SlideShare a Scribd company logo

Networking For Nested Containers: Magnum, Kuryr, Neutron Integration

Fawad Khaliq
Fawad Khaliq

In the OpenStack ecosystem, containers were introduced as first class citizens recently with the project Magnum and the networking for containers has also evolved since then. Project Kuryr makes networking available to containers through Neutron. This all brings together how Neutron networking benefits containers like it does virtual machines. However, to make Neutron, Kuryr and Magnum cover all the use cases for containers, nested containers inside Nova VMs require networking to work as seamlessly as it works for virtual machines or bare metal containers. In this session, we will talk about Magnum, Kuryr, Neutron integration and how the problem of nested container networking has been solved in the OpenStack community, it's architecture, the design, current status and next steps.

1 of 33
Download to read offline
Magnum, Kuryr, Neutron Integration Networking for Nested Containers Fawad Khaliq - @fawadkhaliq Antoni Segura – @celebdor Gal Sagie - @GalSagie
Copyright © PLUMgrid, Inc. 2011-2016 Introduction Speakers Sr. Software Engineer PLUMgrid Khaliq Fawad 2 Senior Engineer Midokura Segura Antoni Architect Huawei Sagie Gal
Copyright © PLUMgrid, Inc. 2011-2016 • Magnum, Neutron • Kuryr • Nested Containers and Networking Problem • Nested Containers Networking – Solution/Design • Capabilities and considerations • Current Status • Next Steps • Q&A Agenda 3
Magnum Container-as-a-service in OpenStack 4
Copyright © PLUMgrid, Inc. 2011-2016 Magnum Container-as-a-service in OpenStack 5 Docker Swarm (Bay) Nova Instance Container Container Container Nova Instance Container Container Container
Copyright © PLUMgrid, Inc. 2011-2016 Magnum Container-as-a-service in OpenStack 6 Kubernetes (Bay) Nova Instance Pod Container Container Nova Instance Pod Container Container
Copyright © PLUMgrid, Inc. 2011-20167
Neutron Networking in OpenStack 8
Copyright © PLUMgrid, Inc. 2011-2016 • Provides “network as a service” • Provides rich network topologies • Technology agnostic; pluggable networking backends • Extensible • Offers advanced services like LBaas, VPNaas, FWaas etc Neutron 9
Kuryr Container Networking in OpenStack 10
Copyright © PLUMgrid, Inc. 2011-2016 Kuryr 11 Neutron as the 
 production-ready 
 networking abstraction
 containers need
Copyright © PLUMgrid, Inc. 2011-2016 VM/Container Networking: Similar Concepts 12 Docker C1 Docker C2 Docker C3 libNetwork Endpoint Endpoint EndpointEndpoint Frontend Network Backend Network Network Sandbox Network Sandbox Network Sandbox VM2 192.168.1.7 192.168.5.2 VM1 Tenant A Net1 192.168.1.0/0 Tenant A Net2 192.168.5.0/0 192.168.1.5 Neutron
Copyright © PLUMgrid, Inc. 2011-2016 • Open source • Part of OpenStack Big-Tent • Brings the Neutron networking model to containers • Aims to support different Container Runtimes (docker, rkt, etc) • E.g. Kubernetes, Mesos, Docker Swarm • Weekly IRC meetings • Working together with OpenStack community • Neutron, Magnum, Kolla Kuryr Project Overview 13
Copyright © PLUMgrid, Inc. 2011-2016 Kuryr Components 14 Configuration ManagementKuryr libNetwork Network Plugin K8S CNI Driver Keystone Authentication & Neutron Client Interface Generic VIF Binding Kuryr libNetwork IPAM Plugin
Problems with current Nested Containers Why do we need to consider this as a special scenario? 15
Copyright © PLUMgrid, Inc. 2011-2016 • Two Separate networking infrastructures • Hard to enforce network policy (N-tier applications) • Security and Isolation • Performance and unneeded overhead Problems with Current Nested Containers Networking 16
Copyright © PLUMgrid, Inc. 2011-2016 Problems with Current Nested Containers Networking 17 Docker 0 OVS VXLAN Overlay VM Docker 0 Neutron Plugin VXLAN Overlay VM SDN Overlay Neutron Overlay
Copyright © PLUMgrid, Inc. 2011-2016 Problems with Current Nested Containers Networking 18 Neutron Networks VMVM VM Tenant A Net1 192.168.1.0/0
Copyright © PLUMgrid, Inc. 2011-2016 Problems with Current Nested Containers Networking 19 Container Networks VMVM VM Backend Network 10.2.0.0/24 Endpoint Endpoint Endpoint Endpoint Endpoint Endpoint Endpoint Frontend Network 10.1.0.0/24
Nested Container Networking Solution Design for the nested container networking in OpenStack 20
Copyright © PLUMgrid, Inc. 2011-2016 • Nested/baremetal container to nested/baremetal container same/ different hosts • Nested/baremetal container to virtual machine communication • Nested/baremetal container to baremetal communication • Container networking as a first class entity in Neutron • Consistent policy enforcement across containers, VMs, bare metal • Enable advanced networking services like FWaas, LBaas, VPNaas etc Nested Container Networking Use Cases 21
Copyright © PLUMgrid, Inc. 2011-2016 Nested Container Networking Design Magnum, Kuryr, Neutron Integration 22 VLAN:100 VLAN:200 VLAN:400 VLAN:100
Copyright © PLUMgrid, Inc. 2011-2016 Neutron Trunk Ports 23 Nova Instance port-1 port-0 port-2 network-1 network-0 network-2 Port combined into one vif by turning port-0 into trunk and other ports into supports of the trunk
Copyright © PLUMgrid, Inc. 2011-201624
Capabilities and Considerations 25
Copyright © PLUMgrid, Inc. 2011-2016 • Neutron resources spec approved and patches under review • Trunk • Subport • Subports bring isolation to container-in-VM use cases • Port forwarding can take us further • Vendors can implement new segmentation types • Tagged traffic that does not match a sub port, is considered of the trunk port Capabilities and Considerations 26
Copyright © PLUMgrid, Inc. 2011-2016 • Limitations • Policy is applied at the Host level • Initial only VLAN tags for segmentation type • Tags are unique per “trunk port” scope • VM users can alter subport traffic • Logging of VM actions is dependent on integration • Can't work with current OVS Capabilities and Considerations 27
Current Status 28
Copyright © PLUMgrid, Inc. 2011-2016 • Trunk Port Extension spec approved and code in progress • Binding profile workaround to proceed in parallel • Nested Container networking spec approved in Kuryr • Docker Swarm Integration completed • Kubernetes in progress • Mesos in design stages Current Status 29
Next Steps 30
Copyright © PLUMgrid, Inc. 2011-2016 • Follow up on the Neutron Trunk port implementation • Finish COE baremetal integration • Policy translation • Make Neutron resources available through native APIs • Magnum deployment prototype of worker VM with Kuryr agent • Magnum administrator VM that communicates with Neutron Next Steps 31
Questions 32
Join us at #openstack-kuryr THANK YOU! irc: #openstack-kuryr @ freenode

