Google Cloud Networking provides a global, flexible, and secure networking foundation for applications and data. Key elements include:
- A global fiber network with over 100 points of presence and hundreds of thousands of miles of cable connecting Google's regions and zones.
- The Andromeda network virtualization stack, which powers VPC networking and provides scalable isolation, high performance, and distributed firewall capabilities.
- Global and regional load balancing options like HTTP(S) and TCP/UDP load balancing for optimizing application delivery worldwide.
- Hybrid connectivity options like Cloud Interconnect, VPN, and Direct Peering to build hybrid cloud architectures connecting on-premises to Google Cloud.
Exploiting IAM in the google cloud platform - dani_goland_mohsan_faridCloudVillage
"Cloud infrastructure design is complex and makes even the most straight-forward topics, such as Identity and Access Management (IAM), non-trivial and confusing and therefore, full of security risk. While AWS IAM provides for access via console and API/CLI using access keys, there is also a temporary security tokens feature, designed for secure temporary access. However, temporary tokens have multiple security pot-holes that can lead to exploits.
I'll explore the limitations of temporary tokens including:
- the lack of visibility/management
- minimal logging
- limited remediation options
and how this can be taken advantage of, especially in combination with other techniques such as assuming of roles, pre-signed URLs, log attacks, and serverless functions to achieve persistence, lateral movement, and obfuscation.
In addition, I’ll look at common defensive techniques and best practices around lockdown, provisioning, logging and alerting to see whether these are practical and can shift the field."
Introduction to Google Cloud Services / PlatformsNilanchal
The presentation provides a brief Introduction to Google Cloud Services and Platforms. In the course of this slide, we will introduce you the different Google cloud computing options, Compute Engine, App Engine, Cloud function, Databases, file storage and security features of Google cloud platform.
Google Cloud Platform is a cloud computing platform by Google that offers hosting on the same supporting infrastructure that Google uses internally for end-user products like Google Search and YouTube. Cloud Platform provides developer products to build a range of programs from simple websites to complex applications.
Google Cloud Platform is a part of a suite of enterprise solutions from Google for Work and provides a set of modular cloud-based services with a host of development tools. For example, hosting and computing, cloud storage, data storage, translations APIs and prediction APIs.
Topic Covered
Why Google Cloud Platform ?
Google Cloud Platform Services: First Insight !!!
Presentation for Introduction to Google Cloud Platform. This PPT provides basic understanding for services provided by Google Cloud Platform like Compute, Storage, VPC, IAM.
by Apurv Awasthi, Sr. Technical Product Manager, AWS
This session introduces the concepts of AWS Identity and Access Management (IAM) and walks through the tools and strategies you can use to control access to your AWS environment. We describe IAM users, groups, and roles and how to use them. We demonstrate how to create IAM users and roles, and grant them various types of permissions to access AWS APIs and resources. We also cover the concept of trust relationships, and how you can use them to delegate access to your AWS resources. This session covers also covers IAM best practices that can help improve your security posture. We cover how to manage IAM users and roles, and their security credentials. We also explain ways for how you can securely manage you AWS access keys. Using common use cases, we demonstrate how to choose between using IAM users or IAM roles. Finally, we explore how to set permissions to grant least privilege access control in one or more of your AWS accounts. Level 100
Exploiting IAM in the google cloud platform - dani_goland_mohsan_faridCloudVillage
"Cloud infrastructure design is complex and makes even the most straight-forward topics, such as Identity and Access Management (IAM), non-trivial and confusing and therefore, full of security risk. While AWS IAM provides for access via console and API/CLI using access keys, there is also a temporary security tokens feature, designed for secure temporary access. However, temporary tokens have multiple security pot-holes that can lead to exploits.
I'll explore the limitations of temporary tokens including:
- the lack of visibility/management
- minimal logging
- limited remediation options
and how this can be taken advantage of, especially in combination with other techniques such as assuming of roles, pre-signed URLs, log attacks, and serverless functions to achieve persistence, lateral movement, and obfuscation.
In addition, I’ll look at common defensive techniques and best practices around lockdown, provisioning, logging and alerting to see whether these are practical and can shift the field."
Introduction to Google Cloud Services / PlatformsNilanchal
The presentation provides a brief Introduction to Google Cloud Services and Platforms. In the course of this slide, we will introduce you the different Google cloud computing options, Compute Engine, App Engine, Cloud function, Databases, file storage and security features of Google cloud platform.
Google Cloud Platform is a cloud computing platform by Google that offers hosting on the same supporting infrastructure that Google uses internally for end-user products like Google Search and YouTube. Cloud Platform provides developer products to build a range of programs from simple websites to complex applications.
Google Cloud Platform is a part of a suite of enterprise solutions from Google for Work and provides a set of modular cloud-based services with a host of development tools. For example, hosting and computing, cloud storage, data storage, translations APIs and prediction APIs.
Topic Covered
Why Google Cloud Platform ?
Google Cloud Platform Services: First Insight !!!
Presentation for Introduction to Google Cloud Platform. This PPT provides basic understanding for services provided by Google Cloud Platform like Compute, Storage, VPC, IAM.
by Apurv Awasthi, Sr. Technical Product Manager, AWS
This session introduces the concepts of AWS Identity and Access Management (IAM) and walks through the tools and strategies you can use to control access to your AWS environment. We describe IAM users, groups, and roles and how to use them. We demonstrate how to create IAM users and roles, and grant them various types of permissions to access AWS APIs and resources. We also cover the concept of trust relationships, and how you can use them to delegate access to your AWS resources. This session covers also covers IAM best practices that can help improve your security posture. We cover how to manage IAM users and roles, and their security credentials. We also explain ways for how you can securely manage you AWS access keys. Using common use cases, we demonstrate how to choose between using IAM users or IAM roles. Finally, we explore how to set permissions to grant least privilege access control in one or more of your AWS accounts. Level 100
For more training on AWS, visit: https://www.qa.com/amazon
AWS Loft | London - Amazon Virtual Private Cloud by Andrew Kane, Solution Architect
April 18, 2016
Presentation about Google Cloud DNS which is one of the products of Google Cloud Platform. Contains link to video of how to use Google Cloud DNS for domains
Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...Amazon Web Services
In this session, we will walk through the fundamentals of Amazon Virtual Private Cloud (VPC). We will discuss core VPC concepts including picking your IP space, subnetting, routing, security, NAT and VPC Endpoints.
Jenkins is the leading open source continuous integration tool. It builds and tests our software continuously and monitors the execution and status of remote jobs, making it easier for team members and users to regularly obtain the latest stable code.
