Secure Cloud for Government and Military | Webinar
How to Quickly Implement a Secure Cloud for Government and Military | WebinarPLUMgrid
 
OpenStack and Application Delivery: Joy and Pain of an Intricate Relationship
OpenStack and Application Delivery: Joy and Pain of an Intricate RelationshipOpenStack and Application Delivery: Joy and Pain of an Intricate Relationship
OpenStack and Application Delivery: Joy and Pain of an Intricate RelationshipPLUMgrid
 
See Your OpenStack Network Like Never Before with Real-time Visibility and Mo...
See Your OpenStack Network Like Never Before with Real-time Visibility and Mo...See Your OpenStack Network Like Never Before with Real-time Visibility and Mo...
See Your OpenStack Network Like Never Before with Real-time Visibility and Mo...PLUMgrid
 
Docker Networking in Swarm, Mesos and Kubernetes [Docker Meetup Santa Clara |...
Docker Networking in Swarm, Mesos and Kubernetes [Docker Meetup Santa Clara |...Docker Networking in Swarm, Mesos and Kubernetes [Docker Meetup Santa Clara |...
Docker Networking in Swarm, Mesos and Kubernetes [Docker Meetup Santa Clara |...PLUMgrid
 
Building a Scalable Federated Hybrid Cloud
Building a Scalable Federated Hybrid CloudBuilding a Scalable Federated Hybrid Cloud
Building a Scalable Federated Hybrid CloudPLUMgrid
 
Managing Multi-hypervisor OpenStack Cloud with Single Virtual Network
Managing Multi-hypervisor OpenStack Cloud with Single Virtual NetworkManaging Multi-hypervisor OpenStack Cloud with Single Virtual Network
Managing Multi-hypervisor OpenStack Cloud with Single Virtual NetworkPLUMgrid
 
See Your OpenStack Network Like Never Before
See Your OpenStack Network Like Never BeforeSee Your OpenStack Network Like Never Before
See Your OpenStack Network Like Never BeforePLUMgrid
 
EBPF and Linux Networking
EBPF and Linux NetworkingEBPF and Linux Networking
EBPF and Linux NetworkingPLUMgrid
 
Federation manager demo
Federation manager demoFederation manager demo
Federation manager demoPLUMgrid
 
Network Monitoring and Analytics
Network Monitoring and AnalyticsNetwork Monitoring and Analytics
Network Monitoring and AnalyticsPLUMgrid
 
Testing the limits of cloud networks
Testing the limits of cloud networksTesting the limits of cloud networks
Testing the limits of cloud networksPLUMgrid
 
Docker Networking in OpenStack: What you need to know now
Docker Networking in OpenStack: What you need to know nowDocker Networking in OpenStack: What you need to know now
Docker Networking in OpenStack: What you need to know nowPLUMgrid
 

More from PLUMgrid (16)

In-kernel Analytics and Tracing with eBPF for OpenStack Clouds
In-kernel Analytics and Tracing with eBPF for OpenStack CloudsIn-kernel Analytics and Tracing with eBPF for OpenStack Clouds
In-kernel Analytics and Tracing with eBPF for OpenStack Clouds
 
Monitoring Security Policies for Container and OpenStack Clouds
Monitoring Security Policies for Container and OpenStack CloudsMonitoring Security Policies for Container and OpenStack Clouds
Monitoring Security Policies for Container and OpenStack Clouds
 
Service Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices ArchitectureService Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices Architecture
 
Design and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use CasesDesign and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use Cases
 
How to Quickly Implement a Secure Cloud for Government and Military | Webinar
How to Quickly Implement a Secure Cloud for Government and Military | WebinarHow to Quickly Implement a Secure Cloud for Government and Military | Webinar
How to Quickly Implement a Secure Cloud for Government and Military | Webinar
 
OpenStack and Application Delivery: Joy and Pain of an Intricate Relationship
OpenStack and Application Delivery: Joy and Pain of an Intricate RelationshipOpenStack and Application Delivery: Joy and Pain of an Intricate Relationship
OpenStack and Application Delivery: Joy and Pain of an Intricate Relationship
 
See Your OpenStack Network Like Never Before with Real-time Visibility and Mo...
See Your OpenStack Network Like Never Before with Real-time Visibility and Mo...See Your OpenStack Network Like Never Before with Real-time Visibility and Mo...
See Your OpenStack Network Like Never Before with Real-time Visibility and Mo...
 
