Cloud Networking - Leaving the Physical Behind - Omer Anson - OpenStack Day Israel 2017

•Download as PPTX, PDF•

0 likes•97 views

Cloud networking still relies too much on physical network constructs like networks, routers, and ports instead of logical abstractions. Kubernetes uses virtual IPs and DNS names for services which is better, but lacks features of OpenStack networking. We should define communication groups that can intercommunicate, and have networking support firewalls, load balancing, and VPNs between groups. This logical approach leaves physical details behind, makes adding features easier, and would be well supported in Dragonflow.

Technology

Cloud Networking - Leaving
the Physical Behind
Omer Anson
Software Physicist
Dragonflow PTL

Problem description (How we do it)
OpenStack networking is still physical
Still based on
Networks
Routers
Ports
Security groups
Why is that?

Current solution (How Kubernetes does it)
Every pod (Read: Network namespace) has a cluster-public IP
Services (Read: Load-balancer) have a virtual IP
Virtual IPs have names (DNS)
Security done with NetworkPolicy
but it’s beta
not everyone supports it
Lacks Power Of Openstack
Built-in VPN, Firewall, QoS, isolation

What we should do
VMs, or containers, or pods live in groups
Groups have a name
Open communication inside the group
Define which groups can inter-communicate
Networking can support
Firewall
Elastic load-balancing
VPN

What we should do
Elastic Load Balancing
API based access
With VPN!
Firewall
Integration
With Legacy networking
With Heat and Magnum
With SFC

Conclusion
Let’s leave the physical behind
Networking in cloud should say what can connect
Not how to connect
And then it’s also easy to add cool features
And it would probably be easiest to do it in Dragonflow!
Because unsolicited advertisement :)

What's hot

OpenStack and OpenDaylight Workshop: ONUG Spring 2014

mestery

OpenStack Neutron behind the Scenes

Anil Bidari ( CEO , Cloud Enabled)

The Kuryr project offers an interesting approach to network cloud native workloads, by enabling container orchestration engines to consume network services from OpenStack Neutron.With pod-in-VM support, Kuryr-Kubernetes enables a whole slew of new hybrid workloads, like bare metal or in-VM pods accessing services that run on VMs, multiple COEs (e.g. Docker Swarm to Kubernetes), and more. Unified networking simplifies deployment, configuration and provides single pane of glass into management and troubleshooting. Let’s dive into Kuryr Kubernetes and learn how different open source technologies can complement each other in order to enable number of complicated deployment scenarios.

Kuryr-Kubernetes: The perfect match for networking cloud native workloads - I...

Cloud Native Day Tel Aviv

Introduction to MidoNet

Taku Fukushima

Navigating OpenStack Networking

PLUMgrid

Network Monitoring and Analytics

PLUMgrid

OpenStack is a free and open-source software platform for cloud computing, mostly deployed as an infrastructure-as-a-service (IaaS). OpenDaylight is an open source project under the Linux Foundation with the goal of furthering the adoption and innovation of SDN through the creation of a common industry supported platform. In this session, I will talk about how OpenStack and OpenDaylight can be combined together to solve real world business cases and networking needs. We will cover: - What is OpenDaylight - Use cases for OpenDaylight with OpenStack - The OpenDaylight NetVirt project - How OpenDaylight interacts with OpenStack - The future of OpenDaylight, and how we see it help solving challenges in the networking industry such as NFV, container networking and physical network fabric management -- the open source way.

OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV

Cloud Native Day Tel Aviv

How OpenStack is Built - Anton Weiss - OpenStack Day Israel 2016

Cloud Native Day Tel Aviv

OpenStack KOREA 정기 세미나_OpenStack meet iNaaS SDN Controller

Yongyoon Shin

OpenStack and the Transformation of the Data Center - Lew Tucker

Lew Tucker

OpenStack practitioners who have deployed cloud at scale would frown when they hear the mention of Open Virtual Switch (OVS), which has been a bottleneck for cloud network performance and scalability. As emerging technologies such as NFV keep pushing for higher data forwarding performance across the network infrastructure, it becomes critical to improve OVS performance without compromising flexibility, network programmability, and cost. We will present a novel way to offload the entire OVS dataplane onto the embedded switch (eSwitch) implemented in the server NIC. This approach maximizes the effective bandwidth that the applications can use to communicate with each other or fetch data from storage, and enhances the efficiency of the cloud. Accelerated Switching And Packet Processing (ASAP2) Direct works seamlessly within the framework of SDN, and allow controllers to configure and update flows onto OVS the same way as before so that network programmability remains intact.

Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...

Cloud Native Day Tel Aviv

OpenStack Networking and Automation

Adam Johnson

[OpenStack Days Korea 2016] An SDN Pioneer's Vision of Networking

OpenStack Korea Community

Introduction to Openstack Network

salv_orlando

[2015-11월 정기 세미나] Cloud Native Platform - Pivotal

OpenStack Korea Community

Openstack Basic with Neutron

KwonSun Bae

Neutron Advanced Services - Akanda - Astara 201 presentation

Eric Lopez

Quantum - Virtual networks for Openstack

salv_orlando

Neutron high availability open stack architecture openstack israel event 2015

Arthur Berezin

Intro to OpenStack Astara (Spring '16)

markmcclain

What's hot (20)

OpenStack and OpenDaylight Workshop: ONUG Spring 2014

OpenStack Neutron behind the Scenes

Kuryr-Kubernetes: The perfect match for networking cloud native workloads - I...

Introduction to MidoNet

Navigating OpenStack Networking

Network Monitoring and Analytics

OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV

How OpenStack is Built - Anton Weiss - OpenStack Day Israel 2016

OpenStack KOREA 정기 세미나_OpenStack meet iNaaS SDN Controller

OpenStack and the Transformation of the Data Center - Lew Tucker

Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...

OpenStack Networking and Automation

[OpenStack Days Korea 2016] An SDN Pioneer's Vision of Networking

Introduction to Openstack Network

[2015-11월 정기 세미나] Cloud Native Platform - Pivotal

Openstack Basic with Neutron

Neutron Advanced Services - Akanda - Astara 201 presentation

Quantum - Virtual networks for Openstack

Neutron high availability open stack architecture openstack israel event 2015

Intro to OpenStack Astara (Spring '16)

Similar to Cloud Networking - Leaving the Physical Behind - Omer Anson - OpenStack Day Israel 2017

The flexibility of OpenStack is a dual-edged sword, giving you unprecedented control over your infrastructure, but potentially becoming a nightmare for the indecisive manager, architect or sysadmin! In this presentation, Tom Fifield – co-author of the OpenStack Operations Guide, and Community Manager at the OpenStack Foundation – takes you through some of the decisions you will face when planning your OpenStack cloud. In addition to a brief introduction on OpenStack and advice on how to interact with the community, he will cover topics such as: How to approach your deployment, ranging from DIY to a turn-key solution from the ecosystem Storage and networking decisions, including plugin options Automating deployment and configuration with popular tools like Puppet and Chef Through discussion of the ecosystem, customization and scaling, you’ll walk away with an understanding of ‘what it takes’ to build your OpenStack cloud.

OSCON 2013 - Planning an OpenStack Cloud - Tom Fifield

OSCON Byrum

Sdwan webinar

pmohapat

Shmoocon 2013 - OpenStack Security Brief

openfly

Simple, Scalable and Secure Networking for Data Centers with Project Calico

Emma Gordon

OWF12/Open Cloud Strategies Openstackinaction enovance

Paris Open Source Summit

Open stack in action enovance-quantum in action

eNovance

Getting to Unified Network Services

Erik Carlin

Openstack Quantum

openstackindia

[Cloud-Native and Kubernetes Meetup in Silicon Valley] Ballerina - Cloud Nati...

Ballerinalang

Ct nyc-philly open stack meetups april 2014 final

ozkan01

DEFCON 23 - Gregory Pickett - staying persistant in software defined networks

Felipe Prado

view the deck as powerpoint

webhostingguy

view the deck as powerpoint

webhostingguy

Again music

variable_orr

Hybrid Cloud and Hyper Cloud

Eshed Gal-Or

Openstack Workshop (Networking/Storage)

Affan Syed

Openstack workshop @ Kalasalingam

Beny Raja

Workshop - Openstack, Cloud Computing, Virtualization

Jayaprakash R

In this session Arash will show you how to use Open Cloud service delivery models such as Open IaaS and Open PaaS to deploy OpenCms as a service for your organization or your customers. You will learn how Open Source cloud operating systems and platforms such as OpenStack and Cloud Foundry can help jumping and scaling between OpenCms content clouds. Arash will also compare other PaaS solutions like AppScale, CloudBees, OpenShift and Jelastic and show if and how OpenCms can work with them. He will introduce you to the Cloud Federation concept, which helps to avoid vendor lock-in with private, public and hybrid cloud environments. Last but not least, he will explain how to achieve a high level of data security in Open Clouds, so that even system administrators won’t be able to access your OpenCms data. This session is targeted at all types of OpenCms users, such as business users, service providers and developers.