In this presentation, Jeff Barr introduces AWS, with a focus on EC2, and then shows how to use AWS Elastic Beanstalk with Git-based deployment of a PHP application.
Amazon Web Services (AWS) provides on-demand computing resources and services in the cloud, with pay-as-you-go pricing. This session provides an overview and describes how using AWS resources instead of your own is like purchasing electricity from a power company instead of running your own generator. Using AWS resources provides many of the same benefits as a public utility: Capacity exactly matches your need, you pay only for what you use, economies of scale result in lower costs, and the service is provided by a vendor experienced in running large-scale networks. A high-level overview of AWS infrastructure (such as AWS Regions and Availability Zones) and AWS services is provided as part of this session.
Speaker: Tom Whateley, Solutions Architect and Stephanie Zieno, Account Manager, Amazon Web Services
Google Cloud Platform Tutorial | GCP Fundamentals | EdurekaEdureka!
( Google Cloud Certification Training - Cloud Architect: https://www.edureka.co/google-cloud-a... ) This Tutorial on Google Cloud Platform will provide you a detailed introduction to GCP and it's Cloud Services Services. Learn why GCP is preferred over other cloud Providers and also learn about the various Zones and Regions where the servers are hosted.
Google Cloud Platform Solutions for DevOps EngineersMárton Kodok
learn the DevOps essentials about cloud components, FaaS, PaaS architectural patterns that make use of Cloud Functions, Pub/Sub, Dataflow, Kubernetes and how we develop and deploy cloud software. You will get hands on information how to build, run, monitor highly scalable and flexible applications optimized to run on GCP. We will discuss cloud concepts and highlights various design patterns and best practices.
Webinar aws 101 a walk through the aws cloud- introduction to cloud computi...Amazon Web Services
Whether you are running applications that share photos or support critical operations of your business, you need rapid access to flexible and low cost IT resources. The term "cloud computing" refers to the on-demand delivery of IT resources via the Internet with pay-as-you-go pricing. Whether you are a start-up who wants to accelerate growth without a big upfront investment in cash or time for technology or an Enterprise looking for IT innovation, agility and resiliency while reducing costs, the AWS Cloud provides a complete set of web services at zero upfront costs which are available with a few clicks and within minutes. Join this webinar to learn more about the benefits of Cloud Computing and:
- The history of AWS and how a global online retailer got into cloud computing
- The concepts of utility computing and elasticity and why these are important to a cost-effective, scalable and reliable IT architecture
- The AWS service portfolio and the global footprint on which it is delivered
- The value proposition of the AWS Cloud
- Use cases to help you relate cloud based infrastructure to your own needs
- Busting the myths around cloud computing
- No prior experience is necessary, so join us for an overview of the AWS cloud services, and a discussion on how cloud computing can help accelerate innovation in your company.
Amazon EC2 provides a broad selection of instance types to accommodate a diverse mix of workloads. In this session, we provide an overview of the Amazon EC2 instance platform, key features, and the concept of instance generations.
Building what's next with google cloud's powerful infrastructureMediaAgility
Building What's Next with Google Cloud's Powerful Infrastructure. Companies are facing increasing challenges
Be more data driven, but on-prem data is hard to access, analyze, and use
Have to focus to stay ahead of competition, can’t afford wasted efforts
Attract and retain customers and employees with great experiences
Security threats keep growing
Be more agile - turn IT into competitive advantage
Google is focused on helping companies meet those challenges. To know more feel free to explore these slides and write back to us.
For more training on AWS, visit: https://www.qa.com/amazon
AWS Loft | London - Amazon Virtual Private Cloud by Andrew Kane, Solution Architect
April 18, 2016
Presentation about Google Cloud DNS which is one of the products of Google Cloud Platform. Contains link to video of how to use Google Cloud DNS for domains
Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...Amazon Web Services
In this session, we will walk through the fundamentals of Amazon Virtual Private Cloud (VPC). We will discuss core VPC concepts including picking your IP space, subnetting, routing, security, NAT and VPC Endpoints.
Jenkins is the leading open source continuous integration tool. It builds and tests our software continuously and monitors the execution and status of remote jobs, making it easier for team members and users to regularly obtain the latest stable code.
In this presentation, Jeff Barr introduces AWS, with a focus on EC2, and then shows how to use AWS Elastic Beanstalk with Git-based deployment of a PHP application.
Amazon Web Services (AWS) provides on-demand computing resources and services in the cloud, with pay-as-you-go pricing. This session provides an overview and describes how using AWS resources instead of your own is like purchasing electricity from a power company instead of running your own generator. Using AWS resources provides many of the same benefits as a public utility: Capacity exactly matches your need, you pay only for what you use, economies of scale result in lower costs, and the service is provided by a vendor experienced in running large-scale networks. A high-level overview of AWS infrastructure (such as AWS Regions and Availability Zones) and AWS services is provided as part of this session.
Speaker: Tom Whateley, Solutions Architect and Stephanie Zieno, Account Manager, Amazon Web Services
Google Cloud Platform Tutorial | GCP Fundamentals | EdurekaEdureka!
( Google Cloud Certification Training - Cloud Architect: https://www.edureka.co/google-cloud-a... ) This Tutorial on Google Cloud Platform will provide you a detailed introduction to GCP and it's Cloud Services Services. Learn why GCP is preferred over other cloud Providers and also learn about the various Zones and Regions where the servers are hosted.
Google Cloud Platform Solutions for DevOps EngineersMárton Kodok
learn the DevOps essentials about cloud components, FaaS, PaaS architectural patterns that make use of Cloud Functions, Pub/Sub, Dataflow, Kubernetes and how we develop and deploy cloud software. You will get hands on information how to build, run, monitor highly scalable and flexible applications optimized to run on GCP. We will discuss cloud concepts and highlights various design patterns and best practices.
Webinar aws 101 a walk through the aws cloud- introduction to cloud computi...Amazon Web Services
Whether you are running applications that share photos or support critical operations of your business, you need rapid access to flexible and low cost IT resources. The term "cloud computing" refers to the on-demand delivery of IT resources via the Internet with pay-as-you-go pricing. Whether you are a start-up who wants to accelerate growth without a big upfront investment in cash or time for technology or an Enterprise looking for IT innovation, agility and resiliency while reducing costs, the AWS Cloud provides a complete set of web services at zero upfront costs which are available with a few clicks and within minutes. Join this webinar to learn more about the benefits of Cloud Computing and:
- The history of AWS and how a global online retailer got into cloud computing
- The concepts of utility computing and elasticity and why these are important to a cost-effective, scalable and reliable IT architecture
- The AWS service portfolio and the global footprint on which it is delivered
- The value proposition of the AWS Cloud
- Use cases to help you relate cloud based infrastructure to your own needs
- Busting the myths around cloud computing
- No prior experience is necessary, so join us for an overview of the AWS cloud services, and a discussion on how cloud computing can help accelerate innovation in your company.