Recommended

Tap as a service: What you need to know now
Tap as a service: What you need to know nowTap as a service: What you need to know now
Tap as a service: What you need to know now
Fawad Khaliq
 
Microservices Architectures with Docker Swarm, etcd, Kuryr and Neutron
Microservices Architectures with Docker Swarm, etcd, Kuryr and NeutronMicroservices Architectures with Docker Swarm, etcd, Kuryr and Neutron
Microservices Architectures with Docker Swarm, etcd, Kuryr and Neutron
Fawad Khaliq
 
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...
Cloud Native Day Tel Aviv
 
Container Networking Deep Dive
Container Networking Deep DiveContainer Networking Deep Dive
Container Networking Deep Dive
Open Networking Summit
 
Kuryr-Kubernetes: The perfect match for networking cloud native workloads - I...
Kuryr-Kubernetes: The perfect match for networking cloud native workloads - I...Kuryr-Kubernetes: The perfect match for networking cloud native workloads - I...
Kuryr-Kubernetes: The perfect match for networking cloud native workloads - I...
Cloud Native Day Tel Aviv
 
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFVOpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV
Cloud Native Day Tel Aviv
 
Navigating OpenStack Networking
Navigating OpenStack NetworkingNavigating OpenStack Networking
Navigating OpenStack Networking
PLUMgrid
 
Introduction to MidoNet
Introduction to MidoNetIntroduction to MidoNet
Introduction to MidoNet
Taku Fukushima
 

Recommended

Tap as a service: What you need to know now
Tap as a service: What you need to know nowTap as a service: What you need to know now
Tap as a service: What you need to know now
Fawad Khaliq
 
Microservices Architectures with Docker Swarm, etcd, Kuryr and Neutron
Microservices Architectures with Docker Swarm, etcd, Kuryr and NeutronMicroservices Architectures with Docker Swarm, etcd, Kuryr and Neutron
Microservices Architectures with Docker Swarm, etcd, Kuryr and Neutron
Fawad Khaliq
 
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...
Cloud Native Day Tel Aviv
 
Container Networking Deep Dive
Container Networking Deep DiveContainer Networking Deep Dive
Container Networking Deep Dive
Open Networking Summit
 