Docker Networking in Swarm, Mesos and Kubernetes [Docker Meetup Santa Clara |...
Docker Networking in Swarm, Mesos and Kubernetes [Docker Meetup Santa Clara |...Docker Networking in Swarm, Mesos and Kubernetes [Docker Meetup Santa Clara |...
Docker Networking in Swarm, Mesos and Kubernetes [Docker Meetup Santa Clara |...
 
Building a Scalable Federated Hybrid Cloud
Building a Scalable Federated Hybrid CloudBuilding a Scalable Federated Hybrid Cloud
Building a Scalable Federated Hybrid Cloud
 
Managing Multi-hypervisor OpenStack Cloud with Single Virtual Network
Managing Multi-hypervisor OpenStack Cloud with Single Virtual NetworkManaging Multi-hypervisor OpenStack Cloud with Single Virtual Network
Managing Multi-hypervisor OpenStack Cloud with Single Virtual Network
 
See Your OpenStack Network Like Never Before
See Your OpenStack Network Like Never BeforeSee Your OpenStack Network Like Never Before
See Your OpenStack Network Like Never Before
 
EBPF and Linux Networking
EBPF and Linux NetworkingEBPF and Linux Networking
EBPF and Linux Networking
 
Federation manager demo
Federation manager demoFederation manager demo
Federation manager demo
 
Network Monitoring and Analytics
Network Monitoring and AnalyticsNetwork Monitoring and Analytics
Network Monitoring and Analytics
 
Testing the limits of cloud networks
Testing the limits of cloud networksTesting the limits of cloud networks
Testing the limits of cloud networks
 
Docker Networking in OpenStack: What you need to know now
Docker Networking in OpenStack: What you need to know nowDocker Networking in OpenStack: What you need to know now
Docker Networking in OpenStack: What you need to know now
 

Recently uploaded

Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 

Recently uploaded (20)

Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 

Networking For Nested Containers: Magnum, Kuryr, Neutron Integration

  • 1. Magnum, Kuryr, Neutron Integration Networking for Nested Containers Fawad Khaliq - @fawadkhaliq Antoni Segura – @celebdor Gal Sagie - @GalSagie
  • 2. Copyright © PLUMgrid, Inc. 2011-2016 Introduction Speakers Sr. Software Engineer PLUMgrid Khaliq Fawad 2 Senior Engineer Midokura Segura Antoni Architect Huawei Sagie Gal
  • 3. Copyright © PLUMgrid, Inc. 2011-2016 • Magnum, Neutron • Kuryr • Nested Containers and Networking Problem • Nested Containers Networking – Solution/Design • Capabilities and considerations • Current Status • Next Steps • Q&A Agenda 3
  • 5. Copyright © PLUMgrid, Inc. 2011-2016 Magnum Container-as-a-service in OpenStack 5 Docker Swarm (Bay) Nova Instance Container Container Container Nova Instance Container Container Container
  • 6. Copyright © PLUMgrid, Inc. 2011-2016 Magnum Container-as-a-service in OpenStack 6 Kubernetes (Bay) Nova Instance Pod Container Container Nova Instance Pod Container Container
  • 7. Copyright © PLUMgrid, Inc. 2011-20167
  • 9. Copyright © PLUMgrid, Inc. 2011-2016 • Provides “network as a service” • Provides rich network topologies • Technology agnostic; pluggable networking backends • Extensible • Offers advanced services like LBaas, VPNaas, FWaas etc Neutron 9
  • 11. Copyright © PLUMgrid, Inc. 2011-2016 Kuryr 11 Neutron as the 
 production-ready 
 networking abstraction
 containers need
  • 12. Copyright © PLUMgrid, Inc. 2011-2016 VM/Container Networking: Similar Concepts 12 Docker C1 Docker C2 Docker C3 libNetwork Endpoint Endpoint EndpointEndpoint Frontend Network Backend Network Network Sandbox Network Sandbox Network Sandbox VM2 192.168.1.7 192.168.5.2 VM1 Tenant A Net1 192.168.1.0/0 Tenant A Net2 192.168.5.0/0 192.168.1.5 Neutron
  • 13. Copyright © PLUMgrid, Inc. 2011-2016 • Open source • Part of OpenStack Big-Tent • Brings the Neutron networking model to containers • Aims to support different Container Runtimes (docker, rkt, etc) • E.g. Kubernetes, Mesos, Docker Swarm • Weekly IRC meetings • Working together with OpenStack community • Neutron, Magnum, Kolla Kuryr Project Overview 13
  • 14. Copyright © PLUMgrid, Inc. 2011-2016 Kuryr Components 14 Configuration ManagementKuryr libNetwork Network Plugin K8S CNI Driver Keystone Authentication & Neutron Client Interface Generic VIF Binding Kuryr libNetwork IPAM Plugin
  • 15. Problems with current Nested Containers Why do we need to consider this as a special scenario? 15
  • 16. Copyright © PLUMgrid, Inc. 2011-2016 • Two Separate networking infrastructures • Hard to enforce network policy (N-tier applications) • Security and Isolation • Performance and unneeded overhead Problems with Current Nested Containers Networking 16
  • 17. Copyright © PLUMgrid, Inc. 2011-2016 Problems with Current Nested Containers Networking 17 Docker 0 OVS VXLAN Overlay VM Docker 0 Neutron Plugin VXLAN Overlay VM SDN Overlay Neutron Overlay
  • 18. Copyright © PLUMgrid, Inc. 2011-2016 Problems with Current Nested Containers Networking 18 Neutron Networks VMVM VM Tenant A Net1 192.168.1.0/0
  • 19. Copyright © PLUMgrid, Inc. 2011-2016 Problems with Current Nested Containers Networking 19 Container Networks VMVM VM Backend Network 10.2.0.0/24 Endpoint Endpoint Endpoint Endpoint Endpoint Endpoint Endpoint Frontend Network 10.1.0.0/24
  • 20. Nested Container Networking Solution Design for the nested container networking in OpenStack 20
  • 21. Copyright © PLUMgrid, Inc. 2011-2016 • Nested/baremetal container to nested/baremetal container same/ different hosts • Nested/baremetal container to virtual machine communication • Nested/baremetal container to baremetal communication • Container networking as a first class entity in Neutron • Consistent policy enforcement across containers, VMs, bare metal • Enable advanced networking services like FWaas, LBaas, VPNaas etc Nested Container Networking Use Cases 21
  • 22. Copyright © PLUMgrid, Inc. 2011-2016 Nested Container Networking Design Magnum, Kuryr, Neutron Integration 22 VLAN:100 VLAN:200 VLAN:400 VLAN:100
  • 23. Copyright © PLUMgrid, Inc. 2011-2016 Neutron Trunk Ports 23 Nova Instance port-1 port-0 port-2 network-1 network-0 network-2 Port combined into one vif by turning port-0 into trunk and other ports into supports of the trunk
  • 24. Copyright © PLUMgrid, Inc. 2011-201624
  • 26. Copyright © PLUMgrid, Inc. 2011-2016 • Neutron resources spec approved and patches under review • Trunk • Subport • Subports bring isolation to container-in-VM use cases • Port forwarding can take us further • Vendors can implement new segmentation types • Tagged traffic that does not match a sub port, is considered of the trunk port Capabilities and Considerations 26
  • 27. Copyright © PLUMgrid, Inc. 2011-2016 • Limitations • Policy is applied at the Host level • Initial only VLAN tags for segmentation type • Tags are unique per “trunk port” scope • VM users can alter subport traffic • Logging of VM actions is dependent on integration • Can't work with current OVS Capabilities and Considerations 27
  • 29. Copyright © PLUMgrid, Inc. 2011-2016 • Trunk Port Extension spec approved and code in progress • Binding profile workaround to proceed in parallel • Nested Container networking spec approved in Kuryr • Docker Swarm Integration completed • Kubernetes in progress • Mesos in design stages Current Status 29
  • 31. Copyright © PLUMgrid, Inc. 2011-2016 • Follow up on the Neutron Trunk port implementation • Finish COE baremetal integration • Policy translation • Make Neutron resources available through native APIs • Magnum deployment prototype of worker VM with Kuryr agent • Magnum administrator VM that communicates with Neutron Next Steps 31
  • 33. Join us at #openstack-kuryr THANK YOU! irc: #openstack-kuryr @ freenode