Amazon EC2 provides a broad selection of instance types to accommodate a diverse mix of workloads. In this session, we provide an overview of the Amazon EC2 instance platform, key features, and the concept of instance generations.
Building what's next with google cloud's powerful infrastructureMediaAgility
Building What's Next with Google Cloud's Powerful Infrastructure. Companies are facing increasing challenges
Be more data driven, but on-prem data is hard to access, analyze, and use
Have to focus to stay ahead of competition, can’t afford wasted efforts
Attract and retain customers and employees with great experiences
Security threats keep growing
Be more agile - turn IT into competitive advantage
Google is focused on helping companies meet those challenges. To know more feel free to explore these slides and write back to us.
Keynote presentation by Amin Vahdat on behalf of Google Technical Infrastructure and Google Cloud Platform. Presentation was delivered at the 2017 Open Networking Summit.
Google Cloud Platform for the EnterpriseVMware Tanzu
SpringOne Platform 2016
Speakers: Jay Marshall; Principal Strategic Advisor, Google. Vic Iglesias; Solutions Architect, Google.
Whether you are running Spring Apps on Tomcat or Spring Boot on Cloud Foundry, Google Cloud Platform allows you to deploy all of your applications on the same global infrastructure that allows Google to return billions of search results in milliseconds, serve six billion hours of YouTube video per month, and provide storage for almost a billion Gmail users. Join the Google team as they illustrate how Google's cloud was built for the enterprise.
Google Cloud Platform itself has been on a very rapid rise over the past few years. It has a lot of advantages over AWS or Microsoft Azure. In this slideshow, you can learn more about these top advantages. For more details, you can also read this post https://kinsta.com/blog/google-cloud-hosting/
Solving enterprise challenges through scale out storage & big compute finalAvere Systems
Google Cloud Platform, Avere Systems, and Cycle Computing experts will share best practices for advancing solutions to big challenges faced by enterprises with growing compute and storage needs. In this “best practices” webinar, you’ll hear how these companies are working to improve results that drive businesses forward through scalability, performance, and ease of management.
The slides were from a webinar presented January 24, 2017. The audience learned:
- How enterprises are using Google Cloud Platform to gain compute and storage capacity on-demand
- Best practices for efficient use of cloud compute and storage resources
- Overcoming the need for file systems within a hybrid cloud environment
- Understand how to eliminate latency between cloud and data center architectures
- Learn how to best manage simulation, analytics, and big data workloads in dynamic environments
- Look at market dynamics drawing companies to new storage models over the next several years
Presenters communicated a foundation to build infrastructure to support ongoing demand growth.
"How overlay networks can make public clouds your global WAN" by Ryan Koop o...Cohesive Networks
The presentation "How overlay networks can make public clouds your global WAN" presented by Ryan Koop on Oct 24, 2013 at LASCON in Austin, TX.
Enterprises, organizations and governments are realizing the benefits of cloud flexibility, cost savings, scalability and connectivity. Yet the traditional approach focuses too much on the underlying infrastructure, instead of the applications.
So who is making solutions for the people who work at the application layer? Are software-defined things secure?
With a focus on application-layer integration, governance and security, overlay networks let developers, and the enterprise apps they work with, use the public clouds as a global WAN network, not just extra storage.
Developers can build on top of overlay networking to extend traditional networks to the cloud with added security such as encryption, IPsec connections, VLANs and VPNs into the public cloud networks.
Prime examples are the previously cost-prohibitive projects can now use public clouds as global points of presence to create cloud WAN to partners and customers.
Powerup & GCP | Workshop on Google Kubernetes EnginePowerup
Continuing our #powerupgrade series, expert practitioners at Powerup and GCP (Google Cloud Platform) organized a session on GKE - showcasing operational and cost efficiencies by completely eliminating the need to install, manage and operate one's own Kubernetes clusters. Do not miss being a part of this interactive learning and best-practice showcase. We also had domain experts and business leaders at the event who have successfully implemented GKE.
The CPaaS.io platform allows to make task logic - e.g., for analytics - to be adaptively moved from the cloud to the edge of an IoT network. This presentation given at the first year review meeting in Tokyo on October 5, 2017 explains how.
Disclaimer:
This document has been produced in the context of the CPaaS.io project which is jointly funded by the European Commission (grant agreement n° 723076) and NICT from Japan (management number 18302). All information provided in this document is provided "as is" and no guarantee or warranty is given that the information is fit for any particular purpose. The user thereof uses the information at its sole risk and liability. For the avoidance of all doubts, the European Commission and NICT have no liability in respect of this document, which is merely representing the view of the project consortium. This document is subject to change without notice.
Cassandra on Google Cloud Platform (Ravi Madasu, Google / Ben Lackey, DataSta...DataStax
During this session Ben Lackey (DataStax) and Ravi Madasu (Google) will cover best practices for quickly setting up a cluster on Google Cloud Platform (GCP) using both Google Compute Engine (GCE) and Google Container Engine (GKE) which is based on Kubernetes and Docker.
About the Speakers
Ben Lackey Partner Architect, DataStax
I work in the Cloud Strategy group at DataStax where I concentrate on improving the integration between DataStax Enterprise and cloud platforms including Azure, GCP and Pivotal.
Ravi Madasu
Ravi Madasu is a program manager at Google, primarily focused on Google Cloud Launcher. He works closely with ISV partners to make their products and services available on the Google Cloud Platform providing a developer friendly deployment experience. He has 15+ years of experience, working in variety of roles such as software engineer, project manager and product manager. Ravi received a Masters degree in Information Systems from Northeastern University and an MBA from Carnegie Mellon University.
A fresh look at Google’s Cloud by Mandy Waite Codemotion
Google, one of the early PaaS (Platform as a Service) pionneers, has recently substantially improved AppEngine, expanded its Cloud Platform to include CloudStorage, BigQuery and soon Google Compute Engine (still in early access as of this writing).
Integrating Google Cloud Dataproc with Alluxio for faster performance in the ...Alluxio, Inc.
Alluxio Tech Talk
Dec 10, 2019
Chris Crosbie and Roderick Yao from the Google Dataproc team and Dipti Borkar of Alluxio will demo how to set up Google Cloud Dataproc with Alluxio so jobs can seamlessly read from and write to Cloud Storage. They’ll also show how to run Dataproc Spark against a remote HDFS cluster.
