Multi-tenant Framework for SDN Virtualization
•Download as PPTX, PDF•
1 like•1,571 views
To develop an AAA-integrated multi-tenant framework on the northbound of SDN.
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (20)
Similar to Multi-tenant Framework for SDN Virtualization
Similar to Multi-tenant Framework for SDN Virtualization (20)
Recently uploaded
Recently uploaded (20)
Multi-tenant Framework for SDN Virtualization
- 1. An Elementary Multi-tenant Framework on the Northbound Side of SDN HAO JIANG Advisor: Prof. Ahmed Bouabdallah 1
- 2. Agenda • State of the Art - Software-defined Networking (SDN) - Multi-tenant Networking - Multi-tenancy in SDN • Existing Solution - OpenDaylight’s Approach (Virtual Tenant Network) • Our Proposal - Research Content - Comparison with Existing Solution - Future Work 2
- 3. “An network architecture that decouples the control and data planes, moving the control logic to an external entity called SDN controller.” Software-defined Networking Network Orchestrations & Services Southbound APIs Northbound APIs Application Layer Controller Control Layer Data Layer 3
- 4. We define ‘Multi-tenancy’as a property of a network infrastructure which is transparently shared by multiple tenants, while still being able to present as an individually managed network to each tenant. Multi-tenancy in Networking • A tenant could be .. 4 A user of a network testbed A department of a campus network A virtual network operator (VNO) Service Provider
- 5. A Property of a network adopting SDN architecture, where multiple tenants transparently share the underlying resources in data plane, without any knowledge of others’existence. Multi-tenancy in SDN 5
- 6. A virtual network environment created in the container of OpenDaylight controller. VTN is set up by configuring virtual network nodes and links. Multiple VTNs can be created and managed as individual networks. OpenDaylight’s Approach - Virtual Tenant Network (VTN) 6
- 7. VTN Application Southbound APIs Northbound APIs Application Layer OpenDayLight Controller Control Layer Data Layer VTN Manager VTN Coordinator REST API 7
- 8. • VTN Function Conclusion - Centralized Administration in Application Layer - Differentiated Management and Monitoring - Physical Resources Isolation and Allocation - Layer 2 and Layer 3 Functionalities (vBridge, vRouter) - Flow Filter and QoS Control - Multiple SDN Controller Coordination OpenDayLight’s Approach 8
- 9. To develop a multi-tenant framework on the northbound of SDN, enabling multiple organizational entities transparently share the data plane resources of a SDN provider, with controlling services offered through NBIs to control and monitor their own network. A Proposal for Operator Network 9
- 10. SDN Provider Tenant A Tenant B Tenant A Tenant A Tenant B Backbone Network… 1
- 11. Network Services Network Services Southbound APIs Northbound APIs Application Layer Controller of SDN Provider Control Layer Data Layer Backbone SDN Architecture Tenant BTenant A 1
- 12. Work Flow • Service Subscription - SDN provider register tenants to network with an account • Tenant Authentication and Authorization - Tenants use the account to access the controller • Tenant Network Initiation - A tenant network domain is initiated • Service Monitoring and Debugging - Tenants modify network to their needs and monitor stats 1
- 13. General Goal • Openness - Tenant Network Control and Monitoring • Security and Privacy - Tenant Access Control, Tenant Network Isolation • Connectivity - Intra/inter Tenant and External Communication • Elasticity - Resource and Service Management 1
- 14. Services & Control Tenant A Network Admin SDN Provider Tenant B Services & Control Tenant C Services & Control Data Plane Controller AccessService Orchestrator Resource OrchestratorTopology Lifecycle MonitorTenant Manager Mapping&AllocationStatsPolicy AAA Southbound APIs Northbound APIs 1 1. User Access & Verification 2. Service Compilation 3. Resource Reservation and Configuration Instruction 4. Service & Resource Monitoring
- 15. Comparison VTN MTN framework Network Scope Campus Backbone SDN Administrator Campus Owner SDN Provider Possible Tenant Departmental network of a campus a virtual network operator Functionality Management Commercial Services Virtual Network Management Centralized in Administrator Outsourced to tenants Tenant Authority No controlling abilities Monitoring & Management Multi-controller Coordination Yes Not considered 1
- 16. My Future Work 1 1.Definition of an elementary multi-tenant framework for SDN 1-Dec Objectives and requirements plan 1-Dec Determine the constraints to be satisfied 4-Dec Specification of the framework 8-Dec Architecture definition 8-Dec Specification of AAA services 15-Dec Phase report and planning 18-Dec
- 17. 1 2.Controller selection and testbed installation (Mininet) 20-Dec Comprehensive comparison among existing SDN controllers 20-Dec Selection and Installation of the controller 27-Dec Phase report and planning 30-Dec 3.Development and test 1-Jan Development and test 1-Jan Results analysis and validation 22-Jan Draft - final report 29-Jan 4.Conclusion work 1-Feb My Future Work
- 18. 1 Thank You !