Kuryr-Kubernetes: The perfect match for networking cloud native workloads - I...
Kuryr-Kubernetes: The perfect match for networking cloud native workloads - I...Kuryr-Kubernetes: The perfect match for networking cloud native workloads - I...
Kuryr-Kubernetes: The perfect match for networking cloud native workloads - I...
Cloud Native Day Tel Aviv
 
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFVOpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV
Cloud Native Day Tel Aviv
 
Navigating OpenStack Networking
Navigating OpenStack NetworkingNavigating OpenStack Networking
Navigating OpenStack Networking
PLUMgrid
 
Introduction to MidoNet
Introduction to MidoNetIntroduction to MidoNet
Introduction to MidoNet
Taku Fukushima
 
OpenStack Neutron behind the Scenes
OpenStack Neutron behind the ScenesOpenStack Neutron behind the Scenes
OpenStack Neutron behind the Scenes
Anil Bidari ( CEO , Cloud Enabled)
 
Kubernetes networking in AWS
Kubernetes networking in AWSKubernetes networking in AWS
Kubernetes networking in AWS
Zvika Gazit
 
Lessons learned from global telecom operators' cloud journeys - Zeev Likworni...
Lessons learned from global telecom operators' cloud journeys - Zeev Likworni...Lessons learned from global telecom operators' cloud journeys - Zeev Likworni...
Lessons learned from global telecom operators' cloud journeys - Zeev Likworni...
Cloud Native Day Tel Aviv
 
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
Cloud Native Day Tel Aviv
 
VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...
VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...
VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...
Vietnam Open Infrastructure User Group
 
OpenStack and the Transformation of the Data Center - Lew Tucker
OpenStack and the Transformation of the Data Center - Lew TuckerOpenStack and the Transformation of the Data Center - Lew Tucker
OpenStack and the Transformation of the Data Center - Lew Tucker
Lew Tucker
 
OpenStack & OpenContrail in Production
OpenStack & OpenContrail in ProductionOpenStack & OpenContrail in Production
OpenStack & OpenContrail in Production
Edgar Magana
 
Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...
Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...
Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...
Cloud Native Day Tel Aviv
 
Role of sdn controllers in open stack
Role of sdn controllers in open stackRole of sdn controllers in open stack
Role of sdn controllers in open stack
openstackindia
 
Overlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container NetworkingOverlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container Networking
Lee Calcote
 
Network Monitoring and Analytics
Network Monitoring and AnalyticsNetwork Monitoring and Analytics
Network Monitoring and Analytics
PLUMgrid
 
OpenStack Neutron Havana Overview - Oct 2013
OpenStack Neutron Havana Overview - Oct 2013OpenStack Neutron Havana Overview - Oct 2013
OpenStack Neutron Havana Overview - Oct 2013
Edgar Magana
 
Simple, Scalable and Secure Networking for Data Centers with Project Calico
Simple, Scalable and Secure Networking for Data Centers with Project CalicoSimple, Scalable and Secure Networking for Data Centers with Project Calico
Simple, Scalable and Secure Networking for Data Centers with Project Calico
Emma Gordon
 
Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...
Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...
Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...
Cloud Native Day Tel Aviv
 
Deploying OpenDaylight and OpenStack at Ease
Deploying OpenDaylight and OpenStack at EaseDeploying OpenDaylight and OpenStack at Ease
Deploying OpenDaylight and OpenStack at Ease
Michelle Holley
 
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
Karthik Prabhakar
 
OpenStack and OpenDaylight Workshop: ONUG Spring 2014
OpenStack and OpenDaylight Workshop: ONUG Spring 2014OpenStack and OpenDaylight Workshop: ONUG Spring 2014
OpenStack and OpenDaylight Workshop: ONUG Spring 2014
mestery
 
Docker Networking with Project Calico
Docker Networking with Project CalicoDocker Networking with Project Calico
Docker Networking with Project Calico
Andrew Kennedy
 
Deploying vn fs with kubernetes pods and vms
Deploying vn fs with kubernetes pods and vmsDeploying vn fs with kubernetes pods and vms
Deploying vn fs with kubernetes pods and vms
LibbySchulze1
 
Unified Underlay and Overlay SDNs for OpenStack Clouds
Unified Underlay and Overlay SDNs for OpenStack CloudsUnified Underlay and Overlay SDNs for OpenStack Clouds
Unified Underlay and Overlay SDNs for OpenStack Clouds
PLUMgrid
 
Enhancing OpenStack FWaaS for real world application
Enhancing OpenStack FWaaS for real world applicationEnhancing OpenStack FWaaS for real world application
Enhancing OpenStack FWaaS for real world application
openstackindia
 