For more Alluxio events: https://www.alluxio.io/events/
GDG DevFest Romania - Architecting for the Google Cloud PlatformMárton Kodok
Learn about FaaS, PaaS architectural patterns that make use of Cloud Functions, Pub/Sub, Dataflow, Kubernetes and platforms that hides the management of servers from the user and have changed how we develop and deploy future software.
We discuss the difference between an event-driven approach - this means that you can trigger a function whenever something interesting happens within the cloud environment - and the simpler HTTP approach. Quota and pricing of per invocation, and the advantages and disadvantages of the serverless systems.
NFF-GO (YANFF) - Yet Another Network Function FrameworkMichelle Holley
NFF-Go is a framework allows developers to deploy performant cloud-native network functions much faster. NFF-Go internally implements low-level optimizations and can auto-scale to multicores using built-in capabilities to take advantage of Intel® architecture. NFF uses Data Plane Development Kit (DPDK) for efficient input/output (I/O) and Go programming language as a high-level, safe, productive language.
Edge and 5G: What is in it for the developers?Michelle Holley
5G is not just the next generation of networks but is also an innovation platform for services, applications, and connected devices. Moving services and applications to edge is accelerating services “today”, without having to wait for 5G to happen. But what does it take to develop an application that is ready for the Edge and 5G? What sort of hardware, software and ecosystem can enable an application that is future ready. In this talk we will discuss what is Intel doing in this space not only terms of products and solutions but also acting as an vendor neutral eco system enabler. We will also discuss the opportunities available to developers today no matter where they belong in the ecosystem.
Speaker: Chandresh Ruparel, Director, Ecosystem Strategy and Intel Network Builders
This presentation covers an industry perspective and a roadmap towards 5G with open and democratized interfaces. It covers examples of open reference platforms and how open source communities can complement standard bodies such as 3GPP and IEEE. It characterizes RAN and user and control plane core micro services and discusses opportunities for embedded network telemetry for emerging machine learning applications.
Speaker: Tom Tofigh, Principal Member of Technical Staff (Architect) at AT&T
De-fogging Edge Computing: Ecosystem, Use-cases, and OpportunitiesMichelle Holley
This presentation is intended to provide clarity around Edge Computing by providing an overview of the edge computing ecosystem and providing context of it’s possibilities through a discussion around use-cases and highlighting opportunities for developers, enterprises, and large companies. We will focus more on practical implications of Edge Computing on business and consumer ecosystems rather than implementations.
Speaker: Faraz Hoodbhoy, Director Outreach Ecosystem & Innovation, AT&T
With uCPE/SD-WAN taking center stage in enabling software-defined Cloud services to enterprise branch offices globally, this session will provide a uCPE review from a solution, deployment and reference design standpoint.
Speaker: Sab Gosal, Segment Manager
Network Platforms Group (NPG), September 2018
Application developers are key to the success of an edge compute strategy. They are the backbone for any digital ecosystem and their requirements drive the platform architecture. Edge computing is no different. In this talk, we will focus on some key requirements, challenges and possible solutions for a developer centric architecture for multi-access edge computing including abstraction of the service provider’s network complexity, low footprint cloud native builder models, micro-services, hardware abstractions, intelligence layers and massive monitoring of application instances.
About the speaker: Shamik Mishra is currently Assistant Vice President (AVP), Technology and Innovation at Aricent. He is a practice leader for new product architectures. He has extensive experience and contributions in software development in cloud, wireless technologies, edge computing and platform software. His research interests are Network Function Virtualization (NFV), Cloud and edge computing and Machine Learning (ML). He has spoken in several conferences and his work is regularly covered in the media. Shamik has a bachelor’s and a master’s degree from Indian Institute of Technology (IIT) Kharagpur, India.
Install FD.IO VPP On Intel(r) Architecture & Test with Trex*Michelle Holley
This demo/lab will guide you to install and configure FD.io Vector Packet Processing (VPP) on Intel® Architecture (AI) Server. You will also learn to install TRex* on another AI Server to send packets to the VPP, and use some VPP commands to forward packets back to the TRex*.
Speaker: Loc Nguyen. Loc is a Software Application Engineer in Data Center Scale Engineering Team. Loc joined Intel in 2005, and has worked in various projects. Before joining the network group, Loc worked in High-Performance Computing area and supported Intel® Xeon Phi™ Product Family. His interest includes computer graphics, parallel computing, and computer networking.
Cloud native architecture is emerging for Telecom workloads. To support these emerging trends, Intel is targeting enhancements to the Dataplane Development Kit (DPDK). The enhancements would target network service mesh with dedicated sidecar accelerators and the mechanism to build the mesh dynamically.
Speaker: Gerald Rogers. Gerald Rogers is a Principal Engineer in the Network Products Group focused on virtual switching, network function virtualization and Data Plane Development Kit (DPDK). After joining Intel in 2005, Gerald has worked as a software engineer and architect in the embedded and networking groups. For the past 7 years Gerald has led the network virtual switching software and hardware acceleration effort to drive Intel architecture into the networking and telecommunications industry. Gerald holds a Bachelor’s degree in Electrical Engineering and a Master’s degree in Computer Science, and has 20 years of experience in the networking and telecommunications industry.
Presentation will cover recent changes in project lifecycle and release model as well as latest additions and technical trends in OpenDaylight.
Speaker: Luis Gomez - Luis Gomez is a Software Test Engineer at lumina Networks. He is member of the OpenDaylight Technical Steering Committee (TSC) and committer for integration and releng projects. Previously he was a Principal Software Test Engineer in the Open Source Software group at Brocade where he spent 4 years integrating, testing and supporting OpenDaylight in customer solutions, before he was a Solution Integration Engineer at Ericsson where he spent more than a decade integrating and testing service provider networks.
The presentation will provide a brief overview of Tungsten Fabric, and the new features in the recent 5.0 release. A demo of Tungsten Fabric will follow, with an overview of core functionality, and newly released features.
Speaker: Nick Davey, Cloud - SDN Product Manager
Orchestrating NFV Workloads in Multiple CloudsMichelle Holley
Open Network Automation Platform (ONAP) is missioned to deploy and manage VNFs on multiple infrastructure environments, including virtualized infrastructure and cloud native. Workload deployment and orchestration in multiple clouds is expected to play an essential role in ONAP operational success. This talk introduces overall ONAP architecture and orchestration workflow, and related supporting functions such as homing and optimization.
Speaker: Bin Hu, Bin is an innovation thought-leader in NFV, SDN and Cloud. He is the Convener of OPNFV's Technical Community, PTL of IPv6 and PTL of Gluon in OpenStack for the next generation of NFV networking services. He was the Winner of OPNFV 2015 Annual Award.