OpenCms Days 2012 - OpenCms on open clouds

Alkacon Software GmbH & Co. KG

Blug Talk

guestb9d7f98

Similar to Cloud Networking - Leaving the Physical Behind - Omer Anson - OpenStack Day Israel 2017 (20)

OSCON 2013 - Planning an OpenStack Cloud - Tom Fifield

Sdwan webinar

Shmoocon 2013 - OpenStack Security Brief

Simple, Scalable and Secure Networking for Data Centers with Project Calico

OWF12/Open Cloud Strategies Openstackinaction enovance

Open stack in action enovance-quantum in action

Getting to Unified Network Services

Openstack Quantum

[Cloud-Native and Kubernetes Meetup in Silicon Valley] Ballerina - Cloud Nati...

Ct nyc-philly open stack meetups april 2014 final

DEFCON 23 - Gregory Pickett - staying persistant in software defined networks

view the deck as powerpoint

Again music

Hybrid Cloud and Hyper Cloud

Openstack Workshop (Networking/Storage)

Openstack workshop @ Kalasalingam

Workshop - Openstack, Cloud Computing, Virtualization

OpenCms Days 2012 - OpenCms on open clouds

Blug Talk

More from Cloud Native Day Tel Aviv

Cloud Native is a Cultural Decision. By Reshef Mann

Cloud Native Day Tel Aviv

In any Cloud Native architecture there’s a seemingly endless stream of events that happen at each layer. These events can be used to detect abnormal activity and possible security incidents, as well as providing an audit trail of activity. In this talk we’ll cover how we extended Falco to ingest events beyond just host system calls, such as Kubernetes audit events or even application level events. We will also show how to create Falco rules to detect behaviors in these new event streams. We show how we implemented Kubernetes audit events in Falco, and how to configure the event stream.

Container Runtime Security with Falco, by Néstor Salceda

Cloud Native Day Tel Aviv

Kafka Mirror Tester: Go and Kubernetes Powered Test Suite for Kafka Replicati...

Cloud Native Day Tel Aviv

Running I/O intensive workloads on Kubernetes, by Nati Shalom

Cloud Native Day Tel Aviv

Service meshes are all the buzz in cloud-native world. How come only yesterday we didn't know such a thing existed and now everybody seems to want one? If you're already running a microservice-based system or only starting out with one, you may be asking yourself : "Do I also need a mesh?" In this session we'll try to answer what the mesh is good for, what problem it solves, what new questions it poses.

WTF Do We Need a Service Mesh? By Anton Weiss.

Cloud Native Day Tel Aviv

Update Strategies for the Edge, by Kat Cosgrove

Cloud Native Day Tel Aviv

Building a Cloud-Native SaaS Product The Hard Way. By Arthur Berezin

Cloud Native Day Tel Aviv

If you are interested in monitoring, and successfully set up a system (whether home-grown or custom-off-the-shelf) for your own use, there comes a moment when you go from monitoring only the systems you care about, to monitoring systems that other people care about. Monitoring for yourself is all about having the best data for the least effort. Monitoring for others? That's when your job becomes a game of "what just happened" whack-a-mole.

The Four Questions (Every Monitoring Engineer gets asked), by Leon Adato

Cloud Native Day Tel Aviv

K8s Pod Scheduling - Deep Dive. By Tsahi Duek.

Cloud Native Day Tel Aviv

Cloud Native: The Cattle, the Pets, and the Germs, by Avishai Ish-Shalom

Cloud Native Day Tel Aviv

MySQL shell is the MySQL client of the future. It will help you in your daily operations, whatever they are. It doesn't matter if you are a developer or an administrator, if you want to work with relational or non relational data, if you want to setup or monitor your cluster, if you want to work with SQL language or javascript or python. Discover how MySQL shell will help you, no matter what you want to do with MySQL!

MySQL Shell: the daily tool for devs and admins. By Vittorio Cioe.