Openstack Quantum Security Groups Session
Openstack Quantum Security Groups SessionOpenstack Quantum Security Groups Session
Openstack Quantum Security Groups Session
David Lapsley
 

More Related Content

What's hot

OpenStack Neutron behind the Scenes
OpenStack Neutron behind the ScenesOpenStack Neutron behind the Scenes
OpenStack Neutron behind the Scenes
Anil Bidari ( CEO , Cloud Enabled)
 
Kubernetes networking in AWS
Kubernetes networking in AWSKubernetes networking in AWS
Kubernetes networking in AWS
Zvika Gazit
 
Lessons learned from global telecom operators' cloud journeys - Zeev Likworni...
Lessons learned from global telecom operators' cloud journeys - Zeev Likworni...Lessons learned from global telecom operators' cloud journeys - Zeev Likworni...
Lessons learned from global telecom operators' cloud journeys - Zeev Likworni...
Cloud Native Day Tel Aviv
 
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
Cloud Native Day Tel Aviv
 
VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...
VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...
VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...
Vietnam Open Infrastructure User Group
 
OpenStack and the Transformation of the Data Center - Lew Tucker
OpenStack and the Transformation of the Data Center - Lew TuckerOpenStack and the Transformation of the Data Center - Lew Tucker
OpenStack and the Transformation of the Data Center - Lew Tucker
Lew Tucker
 
OpenStack & OpenContrail in Production
OpenStack & OpenContrail in ProductionOpenStack & OpenContrail in Production
OpenStack & OpenContrail in Production
Edgar Magana
 
Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...
Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...
Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...
Cloud Native Day Tel Aviv
 
Role of sdn controllers in open stack
Role of sdn controllers in open stackRole of sdn controllers in open stack
Role of sdn controllers in open stack
openstackindia
 
Overlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container NetworkingOverlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container Networking
Lee Calcote
 
Network Monitoring and Analytics
Network Monitoring and AnalyticsNetwork Monitoring and Analytics
Network Monitoring and Analytics
PLUMgrid
 
OpenStack Neutron Havana Overview - Oct 2013
OpenStack Neutron Havana Overview - Oct 2013OpenStack Neutron Havana Overview - Oct 2013
OpenStack Neutron Havana Overview - Oct 2013
Edgar Magana
 
Simple, Scalable and Secure Networking for Data Centers with Project Calico
Simple, Scalable and Secure Networking for Data Centers with Project CalicoSimple, Scalable and Secure Networking for Data Centers with Project Calico
Simple, Scalable and Secure Networking for Data Centers with Project Calico
Emma Gordon
 
Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...
Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...
Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...
Cloud Native Day Tel Aviv
 
Deploying OpenDaylight and OpenStack at Ease
Deploying OpenDaylight and OpenStack at EaseDeploying OpenDaylight and OpenStack at Ease
Deploying OpenDaylight and OpenStack at Ease
Michelle Holley
 
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
Karthik Prabhakar
 
OpenStack and OpenDaylight Workshop: ONUG Spring 2014
OpenStack and OpenDaylight Workshop: ONUG Spring 2014OpenStack and OpenDaylight Workshop: ONUG Spring 2014
OpenStack and OpenDaylight Workshop: ONUG Spring 2014
mestery
 
Docker Networking with Project Calico
Docker Networking with Project CalicoDocker Networking with Project Calico
Docker Networking with Project Calico
Andrew Kennedy
 
Deploying vn fs with kubernetes pods and vms
Deploying vn fs with kubernetes pods and vmsDeploying vn fs with kubernetes pods and vms
Deploying vn fs with kubernetes pods and vms
LibbySchulze1
 
Unified Underlay and Overlay SDNs for OpenStack Clouds
Unified Underlay and Overlay SDNs for OpenStack CloudsUnified Underlay and Overlay SDNs for OpenStack Clouds
Unified Underlay and Overlay SDNs for OpenStack Clouds
PLUMgrid
 

What's hot (20)

OpenStack Neutron behind the Scenes
OpenStack Neutron behind the ScenesOpenStack Neutron behind the Scenes
OpenStack Neutron behind the Scenes
 
Kubernetes networking in AWS
Kubernetes networking in AWSKubernetes networking in AWS
Kubernetes networking in AWS
 
Lessons learned from global telecom operators' cloud journeys - Zeev Likworni...
Lessons learned from global telecom operators' cloud journeys - Zeev Likworni...Lessons learned from global telecom operators' cloud journeys - Zeev Likworni...
Lessons learned from global telecom operators' cloud journeys - Zeev Likworni...
 
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
 
VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...
VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...
VOID19 Cloud Transformation at Viettel accelerate faster with open infrastru...
 