Convergence of device and data at the Edge CloudMichelle Holley
Ever growing need of Intelligent Systems evolves analytics and decision making into AI with Machine Learning as tools for knowledge assimilation. What is essential for ML is a form of data that has inherent information that can be translated to useful information (intelligence) for decision making. IoT is the key for intelligent systems as they collect data at every end point. They are like ends of neuron network in human body. And the data collected has to be refined for decision making as it traverses up to the brain (AI Cloud) – like lymph nodes we have Edge Clouds. We will explore in this short talk two aspects of such IoT infrastructure where you have lossy network for IoTs, gateway options for device data and how it can seamlessly integrate with Edge Cloud Networks. We will review such protocols as Wireless Mesh, programmable gateways and extension of overlays into the Cloud.
Speaker: Murali Rangachari, Futurewei Technologies
The rapid growth of data requires advanced intelligence closer to the endpoints that are both generating and consuming data. To capture and accelerate this opportunity, the powerful data processing and analytics capabilities that have traditionally lived in the heart of the data center must be strategically placed closer-and-closer to the data generating and consuming endpoints, at the “edge.” This presentation will look at the opportunities facing the Edge ecosystem and show how Intel via its Intel Network Builders’ Network Edge Ecosystem program is helping the community capitalize on this opportunity and accelerate the deployment of Edge solutions.
Speaker: Orla Mooney, Team Lead, Network Edge Ecosystem program
Design Implications, Challenges and Principles of Zero-Touch Management Envir...Michelle Holley
Use of zero-touch management environments requires a paradigm shift in terms of how core management capabilities are delivered, deployed and utilized for the purpose of network service and infrastructure management. In this talk we will examine several key implications and challenges presented by use of zero-touch management practices. We will also propose a set of core architectural principles for design and operation of zero-touch management systems.
Speaker: Alexander Vul, Intel. Alexander is currently working as a Cloud Solutions Architect in the Datacenter Solutions Group at Intel. In his current position, Alexander is responsible for defining and driving Intel’s SDN/NFV MANO solutions and for leading Intel’s participation in the ONAP open source communities.
Using Microservices Architecture and Patterns to Address Applications Require...Michelle Holley
Edge Computing Infrastructure needs to be closer to end-user yet provide ability to offload compute from End user devices for apps such that it can manage both real-time and lossless applications. MEC architecture is inherently complex and of several challenges; state management of applications is key. This talk focuses on aspects of microservices patterns, container workload and persistent stores to address and improve application latency, to match SLAs with use cases like AR; extending home gateway to pole gateway for IoT and address optimization techniques needed for the same.
Speakers:
Prem Sankar Gopannan, Ericsson Opensource Ecosystem team and Opendaylight team
Prakash Ramchandran, Openstack 2018 Board Member
In this talk, Tong will start with the current landscape and typical use cases of Artificial Intelligence applications in the Telco domain. Then, she will introduce Intel’s strategy and products for Network AI, including our focus areas, our hardware portfolio, software stacks, roadmaps and some case studies.
Speaker: Tong Zhang, Principal Engineer and Chief Architect for AI and Analytics of the Network Platforms Group, Intel
Learn how artificial intelligence impacts performance, security, compute, and resources within the network.
Speakers:
“Ali” Osamah Mohammed Ali and Wes Jensen, Netrolix
The concept of service mesh is one of the new technologies that have grown up around the container and micro-service model over the last couple of years, and Istio is the latest entry into this space. As Istio was recently included as an incubated project in the CNCF, many companies are now looking to it to provide a set of key functions to accelerate their micro-service application management model. Istio enables bi-directional authentication and security of service communication via TLS based authentication and encryption, and at the same time is able to capture application level communication statistics, improving the application development team's visibility into the otherwise difficult to track communication patterns. In this way, Istio acts like an application level network, riding across the underlying capabilities of Kubernetes CNI based networks and network policy. We will implement Istio on a GKE kubernetes cluster, and instrument a simple application to get better insight into how Istio provides its capabilities.
Speaker Bio:
With over 20 years of experience as a systems reliability engineer, and a focus on automating not only application deployments but the underlying infrastructure as well, Robert Starmer brings a wealth of knowledge to the full application enablement stack. He has applied this knowledge in fields from high-performance computing to high-frequency trading environments, and everything in between. Robert also holds patents in network, data center, and application performance and scale enhancements. He is a Founder and the CTO at Kumulus Technologies, a DevOps, Systems Reliability Engineering and cloud computing consultancy. Additionally, Robert is an incurable photography nerd and has been known to stay up until dawn in remote locations to capture celestial time-lapses.
Intel® QuickAssist Technology Introduction, Applications, and Lab, Including ...Michelle Holley
Abstract: Intel® QuickAssist Technology improves performance and efficiency across the data center and other computing platforms by handling the compute-intensive operations of bulk cryptography, public key cryptography, and data compression. In this course, we will give an overview of the technology along with the summary of resources to get started with integrating Intel® QAT into your platform solutions. We will also demonstrate using Intel® QAT with applications such as OpenSSL, NGINX, and HAProxy, with a hands-on lab.
Speaker Bios:
Joel Auernheimer, a Platform Application Engineer at Intel, has been focused on enabling customers to integrate Intel® QuickAssist Technology in their platform solutions. Joel is a native of Phoenix, Arizona and enjoys hiking, basketball, soccer, singing, and spending time with friends and family.
Joel Schuetze has been with Intel since 1996. For the last 9+ years he has worked as Platform Application Engineer supporting customers with Intel QuickAssist Technology.
We describe the deployment and use of Globus Compute for remote computation. This content is aimed at researchers who wish to compute on remote resources using a unified programming interface, as well as system administrators who will deploy and operate Globus Compute services on their research computing infrastructure.
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamtakuyayamamoto1800
In this slide, we show the simulation example and the way to compile this solver.
In this solver, the Helmholtz equation can be solved by helmholtzFoam. Also, the Helmholtz equation with uniformly dispersed bubbles can be simulated by helmholtzBubbleFoam.
Large Language Models and the End of ProgrammingMatt Welsh
Talk by Matt Welsh at Craft Conference 2024 on the impact that Large Language Models will have on the future of software development. In this talk, I discuss the ways in which LLMs will impact the software industry, from replacing human software developers with AI, to replacing conventional software with models that perform reasoning, computation, and problem-solving.
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...Juraj Vysvader
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I didn't get rich from it but it did have 63K downloads (powered possible tens of thousands of websites).
