20220406 - SDAN_Presentation1_SDANOverview.pdf

1 © Nokia 2020
Software Defined Access
Networks (SDAN)
Session 1: Infrastructure
23 March 2022
Erick Santin
LAT RBC Customer Engineering

2 © Nokia 2020
2 © Nokia 2020
1
2
Agenda
Infrastructure
Evolution
Monolithic / Microservices
Container
Docker
Logical Architecture
Image System
Dockerfile and Operational Aspects
3
Kubernetes
Main Objects & Architecture
Basic Concepts
Template System
4 Altiplano
Microservices

3 © Nokia 2020
3 © Nokia 2020
1
2
Agenda
Infrastructure
Evolution
Container
Docker
Image System
3
Kubernetes
Basic Concepts
Template System
4 Altiplano
Microservices

4 © Nokia 2020
SDAN
DevOps
Helm Pod
Microservice
Virtualization
VM
Namespace
Container
Docker
Kubernetes
K8S
Monolithic
API
Cloud
Cluster
Borg
Stateful
Stateless
CNF
Orchestration
Kubelet

5 © Nokia 2020
Infrastructure
Systems Evolution
Server
Hypervisor
Guest
OS
Guest
OS
Guest
OS
App A App B App C
VM
Server
Host OS
Hypervisor
Guest
OS
Guest
OS
Guest
OS
App A App B App C
VM
Server
OS
Applications
Bare Metal Virtualization

6 © Nokia 2020
Infrastructure
Systems Evolution
Server
Host OS
Bin/lib Bin/lib
App
A
App
B
App
C
App
C
App
C
App
D
Container
Container Runtime
Bare Metal
VM
Container Server
Host OS
Bin/libs Bin/lib
s
Hypervisor
Guest OS OS
App A App B App C
Container Runtime CRT
Virtualization
VM
Container
Server
Bin/libs Bin/lib
s
Hypervisor
Guest OS OS
App A App B App C
Virtualization

7 © Nokia 2020
Infrastructure
Systems Evolution
VM
Container
Server
Bin/libs Bin/lib
s
Hypervisor
Guest OS OS
App A App B App C
Virtualization
VM
Container
Server
Bin/lib
s
Hypervisor (OpenStack or
VMware)
OS
App C
CRT
Virtualization

8 © Nokia 2020
Infrastructure
Monolithic software
Monolithic: the complete software is developed in s single unit

9 © Nokia 2020
Infrastructure
Microservices
Microservices are independent applications that interact to delivery a service

10 © Nokia 2020
Infrastructure
Kernel - namespace
Namespace
Process
isolation (PID)
Network
interfaces
Unix
Timesharing
Mount
Interprocess
Communication
Namespace is a Linux kernel feature that wraps a
global system resource in an abstraction that makes
it appear to the processes within the namespace
that they have their own isolated instance of the
global resource.
Namespace exist for each type of resource,
including: network (net), storage (mnt), process (pid),
UTS (host control) and user (UID).
Note that namespaces do not restrict access to
physical resources such as CPU, memory and disk.
user
CGroup

11 © Nokia 2020
Infrastructure
Kernel - namespace
Memory
CPU
Linux System
cgroups is a Linux namespace that allows to
allocate resources — such as CPU time,
system memory, network bandwidth, or
combinations of these resources — among
user-defined groups of tasks (processes)
running on a system.
Using cgroups, system administrators gain
fine-grained control over allocating,
prioritizing, denying, managing, and
monitoring system resources.
I/O
Processes
100 m
.5 cpu 25%

12 © Nokia 2020
Infrastructure
What is a Container?
Hardware
Server
Operating System (OS)
Kernel
P P P
P P P
namespace
cgroups
P
The kernel is a computer program at the core of a
Operating System (OS) with complete control over
everything in the system facilitating the interaction
between hardware and software
Container is a standard unit of software that
encapsulates discrete components of application logic
provisioned only with the minimal resources needed to
do their job. Containers isolates applications one from
another and the underlying infrastructure, while
providing an added layer of protection for the
application.