OpenStack and the Transformation of the Data Center - Lew Tucker
OpenStack and the Transformation of the Data Center - Lew TuckerOpenStack and the Transformation of the Data Center - Lew Tucker
OpenStack and the Transformation of the Data Center - Lew Tucker
 
OpenStack & OpenContrail in Production
OpenStack & OpenContrail in ProductionOpenStack & OpenContrail in Production
OpenStack & OpenContrail in Production
 
Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...
Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...
Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...
 
Role of sdn controllers in open stack
Role of sdn controllers in open stackRole of sdn controllers in open stack
Role of sdn controllers in open stack
 
Overlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container NetworkingOverlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container Networking
 
Network Monitoring and Analytics
Network Monitoring and AnalyticsNetwork Monitoring and Analytics
Network Monitoring and Analytics
 
OpenStack Neutron Havana Overview - Oct 2013
OpenStack Neutron Havana Overview - Oct 2013OpenStack Neutron Havana Overview - Oct 2013
OpenStack Neutron Havana Overview - Oct 2013
 
Simple, Scalable and Secure Networking for Data Centers with Project Calico
Simple, Scalable and Secure Networking for Data Centers with Project CalicoSimple, Scalable and Secure Networking for Data Centers with Project Calico
Simple, Scalable and Secure Networking for Data Centers with Project Calico
 
Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...
Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...
Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...
 
Deploying OpenDaylight and OpenStack at Ease
Deploying OpenDaylight and OpenStack at EaseDeploying OpenDaylight and OpenStack at Ease
Deploying OpenDaylight and OpenStack at Ease
 
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
 
OpenStack and OpenDaylight Workshop: ONUG Spring 2014
OpenStack and OpenDaylight Workshop: ONUG Spring 2014OpenStack and OpenDaylight Workshop: ONUG Spring 2014
OpenStack and OpenDaylight Workshop: ONUG Spring 2014
 
Docker Networking with Project Calico
Docker Networking with Project CalicoDocker Networking with Project Calico
Docker Networking with Project Calico
 
Deploying vn fs with kubernetes pods and vms
Deploying vn fs with kubernetes pods and vmsDeploying vn fs with kubernetes pods and vms
Deploying vn fs with kubernetes pods and vms
 
Unified Underlay and Overlay SDNs for OpenStack Clouds
Unified Underlay and Overlay SDNs for OpenStack CloudsUnified Underlay and Overlay SDNs for OpenStack Clouds
Unified Underlay and Overlay SDNs for OpenStack Clouds
 

Viewers also liked

Enhancing OpenStack FWaaS for real world application
Enhancing OpenStack FWaaS for real world applicationEnhancing OpenStack FWaaS for real world application
Enhancing OpenStack FWaaS for real world application
openstackindia
 
Openstack Quantum Security Groups Session
Openstack Quantum Security Groups SessionOpenstack Quantum Security Groups Session
Openstack Quantum Security Groups Session
David Lapsley
 
OpenStack: Security Beyond Firewalls
OpenStack: Security Beyond FirewallsOpenStack: Security Beyond Firewalls
OpenStack: Security Beyond Firewalls
Giuseppe Paterno'
 
Taking Security Groups to Ludicrous Speed with OVS (OpenStack Summit 2015)
Taking Security Groups to Ludicrous Speed with OVS (OpenStack Summit 2015)Taking Security Groups to Ludicrous Speed with OVS (OpenStack Summit 2015)
Taking Security Groups to Ludicrous Speed with OVS (OpenStack Summit 2015)
Thomas Graf
 
Docker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversDocker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan Drivers
Brent Salisbury
 
Docker networking Tutorial 101
Docker networking Tutorial 101Docker networking Tutorial 101
Docker networking Tutorial 101
LorisPack Project
 

Viewers also liked (6)

Enhancing OpenStack FWaaS for real world application
Enhancing OpenStack FWaaS for real world applicationEnhancing OpenStack FWaaS for real world application
Enhancing OpenStack FWaaS for real world application
 
Openstack Quantum Security Groups Session
Openstack Quantum Security Groups SessionOpenstack Quantum Security Groups Session
Openstack Quantum Security Groups Session
 
OpenStack: Security Beyond Firewalls
OpenStack: Security Beyond FirewallsOpenStack: Security Beyond Firewalls
OpenStack: Security Beyond Firewalls
 
Taking Security Groups to Ludicrous Speed with OVS (OpenStack Summit 2015)
Taking Security Groups to Ludicrous Speed with OVS (OpenStack Summit 2015)Taking Security Groups to Ludicrous Speed with OVS (OpenStack Summit 2015)
Taking Security Groups to Ludicrous Speed with OVS (OpenStack Summit 2015)
 