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTier1 app
Even though at surface level ‘java.lang.OutOfMemoryError’ appears as one single error; underlyingly there are 9 types of OutOfMemoryError. Each type of OutOfMemoryError has different causes, diagnosis approaches and solutions. This session equips you with the knowledge, tools, and techniques needed to troubleshoot and conquer OutOfMemoryError in all its forms, ensuring smoother, more efficient Java applications.
A Comprehensive Look at Generative AI in Retail App Testing.pdfkalichargn70th171
Traditional software testing methods are being challenged in retail, where customer expectations and technological advancements continually shape the landscape. Enter generative AI—a transformative subset of artificial intelligence technologies poised to revolutionize software testing.
Unleash Unlimited Potential with One-Time Purchase
BoxLang is more than just a language; it's a community. By choosing a Visionary License, you're not just investing in your success, you're actively contributing to the ongoing development and support of BoxLang.
top nidhi software solution freedownloadvrstrong314
This presentation emphasizes the importance of data security and legal compliance for Nidhi companies in India. It highlights how online Nidhi software solutions, like Vector Nidhi Software, offer advanced features tailored to these needs. Key aspects include encryption, access controls, and audit trails to ensure data security. The software complies with regulatory guidelines from the MCA and RBI and adheres to Nidhi Rules, 2014. With customizable, user-friendly interfaces and real-time features, these Nidhi software solutions enhance efficiency, support growth, and provide exceptional member services. The presentation concludes with contact information for further inquiries.
Developing Distributed High-performance Computing Capabilities of an Open Sci...Globus
COVID-19 had an unprecedented impact on scientific collaboration. The pandemic and its broad response from the scientific community has forged new relationships among public health practitioners, mathematical modelers, and scientific computing specialists, while revealing critical gaps in exploiting advanced computing systems to support urgent decision making. Informed by our team’s work in applying high-performance computing in support of public health decision makers during the COVID-19 pandemic, we present how Globus technologies are enabling the development of an open science platform for robust epidemic analysis, with the goal of collaborative, secure, distributed, on-demand, and fast time-to-solution analyses to support public health.
Modern design is crucial in today's digital environment, and this is especially true for SharePoint intranets. The design of these digital hubs is critical to user engagement and productivity enhancement. They are the cornerstone of internal collaboration and interaction within enterprises.
Listen to the keynote address and hear about the latest developments from Rachana Ananthakrishnan and Ian Foster who review the updates to the Globus Platform and Service, and the relevance of Globus to the scientific community as an automation platform to accelerate scientific discovery.
Enhancing Research Orchestration Capabilities at ORNL.pdfGlobus
Cross-facility research orchestration comes with ever-changing constraints regarding the availability and suitability of various compute and data resources. In short, a flexible data and processing fabric is needed to enable the dynamic redirection of data and compute tasks throughout the lifecycle of an experiment. In this talk, we illustrate how we easily leveraged Globus services to instrument the ACE research testbed at the Oak Ridge Leadership Computing Facility with flexible data and task orchestration capabilities.
Strategies for Successful Data Migration Tools.pptxvarshanayak241
Data migration is a complex but essential task for organizations aiming to modernize their IT infrastructure and leverage new technologies. By understanding common challenges and implementing these strategies, businesses can achieve a successful migration with minimal disruption. Data Migration Tool like Ask On Data play a pivotal role in this journey, offering features that streamline the process, ensure data integrity, and maintain security. With the right approach and tools, organizations can turn the challenge of data migration into an opportunity for growth and innovation.
How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?XfilesPro
Worried about document security while sharing them in Salesforce? Fret no more! Here are the top-notch security standards XfilesPro upholds to ensure strong security for your Salesforce documents while sharing with internal or external people.
To learn more, read the blog: https://www.xfilespro.com/how-does-xfilespro-make-document-sharing-secure-and-seamless-in-salesforce/
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...Shahin Sheidaei
Games are powerful teaching tools, fostering hands-on engagement and fun. But they require careful consideration to succeed. Join me to explore factors in running and selecting games, ensuring they serve as effective teaching tools. Learn to maintain focus on learning objectives while playing, and how to measure the ROI of gaming in education. Discover strategies for pitching gaming to leadership. This session offers insights, tips, and examples for coaches, team leads, and enterprise leaders seeking to teach from simple to complex concepts.
1. Google Cloud Networking
Without networking, there is no cloud
Prajakta Joshi, Product Manager, Google
prajaktajoshi@google.com
Srinivas Krishnan, Tech Lead/Manager, Google
krishnan@google.com
April 6th, 2017
4. Google probably has the best networking
technology on the planet.
— Peter Bakkum, Quizlet
“
”
5. FASTER (US, JP, TW) 2016
Unity (US, JP) 2010
SJC (JP, HK, SG) 2013
GCP Infrastructure
6 regions, 18 zones, over 100 points of presence, and a well-provisioned global network comprised of
hundreds of thousands of miles of fiber optic cable.