13 © Nokia 2020
Infrastructure
Why Containers & Microservices?
Hardware
Operating System (OS)
Libs Deps
Messaging Orchestration
Database
Container Runtime
Libs Deps
Web Server
Libs Deps Libs Deps
Container Runtime
is a computer
software that
executes container
and manages
container image on
the node.
Libraries Dependencies
My Web Application

14 © Nokia 2020
14 © Nokia 2020
1
2
Agenda
Infrastructure
Evolution
Container
Docker
Image System
3
Kubernetes
Basic Concepts
Template System
4 Altiplano
Microservices

15 © Nokia 2020
Docker Container
Container Runtime
Docker was released in 2013 and solved many of the problems that
developers had running containers end-to-end.
With a simplified operation, it had some additional features not
included the other containers runtime, which quickly make Docker the
new standard container platform:
• A container image format
• A method for building container images
• A way to manage container images
• A way to manage instances of containers
• A way to share container images
• A way to run containers
Docker transformed the way containers have been managed
https://docs.docker.com/

16 © Nokia 2020
9124a5a56bff8041f466c0e87dedc85def8d94f56963f3141711f5f3341add7a
Docker Container
Container Creation Flow
Node 1
Operating System
eth0
192.168.0.2
Network
Docker
Repository
Container Runtime
Cache
010
101
0
110
0
010
1
PULL
RUN
RUN
010
101
0
110
0
010
1
docker run –d --name myapp busybox sleep 1000
2 Check if image exist in the internal cache
3 Pull the image from Docker repository
4 Store image in internal cache
5 Invoke the container runtime
1 Docker client invoke Docker daemon
6 Create namespace and cgroups
7 Create “myapp” container
Namespace A

17 © Nokia 2020
Docker Container
IP Assignment Behavior
Hardware
Docker Node
Container Runtime
docker0
eth0
10.1.0.2
Namespace A
veth0
eth0
172.17.0.2
Routing table
NAT
veth1
172.17.0.0 docker0
Namespace B
eth0
172.17.0.3
Namespace C
veth2
eth0
172.17.0.4
Namespace D
veth3
eth0
172.17.0.5
Containers are ephemerals.
They are created to execute a
task, when they finish the task
then they are terminated.
If some error condition occurs,
the Docker container is
terminated, and need
intervention to be created again.

18 © Nokia 2020
Docker Container
Volume
Hardware
Docker Node
Container Runtime
Namespace A
Containers are ephemerals.
Every container has assigned a temporary volume that
will be responsible to store all the data while this
container is active. When the container is terminated,
all the data is purged automatically.
Volumes are used to make persistent the application
data, then allowing recovery and sharing with other
containers.
docker run --name=db –v /opt/datadir:/var/lib/mysql mysql

20 © Nokia 2020
Docker Container
Containers Communication
Node 1
Container Runtime
172.17.0.1
docker0
Node 3
Container Runtime
Container Runtime
Node 2
172.17.0.1
docker0
172.17.0.1
docker0
eth0
192.168.0.1
Network
eth0
192.168.0.2
eth0
192.168.0.3
Communication across the node requires port exposing and routing preparation

21 © Nokia 2020
Container Runtime Container Runtime Container Runtime
Docker Container
How Manage

22 © Nokia 2020
22 © Nokia 2020
1
2
Agenda
Infrastructure
Evolution
Container
Docker
Image System
3
Kubernetes
Definition
Basic Concepts
Template System
4 Altiplano
Microservices

23 © Nokia 2020
Kubernetes
High Level Architecture
• Initially developed and announced by Google in 2014 and called “Borg”
• Kubernetes (K8S) is now an open-source system for automating deployment, scaling, and
management of containerized applications
• It is the Greek word (Kυβερνήτης) for “helmsman” or “pilot”, i.e. it is helping you navigate the murky
waters of cloud computing and containerized applications…
• K8S is a containers orchestration system (just like the orchestration systems for managing VMs used
by OpenStack, VmWare, NOKIA Cloudband, AWS)
• K8S runs Docker containers continuously, handling:
• Container failures
• Host failures (note: K8S manages the applications, not the hosts)
• Manages a cluster of containers as a single system
• Allows for accelerating Development and simplifying Operations

24 © Nokia 2020
Kubernetes
• Deployment
• K8S runs as a cluster on multiple nodes (physical or VMs)
• A cluster consists of one or two Master Nodes and multiple Worker Nodes
• Master Node provides the control plane for management the Application containers running on the
Workers
• Worker node is where the actual Application containers are created
• Why Cluster?
• Master is the control, and typically you need two Masters for protection
• But cluster is more for the fact you define cluster of nodes where your containers get created by K8S.
This allows for scaling, protection, if one node dies, K8S will recreate the container elsewhere; The use
of cluster even allows for utilizing numerous smaller machines for running a bigger application
• Cluster means that Masters and Workers belong to the same “network” entity, an Application can be
reached by pointing to any of the nodes’ IP
• e.g. HTTP to the Master and it will internally find where the Application runs and proxy the request