Docker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversDocker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan Drivers
 
Docker networking Tutorial 101
Docker networking Tutorial 101Docker networking Tutorial 101
Docker networking Tutorial 101
 

Similar to Networking For Nested Containers: Magnum, Kuryr, Neutron Integration

MidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a BoostMidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a Boost
OpenStack_Online
 
OpenStack Neutron: What's New In Kilo and a Look Toward Liberty
OpenStack Neutron: What's New In Kilo and a Look Toward LibertyOpenStack Neutron: What's New In Kilo and a Look Toward Liberty
OpenStack Neutron: What's New In Kilo and a Look Toward Liberty
mestery
 
MidoNet Overview - OpenStack and SDN integration
MidoNet Overview - OpenStack and SDN integrationMidoNet Overview - OpenStack and SDN integration
MidoNet Overview - OpenStack and SDN integration
Akhilesh Dhawan
 
5G Microservices
5G Microservices5G Microservices
5G Microservices
Lumina Networks
 
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack NetworkingONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
markmcclain
 
Building managedprivatecloud kvh_vancouversummit
Building managedprivatecloud kvh_vancouversummitBuilding managedprivatecloud kvh_vancouversummit
Building managedprivatecloud kvh_vancouversummit
matsunota
 
The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...
The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...
The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...
Daniel Krook
 
You Can Build Your OpenStack and Consume it Too
You Can Build Your OpenStack and Consume it TooYou Can Build Your OpenStack and Consume it Too
You Can Build Your OpenStack and Consume it Too
PLUMgrid
 
Microservices K8S
Microservices K8SMicroservices K8S
Microservices K8S
Lumina Networks
 
You Can Build Your OpenStack and Consume it Too
You Can Build Your OpenStack and Consume it TooYou Can Build Your OpenStack and Consume it Too
You Can Build Your OpenStack and Consume it Too
PLUMgrid
 
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlow
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlowCloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlow
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlow
Cohesive Networks
 
OpenStack Neutron Liberty Updates
OpenStack Neutron Liberty UpdatesOpenStack Neutron Liberty Updates
OpenStack Neutron Liberty Updates
mestery
 
Implementing vCPE with OpenStack and Software Defined Networks
Implementing vCPE with OpenStack and Software Defined NetworksImplementing vCPE with OpenStack and Software Defined Networks
Implementing vCPE with OpenStack and Software Defined Networks
PLUMgrid
 
Neutron Updates - Liberty Edition
Neutron Updates - Liberty Edition Neutron Updates - Liberty Edition
Neutron Updates - Liberty Edition
OpenStack Foundation
 
OVNC 2015-Open Ethernet과 SDN을 통한 Mellanox의 차세대 네트워크 혁신 방안
OVNC 2015-Open Ethernet과 SDN을 통한 Mellanox의 차세대 네트워크 혁신 방안OVNC 2015-Open Ethernet과 SDN을 통한 Mellanox의 차세대 네트워크 혁신 방안
OVNC 2015-Open Ethernet과 SDN을 통한 Mellanox의 차세대 네트워크 혁신 방안
NAIM Networks, Inc.
 
Unlock Your Cloud Potential with Mirantis OpenStack & Cumulus Linux
Unlock Your Cloud Potential with Mirantis OpenStack & Cumulus LinuxUnlock Your Cloud Potential with Mirantis OpenStack & Cumulus Linux
Unlock Your Cloud Potential with Mirantis OpenStack & Cumulus Linux
Cumulus Networks
 
Mirantis OpenStack and Cumulus Linux Webinar
Mirantis OpenStack and Cumulus Linux WebinarMirantis OpenStack and Cumulus Linux Webinar
Mirantis OpenStack and Cumulus Linux Webinar
Kamesh Pemmaraju
 
Cloud Computing with OpenStack
Cloud Computing with OpenStackCloud Computing with OpenStack
Cloud Computing with OpenStack
inside-BigData.com
 
DESIGN OF BARE METAL FABRICS - Built with SDN, Bare Metal Switches, and Merch...
DESIGN OF BARE METAL FABRICS - Built with SDN, Bare Metal Switches, and Merch...DESIGN OF BARE METAL FABRICS - Built with SDN, Bare Metal Switches, and Merch...
DESIGN OF BARE METAL FABRICS - Built with SDN, Bare Metal Switches, and Merch...
Open Networking Summits
 
NSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
NSX: La Virtualizzazione di Rete e il Futuro della SicurezzaNSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
NSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
VMUG IT
 

Similar to Networking For Nested Containers: Magnum, Kuryr, Neutron Integration (20)

MidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a BoostMidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a Boost
 
OpenStack Neutron: What's New In Kilo and a Look Toward Liberty
OpenStack Neutron: What's New In Kilo and a Look Toward LibertyOpenStack Neutron: What's New In Kilo and a Look Toward Liberty
OpenStack Neutron: What's New In Kilo and a Look Toward Liberty
 
MidoNet Overview - OpenStack and SDN integration
MidoNet Overview - OpenStack and SDN integrationMidoNet Overview - OpenStack and SDN integration
MidoNet Overview - OpenStack and SDN integration
 
5G Microservices
5G Microservices5G Microservices
5G Microservices
 
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack NetworkingONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
 
Building managedprivatecloud kvh_vancouversummit
Building managedprivatecloud kvh_vancouversummitBuilding managedprivatecloud kvh_vancouversummit
Building managedprivatecloud kvh_vancouversummit
 
The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...
The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...
The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...
 
You Can Build Your OpenStack and Consume it Too
You Can Build Your OpenStack and Consume it TooYou Can Build Your OpenStack and Consume it Too
You Can Build Your OpenStack and Consume it Too
 
Microservices K8S
Microservices K8SMicroservices K8S
Microservices K8S
 
You Can Build Your OpenStack and Consume it Too
You Can Build Your OpenStack and Consume it TooYou Can Build Your OpenStack and Consume it Too
You Can Build Your OpenStack and Consume it Too
 
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlow
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlowCloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlow
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlow
 
OpenStack Neutron Liberty Updates
OpenStack Neutron Liberty UpdatesOpenStack Neutron Liberty Updates
OpenStack Neutron Liberty Updates
 
Implementing vCPE with OpenStack and Software Defined Networks
Implementing vCPE with OpenStack and Software Defined NetworksImplementing vCPE with OpenStack and Software Defined Networks
Implementing vCPE with OpenStack and Software Defined Networks
 
Neutron Updates - Liberty Edition
Neutron Updates - Liberty Edition Neutron Updates - Liberty Edition
Neutron Updates - Liberty Edition
 
OVNC 2015-Open Ethernet과 SDN을 통한 Mellanox의 차세대 네트워크 혁신 방안
OVNC 2015-Open Ethernet과 SDN을 통한 Mellanox의 차세대 네트워크 혁신 방안OVNC 2015-Open Ethernet과 SDN을 통한 Mellanox의 차세대 네트워크 혁신 방안
OVNC 2015-Open Ethernet과 SDN을 통한 Mellanox의 차세대 네트워크 혁신 방안
 
Unlock Your Cloud Potential with Mirantis OpenStack & Cumulus Linux
Unlock Your Cloud Potential with Mirantis OpenStack & Cumulus LinuxUnlock Your Cloud Potential with Mirantis OpenStack & Cumulus Linux
Unlock Your Cloud Potential with Mirantis OpenStack & Cumulus Linux
 
Mirantis OpenStack and Cumulus Linux Webinar
Mirantis OpenStack and Cumulus Linux WebinarMirantis OpenStack and Cumulus Linux Webinar
Mirantis OpenStack and Cumulus Linux Webinar
 
Cloud Computing with OpenStack
Cloud Computing with OpenStackCloud Computing with OpenStack
Cloud Computing with OpenStack
 
DESIGN OF BARE METAL FABRICS - Built with SDN, Bare Metal Switches, and Merch...
DESIGN OF BARE METAL FABRICS - Built with SDN, Bare Metal Switches, and Merch...DESIGN OF BARE METAL FABRICS - Built with SDN, Bare Metal Switches, and Merch...
DESIGN OF BARE METAL FABRICS - Built with SDN, Bare Metal Switches, and Merch...
 
NSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
NSX: La Virtualizzazione di Rete e il Futuro della SicurezzaNSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
NSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
 

Recently uploaded

Graspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code AnalysisGraspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code Analysis
Aftab Hussain
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
What is Augmented Reality Image Tracking
What is Augmented Reality Image TrackingWhat is Augmented Reality Image Tracking
What is Augmented Reality Image Tracking
pavan998932
 
GraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph TechnologyGraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph Technology
Neo4j
 
DDS-Security 1.2 - What's New? Stronger security for long-running systems
DDS-Security 1.2 - What's New? Stronger security for long-running systemsDDS-Security 1.2 - What's New? Stronger security for long-running systems
DDS-Security 1.2 - What's New? Stronger security for long-running systems
Gerardo Pardo-Castellote
 
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise EditionWhy Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Envertis Software Solutions
 
Hand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User Validation Code KataHand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User Validation Code Kata
Philip Schwarz
 
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdfAutomated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
timtebeek1
 