Edge points of presence (>100 - all are
not shown on this map)
Leased and owned fiber
#
#
Future regions and number of zones
Current regions and number of zones
3
3
2
3
3 3
3
3
2
4
3
3
2
Frankfurt
Singapore
S Carolina
N Virginia
Belgium
London
Taiwan
Mumbai
Sydney
Oregon Iowa
São Paulo
Finland
Tokyo
Montreal
California
Netherlands
3
3
33
https://peering.google.com
https://cloud.google.com/compute/docs/regions-zones/regions-zones
6. Software
Defined
Load
Balancer
Google Innovations in Networking
Software
Defined Network
Virtualization
Software
Defined
DataCenters
Software
Defined
WAN
2006
2008
2010
2012
2014
Google
Global
Cache
Freedome
Watchtower
BwE
Onix
B4
Jupiter Andromeda
Maglev
QUIC
Espresso
Software
Defined
Edge
7. Google Cloud Networking
Global
Scale
Application delivery at scale
globally or regionally
Cloud Load Balancing
Cloud CDN
Cloud DNS
Global private space,
regional segmentation.VPC
SDN network virtualization
Global Networks
Granular Subnetworks
Connect to on-premises
or another cloud
Cloud VPN
Cloud Router
Cloud Interconnect
Hybrid
Cloud
User control Network IAM roles
Firewalls
Stackdriver
Security Policies
Visibility / diagnostics
Control
9. Traditional VPC
● Regional
US West US East
Traditional
VPC
10.10.0.0/26
Traditional
VPC
Internet
Web Application
Server
Web Application
Server
10.50.0.0/26
10. Google Global VPC
US West
10.10.0.0/26
US East
10.50.0.0/26
Traditional VPC Traditional VPC
Application
Server
Application
Server
Internet
US West US East
Google VPC
10.10.0.0/26 10.50.0.0/26
Application
Server
Application
Server
● Connect workloads across any regions
● Access any region by interconnecting through a single location, through Google's backbone network
Traditional VPC Google VPC
15. Google Global Load balancing
HTTP(S) Load
Balancing
SSL proxy
Network TCP/UDP
Load Balancing
Internal TCP/UDP
Load Balancing
Global
Regional
TCP proxy Delivered using
Google Front End
infrastructure
(GFE)Delivered using
Maglev
Delivered using
Andromeda
● Google Front Ends (GFEs)= Software-defined, distributed systems that sit in Google POPs and perform
global load balancing in conjunction with other systems/control planes
● Andromeda = Google Cloud’s software-defined network virtualization stack
● Maglev = Distributed systems for network load balancing
16. GFE
Your Backend
compute
Google’s global high-quality network
ISP
Network
Global LB
Software-defined and globally distributed load balancing
GFE
VM VM VM
Global LB
Load Balancer
GCP Datacenters
Google
Edge POP
Google
Network
Google
Edge POP
Serving Instances
Compute Engine
Autoscaling
Software-defined, globally distributed load balancing
17. Google Global HTTP(S) Load Balancing
Maya in California
2001:db8::2
Bob in London
2001:db8::3
Shen in Singapore
2001:db8::4
Cloud
DNS
www.myapp.com
2001:db8::10
120.1.1.1
Region: US-West
Serving Instances
Compute Engine
Autoscaling
Region: Europe
Serving Instances
Compute Engine
Autoscaling
Region: Asia
Serving Instances
Compute Engine
Autoscaling
10.240.0.0/16 192.168.0.0/16 10.2.0.0/16
Google
Network
www.myapp.com
www.myapp.com www.myapp.com www.myapp.com
2001:db8:10
120.1.1.1
Google
Edge POP
Google
Edge POP
Google
Edge POP
2001:db8:10
120.1.1.1
2001:db8:10
120.1.1.1
Google Global Load Balancing (IPv4/IPv6)
18. Google HTTP(S) load balancing performance
0 150 300 450 600
1,600,000
Multiple Regions
(europe-west1-a, europe-west1-b, asia-east1-a)
RPS
Time (s)
1,200,000
800,000
400,000
0
1.3 million requests per second
50X
Actual Traffic was
of expected traffic
Handled with:
20. Google Cloud CDN
User in San Francisco
Frontend
Frontend
US-Central Region
Asia Region
US-East region
Google Cloud Storage
Cloud CDN
User in Iowa
User in New York
Stackdriver Monitoring
& Logging
Autoscaling
Autoscaling
Cloud Load Balancing
HTTP(S) LB
Cache hit!
● 80+ locations
● Single IP across multiple regions
● Enable CDN for HTTP(S) with single check box
● Caches content from instances and storage buckets
● Cache invalidation
● Custom cache keys
● No extra charge for SSL (TLS traffic)
● Industry leading performance (Cedexis)
21. Google Cloud CDN: latency performance
View Cedexis data on CDN latency, throughput, availability at https://www.cedexis.com/google-reports/
*Lower is better
23. Google Cloud Interconnect
Carrier Interconnect
Enterprise-grade connection through a
large partner network of service providers,
VPN required for RFC 1918 communication
VPN
Secure multi-Gbps connection
over VPN tunnels
Direct Peering
Enterprise-grade connection
between you and Google for
your hybrid cloud workloads,
VPN required for RFC 1918
communication
Private Interconnect (new)
Connect N X 10G transport circuits for
private cloud traffic to Google Cloud at
Google POPs, VPN not required for RFC
1918 communication
24. Hybrid cloud: The Home Depot
Home Depot Data Centers
VPN
Gateway
Local
Storage
Local
Compute
Google Cloud
Interconnect / VPN
VPN
Gateway
Compute
Engine
Cloud
Storage
Local
Compute
API
Gateway
HTTP
Cloud Load
Balancing
Compute
Engine
Google Cloud
Interconnect
( Mutual TLS )
Learn more in Ravi’s talk (The Home Depot):
RFC 1918
Public IPs
27. Cloud networking security blueprint
Secure
VPC
Cloud Interconnect
3rd party virtual
appliances
Google Global Load Balancer
(GFE)
VPC topologies for isolation,
Distributed firewall, IAM,
Private access to
Google services, Bastion hosts
Built-in L3/L4 DDoS
protection, Intelligent
anycast for Global IPv6
and IPv4 LB, Autoscaling,
Cross-region overflow,
Cross-region failover,
SSL (TLS) termination
Google Network
Direct Peering,
Carrier Interconnect,
VPN,
Private Interconnect Next-gen firewall,
Logging, Monitoring,
Compliance
Cloud Interconnect
3rd party virtual
appliances
Google Global Load Balancer
(GFE)
Google Network
High capacity/High
performance global
network, Protection
against UDP-based
attacks
3rd party DDoS Defense
27
28. Leverage 3rd party appliances and services
Network Security
(Next Gen
Firewall/IPS/WAF)
DDoS/WAF
Endpoint/
Container Security
Scanning, Logging
& Compliance
Encryption/
DLP
TO DO:
FIX ME
Evernote users trust us with billions of their
notes, so the security and privacy of those notes
is top of mind as we move to the cloud.
Google Cloud Platform security capabilities let us
match the protections we provide for customers
today, and improve on them.