Editor's Notes
- Hello everyone. My name is Hao Jiang, I am a second year master student from EIT Digital Master School. I am currently majoring Internet of Things in Telecom Bretagne. My project is to develop an elementary multi-tenant framework on the northbound side of SDN. Prof. Ahmed is my supervisor.
- My presentation will be given in this three parts. First I will give a short introduction to the state of the art on multi-tenancy in SDN, and then I will provide an example of existing solution, which is the Virtual Tenant Network function on the OpenDaylight controller. After that, I will introduce another kind of possible solution, that I am currently working on in SDN multi-tenancy, and illustrate the difference between those two solutions. At last, I will introduce the plan of my future work.
- SDN has become a promising solution for future network. It brings flexibility and programmability in network management by extracting the control plane out of forwarding devices. Up to now, a lot of works have been done on the southbound side, but on the other hand, the full potential of SDN is far from being reached especially when considering the huge work we need to do on the northbound.
- One particular issue is to support diverse tenants and policies for different needs on the northbound. In traditional network, it is quite common that multiple virtual networks transparently share the same infrastructure by different technologies. Such kind of multi-tenancy could be different users sharing a same network testbed, different department sharing a same campus network, or different organizations sharing a same backbone network of service provider.
- Based on those technologies, how to realize multi-tenancy in SDN, especially how to satisfactorily support it on the northbound, is the research that I am currently working on.
- OpenDaylight provides a solution for multi-tenancy in campus network. It creates a container for each virtual network on the controller, and the administrator can set up a VTN by configuring virtual network elements. Those virtual networks are mapped into same infrastructure but different slices and managed as individual isolated networks.
- This is the overall architecture of VTN. VTN Coordinator is an External Application that provides a REST interface to user to use the VTN Virtualization. It interacts with VTN Manager plugin to implement the user configuration. It is also capable of multiple controller orchestration. VTN Manager is implemented as OSGI bundle of Controller. It interacts with other modules to implement the components of the VTN model. It also provides a REST interface to configure VTN components in OpenDaylight controller.
- To conclude, the VTN of OpenDaylight has the following functions. It creates multiple logically isolated virtual networks, and provides centralized but differentiated management and monitoring policies with satisfactory isolation. It also support Layer 2 and Layer 3 functions, flow filter, QoS control and multiple controller coordination. It is a very good example as a solution for multi-tenancy in campus networks.
- But we can make some difference when we considering multi-tenancy for Operator Network. I am currently trying to …
- In this case, a possible tenant could be a Virtual Network Operator, who rents the infrastructure resourses from the SDN provider, and customize their own virtual network services and sell them to their customers. Also a tenant could be a bank who is directly renting services from the SDN provider.
- This is the overall architecture for Operator Network Multi-tenancy, with delegated controlling functions for multiple tenants to customize and monitor their own virtual network services on the northbound.
- This is a general four-step work flow for a typical tenant service.
- The general goal of design is listed as the following four points. It should provide a mechanism with a secure level of openness for tenants to control and monitor their own virtual network. In addition, it need to provide a satisfactory level of isolation and policy-based connection among each. Last but not least, it should be scalable in terms of resource and service management.
- This is a general architecture, where tenants first access and start a two-way verification with the controller in order to send service requests. Then the tenant manager will compile the service request and generate configuration instructions for Service and Resource Orchestrators. After that, the orchestrator will accordingly generate Network Configuration and Resource Reservation messages to underlying devices. And after the service is initiated, the tenant can monitoring the service and resource status of the virtual network. My development work will mainly focus on multi-tenant access function on the northbound.
- This is a brief comparison between the proposal and VTN of OpenDaylight.
- This is the plan of my future work. For the next month I will try to reach a detailed specification of the framework.
- And build the testbed for development.