Cloud Native Day Tel Aviv

Cloud native transformation patterns, by Pini Reznik

Cloud Native Day Tel Aviv

Cloud and Edge: price, performance and privacy considerations in IOT, by Tsvi...

Cloud Native Day Tel Aviv

Running Highly Available Large Scale Systems is a lot of work. For the past 2.5 years, we've been running 100% serverless on a full production environment, serving customers worldwide. No VMs, no containers, no Kubernetes. Just code. In this session I will present why we decided to go fully serverless at Torii, how it helped us move faster than our competitors, where did serverless computing worked best and where there's more work to be done.

Two Years, Zero servers: Lessons learned from running a startup 100% on Serve...

Cloud Native Day Tel Aviv

The “Twelve-Factor” application model has come to represent twelve best practices for building modern, cloud-native applications. With guidance on things like configuration, deployment, runtime, and multiple service communication, the Twelve-Factor model prescribes best practices that apply to everything from web applications to APIs to data processing applications. Although Serverless computing and AWS Lambda have changed how application development is done, the “Twelve-Factor” best practices remain relevant and applicable in a Serverless world. In this talk, we’ll apply the “Twelve-Factor” model to Serverless application development with AWS Lambda and Amazon API Gateway and show you how these services enable you to build scalable, low cost, and low administration applications.

12 Factor Serverless Applications - Mike Morain, AWS - Cloud Native Day Tel A...

Cloud Native Day Tel Aviv

When creating a new Microservice you typically need to add a lot of boilerplate to the code, such as logging, metrics, authentication, SSL, secrets/credentials, etc... All this ends up overshadowing the actual logic of the service itself and results in a lot of dependencies and code. Because of this, we at Soluto created a template for the boilerplate, which worked great... Until we had to upgrade one of the dependencies which resulted in huge effort of code upgrades and deployment across each and every service that uses the template. And that’s besides the fact we needed to make a separate template for each language we used (and over the years, the number of programming languages we use at production increased dramatically). We needed a way to simplify all this. We wanted to get rid of the boilerplate while maintaining the functions listed above. So we decided to delegate the entire responsibility to the Kubernetes infrastructure. In this lecture, I will do a live coding session and show you how to remove the boilerplate from your code and move it to the infrastructure, and discuss the benefits and limitations of this approach.

Not my problem! Delegating responsibilities to the infrastructure - Yshay Yaa...

Cloud Native Day Tel Aviv

Machine Learning is no doubt the hottest trend in IT nowadays. Deep Neural Network (DNN), a subfield of Machine Learning with mode of operation loosely inspired by the brain, allows us to solve complex problems such as image recognition that has been very difficult to solve using standard programming paradigms. DNN concepts are not new. However, and until recently, applying them in practice could not be realized due to their high computational demands. With the recent development in parallel computing, especially around GPU acceleration and high speed and efficient networking, DNN has become a reality in modern data centers. In this talk we will describe the system requirements to effectively run a machine learning cluster with popular frameworks such as TensorFlow. We will discuss how such a system can be deployed in an OpenStack-based cloud without compromises, enjoying high-performance DNN programming paradigm as well as the benefits of cloud and software-defined data centers.

Brain in the Cloud: Machine Learning on OpenStack & Kubernetes Done Right - E...

Cloud Native Day Tel Aviv

Cloud native applications are commonly thought as stateless, horizontally scalable workloads that you can scale-up and down on-demand. Kubernetes, as the commodity cloud native orchestrator, was originally designed for such workloads. A lot has evolved since Kubernetes’ inception, and nowadays many of the stateful applications are migrating to Kubernetes. While not everything is perfect, more and more features are added to support complex stateful use-cases. In this session Arthur will cover the following topics: - Breakdown of a stateful application - Planning a stateful application on Kubernetes - The state of Kubernetes StatefulSets, Persistent Volumes, DNS, Networking, operators and High Availability - A practical use-case and DEMO of a stateful application with Kubernetes

A stateful application walks into a Kubernetes bar - Arthur Berezin, JovianX ...

Cloud Native Day Tel Aviv

The story of how KubeMQ was born - Oz Golan, KubeMQ - Cloud Native Day Tel Av...

Cloud Native Day Tel Aviv

I want it all: go hybrid - Orit Yaron, Outbrain - Cloud Native Day Tel Aviv 2018

Cloud Native Day Tel Aviv

More from Cloud Native Day Tel Aviv (20)