25 © Nokia 2020
Kubernetes
• Pod
• Refers to collection of one or more containers with shared storage/network, and a specification for
how to run the containers as a whole
• This is the smallest deployable K8S object
• Ephemeral, rather than durable, if Pod is deleted all containers get deleted
• Service
• Abstraction that refers to logical set of Pods, i.e. collection of one or more Pods
• Service is the object that provides external access to the Applications
• For Altiplano we need to consider the K8S Services and not the Docker containers
• Volume
• This is an abstraction that follows the same Volume concept in Docker. Solves the problems related
to:
• Files being lost between Container restarts
• Shared files needed for Containers together in a Pod
• When a Pod ceases to exist, the volume also ceases to exist
=

26 © Nokia 2020
Kubernetes
• Helm is a tool
• Helm is THE package manager for Kubernetes
• It simplifies the use of K8S by replacing multiple K8S cli commands with “single” operation
• Main component of the Helm tool are so called Helm Charts
• Helm Charts helps you define, install, and upgrade even the most complex Kubernetes application
• Charts are easy to create, version, share, and publish
• We release Altiplano software in the form of Docker Images with Docker Containers described within Helm
Charts

27 © Nokia 2020
Kubernetes
K8s
Master
K8s
Master
K8s
Master
K8s
Worker
K8s
Worker
K8s
Worker
Infra Infra Infra Infra Infra Infra Infra
K8s
Edge
Kubernetes can be implemented over
physical or virtual infrastructure
App App App App App
Network
Services
K8s Cluster

28 © Nokia 2020
etcd
etcd
Kubernetes
API Server
scheduler controller manager
Kubelet
pod
pod
pod
pod
pod
pod
proxy
service
service
label
label
label
label
label
label
label
label
label
label
label
Label
users
devops
storage
Container Runtime Repository
Master
Worker
label
label
API Server
scheduler controller manager
Kubelet
proxy

29 © Nokia 2020
Kubernetes
Container Runtime Interface (CRI)
Using CRI Kubernetes can use a wide variety of continers runtime
Container Runtime Interface (CRI) defines an interface and a set of functions that a container runtime is expected
to perform to allow fundamental operations with containers in a standardized way.
Kubernetes fundamentally needs the container runtime to be responsible for:
• Provide image management
• Prepare the environment to instantiate the container
• Prepare the network for the Pod
kubelet CRI shim
gRPC
Client
gRPC Server
Container
Runtime
container
container
container
High-Level Runtime Low-Level Runtime
CRI
OCI

30 © Nokia 2020
Kubernetes
Manifest
Manifest
YAML is standard and human-readable text-based format for specifying
configuration-type information with convenience, trackability ad flexibility.
A Kubernetes YAM file basically contains some important information like:
• apiVersion: Which version of K8s API to use for object creation
• kind: what kind of object you want to create
• metadata: uniquely identify an object. UID, name, namespace
• spec: Different for each object
apiVersion: apps/v1
kind: Deployment
metadata:
name: deploy-frontend
labels:
app: frontend
spec:
replicas: 2
selector:
matchLabels:
app: frontend
template:
metadata:
labels:
app: frontend
spec:
containers:
- name: db
image: mysql
resources:
requests:
memory: "64Mi"
cpu: "250m"
limits:
memory: "128Mi"
cpu: "500m"
- name: wp
image: wordpress
resources:
requests:
memory: "64Mi"
cpu: "250m"
limits:
memory: "128Mi"
cpu: "500m"

31 © Nokia 2020
Kubernetes
Pod
Pod
Pods are the smallest deployable units of computing that Kubernetes can
create and manage.
A Pod is a group of one or more containers, with shared storage/network
resources, and a specification for how to run the containers. A Pod's
contents are always co-located and co-scheduled, and run in a shared
context.
The shared context of a Pod is a set of Linux namespaces, cgroups, and
potentially other facets of isolation. In terms of Docker concepts, a Pod is
similar to a group of Docker containers with shared namespaces and
shared filesystem volumes.
apiVersion: v1
kind: Pod
metadata:
name: pod-example
spec:
containers:
- name: nginx
image: nginx:1.7.9
ports:
- containerPort: 80
resources:
requests:
memory: "64Mi"
cpu: "250m"
Node
Pod
Container
Pod Network
Network Namespace 10.255.16.3
Container