Rich Tener, Head of Security at Evernote
“
”https://blog.evernote.com/blog/2017/02/08/evernote-reaches-the-cloud/
28
30. Andromeda
● Scalable, Flexible, Secure, High
Performance Infrastructure for Virtual
Networking
● Powers Google Compute Engine Network
31. FASTER (US, JP, TW) 2016
Unity (US, JP) 2010
SJC (JP, HK, SG) 2013
Edge points of presence (>100 - all are
not shown on this map)
Leased and owned fiber
#
#
Future regions and number of zones
Current regions and number of zones
3
3
2
3
3 3
3
3
2
4
3
3
2
Frankfurt
Singapore
S Carolina
N Virginia
Belgium
London
Taiwan
Mumbai
Sydney
Oregon Iowa
São Paulo
Finland
Tokyo
Montreal
California
Netherlands
3
3
33
GCP Network at a Glance
https://peering.google.com
https://cloud.google.com/compute/docs/regions-zones/regions-zones
32. Belgium Finland
Frankfurt
*SLA availability statements are achievement targets and are
subject to change and per Google terms and conditions
https://peering.google.com
https://cloud.google.com/compute/docs/regions-zones/regions-zones
Singapore
S Carolina
London
Taiwan
Mumbai
Oregon
Iowa
Tokyo
São Paulo
vnet-1: 10.1/16
vnet-2: 10.2/16
vnet-3: 10.2.1/24
Setting the Stage (Control Plane)
● Isolation across
virtual networks
● Built for scale
○ 100k VMs in
184 ms1
1
median
● High Availability
Targets*
○ 99.9% Single Zone
○ 99.99% Single Region
○ 99.999% Globally
33. Setting the Stage (Data Plane)
Core network functions
Guest
VM
Dataplane
Host
Mgmt
Control Plane
Guest
VM
Dataplane
Host
Mgmt
Constantly Adding new functions
● Provide core network functions
● Constantly evolving new
features
○ Supported by Live
Migration and Dataplane
Hitless Upgrades
34. Frankfurt
https://peering.google.com
https://cloud.google.com/compute/docs/regions-zones/regions-zones
Singapore
S Carolina
N Virginia
Belgium
London
Taiwan
Mumbai
Sydney
Oregon
Iowa
São Paulo
Finland
Tokyo
Overview
Cluster Manager
Regional Fabric Manager
Google Fabric Manager API Google Fabric Manager API Google Fabric Manager API
Regional Fabric Manager
VM Controller VM Controller VM ControllerVM Controller
OFE OFE OFE OFE
Google Fabric Manager API
VM
Coprocessor
Guest
VM
Open
vswitch
Host
Mgmt
Andromeda Dataplane
Guest
VMGuest
VM
VM
Coprocessor
Guest
VM
Open
vswitch
Host
Mgmt
Andromeda Dataplane
Guest
VMGuest
VM
VM
Coprocessor
Guest
VM
Open
vswitch
Host
Mgmt
Andromeda Dataplane
Guest
VMGuest
VM
VM
Coprocessor
Guest
VM
Open
vswitch
Host
Mgmt
Andromeda Dataplane
Guest
VMGuest
VM
35. Providing High Availability and Scaling
Fabric Manager
VMC
OFE
VM
Coprocessor
Open
vswitch
Host
Mgmt
Andromeda Dataplane
VMVM
VM
VMCVMC
Replicated
VM
Coprocessor
Open
vswitch
Host
Mgmt
Andromeda Dataplane
VMVM
VM
VM
Coprocessor
Open
vswitch
Host
Mgmt
Andromeda Dataplane
VMVM
VM
Sharded
VM
Coprocessor
Open
vswitch
Host
Mgmt
Andromeda Dataplane
VMVM
VM
VM
Coprocessor
Open
vswitch
Host
Mgmt
Andromeda Dataplane
VMVM
VM
VM
Coprocessor
Open
vswitch
Host
Mgmt
Andromeda Dataplane
VMVM
VM
Horizontal
scaling
VMCVMCVMC
OFE
VM
Coprocessor
Open
vswitch
Host
Mgmt
Andromeda Dataplane
VM
Coprocessor
Open
vswitch
Host
Mgmt
Andromeda Dataplane
VMVM
VM
VM
Coprocessor
Open
vswitch
Host
Mgmt
Andromeda Dataplane
VMVM
VM
Sharded VMCVMCVMC
OFE
36. Network Programming Models
● Pre-Programmed Model
○ Programs a full mesh of VM-VM connectivity
○ Works well for small virtual networks
VM
Control
Plane
VM
VM
Hoverboard
VM
● On-Demand Model
○ Traditional OpenFlow learning packet model
○ First Packet always misses to controller
● Google Hybrid Model: Hoverboards
○ Uses a software gateway
○ Pre-Program small networks
○ Larger Networks
■ Packet goes through Hoverboards
■ Flows can be offloaded to the VM hosts
37. Guest OS
Hypervisor
Openvswitch
Hardware NIC
Andromeda 1.0
Guest OS
Userspace NIC
Hardware NIC
Hypervisor
Andromeda 2.1
Bypass to
Userspace NIC
Guest OS
Hypervisor
Userspace NIC
Hardware NIC
Andromeda 2.0
Dataplane in
Userspace
Andromeda 1.5
Guest OS
Hypervisor
Openvswitch
Hardware NIC
Offloads + Live
Migration
Guest OS
Userspace
NIC
Hardware NIC
Hypervisor
Hypervisor
Bypass
Future
Andromeda Dataplane Quick History
38. Andromeda Dataplane
Enabling Native Hw Performance in Software
● Fast Path
○ 2 million pps
VM1
Guest VM
vnic TX vnic RX
Fastpath
Egress
Engine
Ingress
Engine
VM2
Guest VM
vnic TX vnic RX
Coprocessor
Coprocessor
NIC
vswitchd
ctrl
vswitchd
● Coprocessors
○ CPU Intensive functions
● On Host control plane
40. Fully Programmable Dataplane
Openvswitch
Google
Extensions
Load Balancing
Stats and Billing
Policy Enforcement
Table-0: Decap
Table-0: Decap
Table-50: Encap
Flow Table
Flow Key Action
Coprocessors
Traffic Shaper
DoS and Abuse
New Features
vswitchd ctrl
NIC
In port=5, src ip=1.2.3.4 Encap, out port=3229
In port=470, Encap Decap, out port=5
● Fully programmable from
control plane
VM Controller
● Programmable flow table
● Custom Google extension
framework
● Easy Network function
implementation
43. No Middle Box
Load Balancer
Backend Backend Backend
VIP
Traditional Load Balancers
Client VM
Load
Balancer
Backend Backend
Client VM
Load
Balancer
Backend
GCP Internal Load Balancing
Client VMClient VM
44. Load Balancer in Client as Network Function
VM Controllers
OFEs
Health Reporter
Health
CheckerClient VM
Load Balancer
Backend VMBackend VM
Cluster Fabric Manager
Control
Health
VM-VM
OpenFlow
46. Your toolkit is much bigger actually...
Container Engine KubernetesCompute Engine App Engine
Cloud Load
Balancing
Cloud CDN Cloud
Interconnect
Cloud
Functions
Global, Secure
Network
Cloud VPC
Stackdriver
And many many more ...
47. Cloud Networking: Key Takeaways
Google’s global, software-defined network: the underpinnings of high performance,
flexibility, control, and security that Google Cloud provides
Google Cloud’s secure VPC: Global VPC, choice of topologies (org, shared VPC, peered
VPC…), distributed firewall, IAM, secure connectivity (Private Interconnect, Direct
Peering, Carrier Interconnect, Cloud VPN)
Google Cloud’s best-of-breed network services: High performance Global Load
Balancing, Private Internal Load Balancing, High performance Cloud CDN, Cloud DNS.
Google’s technical infrastructure is built for the cloud and employs a layered security
model to secure the entire stack to address stringent regulatory and enterprise
security needs.
1
2
3
4