32 © Nokia 2020
32 © Nokia 2020
1
2
Agenda
Infrastructure
Evolution
Container
Docker
Image System
Installation
3
Kubernetes
Basic Concepts
Template System
Installation
4 Altiplano
Microservices

33 © Nokia 2020
Altiplano
Microservices
Confidential. Not for distribution or disclosure outside NOKIA
HTTP
NC Live
collector
IPFix
FE
Network Virtializer
Open
TSDB
Abstraction and
Automation
HTTP
Web UI
HTTPS
7443
Web UI
HTTPS
8443
Identity
mgnt
HTTP
storage
Kibana Proxy
WEB UI
HTTP
5601
Alarm 2 ES
Bridge
Health
Calculator
Live collector
TCA
Calculator
VONU
Proxy
VONU
Manager
kafka
9092
zookeeper
2181
mysql
3306
Fluent
24224
HTTP
9200
HTTP
9200
HTTP
HTTPS
9443
IPFix
BE
4242
4242
4242
4242
Access Controller: 27
FastMille Controller: 12
3rd Party: 19
Altiplano

34 © Nokia 2020
Altiplano
Microservices
Access Controller
Alarm-ES Bridge
TCA Engine
Health Calculator
Nokia ACS Mediator
Generic ACS Mediator
ACS Live Collector
TRM Bulk Collector
RAN Live Collector
SON BE Collector
SON Event Processor
Geo Import (GIS)
• Virtualizer service
• Access Controller
• Alarm-ES Bridge
• NC Live Collector
• IPFIX Front-end
collector
• IPFIX Back-end
collector
• PM File generator
• RC device proxy
• TCA Engine
• Health Calculator
• SNMP Live Collector
• SDC Collector
• OAD2Kafka
• NSP Mediator
• NSP Alarm2Kafka
• NSP PM Load Balancer
• NSP Bulk Collector
• VONU Management
• VONU Proxy
• NC Inventory Collector
• SNMP Inventory Collector
• SOAP Adapter
• CLI Adapter (Virtualizer)
• CLI Adapter (Access
Controller)
• SNMP Alarm Forwarder
• JMS Alarm Forwarder
• Device Migration service
Access Controller Access Controller
Alarm-ES Bridge
TCA Engine
Health Calculator
Nokia ACS Mediator
ACS Live Collector
TRM Bulk Collector
RAN Live Collector
SON BE Collector
SON Event Processor
Geo Import (GIS)
• Access Controller
• Alarm-ES Bridge
• TCA Engine
• Health Calculator
• Nokia ACS Mediator
• Generic ACS Mediator
• ACS Live Collector
• TRM Bulk Collector
• RAN Live Collector
• SON BE Collector
• SON Event Processor
• Geo Import (GIS)
FastiMile Controller
Access Controller
Alarm-ES Bridge
TCA Engine
Health Calculator
Nokia ACS Mediator
ACS Live Collector
TRM Bulk Collector
RAN Live Collector
SON BE Collector
SON Event Processor
Geo Import (GIS)
• MariaDB
• OpenTSDB
• FluentD
• Keycloak
• WebDav (File Server)
• Grafana
• Elasticsearch
• ElasticSearch Curator
• Kibana
• Kafka
• Kafka Mirror maker
• Zookeeper
• Prometheus
• Redis
• Tcollector
• Ingress Controller (NGNIX)
• HDFS Namenode
• HDFS Datanode
• HBASE
3rd Party

45 © Nokia 2020
Altiplano
Installation
K8S cluster
Host – Ubuntu 20.04
1
Docker 19.03.15
2
Bare-metal or
VM prepared
Kubernetes 1.18.13
3
Helm 3.2.4
4
Internet
5
Two parts
Host - Ubuntu
Docker
Kubernetes
Start K8S
6
Join Master
7
tunnel
Artifactory Internal
Artifactory
Set access to
Repository
8
Fetch Vol
chart
9
Ftp Master script,
build Vol folders;
one time task
10
Install
Altiplano
11
Get Images;
Start containers
11’

20220406 - SDAN_Presentation1_SDANOverview.pdf

Recommended

Recommended

More Related Content

Similar to 20220406 - SDAN_Presentation1_SDANOverview.pdf

Similar to 20220406 - SDAN_Presentation1_SDANOverview.pdf (20)

Recently uploaded

Recently uploaded (20)

20220406 - SDAN_Presentation1_SDANOverview.pdf