SWEBOK and Education at FUSE Okinawa 2024
SWEBOK and Education at FUSE Okinawa 2024SWEBOK and Education at FUSE Okinawa 2024
SWEBOK and Education at FUSE Okinawa 2024
Hironori Washizaki
 
Using Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional SafetyUsing Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional Safety
Ayan Halder
 
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of CodeA Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
Aftab Hussain
 
E-commerce Application Development Company.pdf
E-commerce Application Development Company.pdfE-commerce Application Development Company.pdf
E-commerce Application Development Company.pdf
Hornet Dynamics
 
E-commerce Development Services- Hornet Dynamics
E-commerce Development Services- Hornet DynamicsE-commerce Development Services- Hornet Dynamics
E-commerce Development Services- Hornet Dynamics
Hornet Dynamics
 
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket ManagementUtilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate
 
APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)
Boni García
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
Fermin Galan
 
May Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdfMay Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdf
Adele Miller
 
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j
 
2024 eCommerceDays Toulouse - Sylius 2.0.pdf
2024 eCommerceDays Toulouse - Sylius 2.0.pdf2024 eCommerceDays Toulouse - Sylius 2.0.pdf
2024 eCommerceDays Toulouse - Sylius 2.0.pdf
Łukasz Chruściel
 
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
mz5nrf0n
 

Recently uploaded (20)

Graspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code AnalysisGraspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code Analysis
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
What is Augmented Reality Image Tracking
What is Augmented Reality Image TrackingWhat is Augmented Reality Image Tracking
What is Augmented Reality Image Tracking
 
GraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph TechnologyGraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph Technology
 
DDS-Security 1.2 - What's New? Stronger security for long-running systems
DDS-Security 1.2 - What's New? Stronger security for long-running systemsDDS-Security 1.2 - What's New? Stronger security for long-running systems
DDS-Security 1.2 - What's New? Stronger security for long-running systems
 
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise EditionWhy Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
 
Hand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User Validation Code KataHand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User Validation Code Kata
 
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdfAutomated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
 
SWEBOK and Education at FUSE Okinawa 2024
SWEBOK and Education at FUSE Okinawa 2024SWEBOK and Education at FUSE Okinawa 2024
SWEBOK and Education at FUSE Okinawa 2024
 
Using Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional SafetyUsing Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional Safety
 
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of CodeA Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
 
E-commerce Application Development Company.pdf
E-commerce Application Development Company.pdfE-commerce Application Development Company.pdf
E-commerce Application Development Company.pdf
 
E-commerce Development Services- Hornet Dynamics
E-commerce Development Services- Hornet DynamicsE-commerce Development Services- Hornet Dynamics
E-commerce Development Services- Hornet Dynamics
 
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket ManagementUtilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
 
APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
 
May Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdfMay Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdf
 
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
 
2024 eCommerceDays Toulouse - Sylius 2.0.pdf
2024 eCommerceDays Toulouse - Sylius 2.0.pdf2024 eCommerceDays Toulouse - Sylius 2.0.pdf
2024 eCommerceDays Toulouse - Sylius 2.0.pdf
 
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
 

Networking For Nested Containers: Magnum, Kuryr, Neutron Integration

  • 1. Magnum, Kuryr, Neutron Integration Networking for Nested Containers Fawad Khaliq - @fawadkhaliq Antoni Segura – @celebdor Gal Sagie - @GalSagie
  • 2. Copyright © PLUMgrid, Inc. 2011-2016 Introduction Speakers Sr. Software Engineer PLUMgrid Khaliq Fawad 2 Senior Engineer Midokura Segura Antoni Architect Huawei Sagie Gal
  • 3. Copyright © PLUMgrid, Inc. 2011-2016 • Magnum, Neutron • Kuryr • Nested Containers and Networking Problem • Nested Containers Networking – Solution/Design • Capabilities and considerations • Current Status • Next Steps • Q&A Agenda 3
  • 5. Copyright © PLUMgrid, Inc. 2011-2016 Magnum Container-as-a-service in OpenStack 5 Docker Swarm (Bay) Nova Instance Container Container Container Nova Instance Container Container Container
  • 6. Copyright © PLUMgrid, Inc. 2011-2016 Magnum Container-as-a-service in OpenStack 6 Kubernetes (Bay) Nova Instance Pod Container Container Nova Instance Pod Container Container
  • 7. Copyright © PLUMgrid, Inc. 2011-20167
  • 9. Copyright © PLUMgrid, Inc. 2011-2016 • Provides “network as a service” • Provides rich network topologies • Technology agnostic; pluggable networking backends • Extensible • Offers advanced services like LBaas, VPNaas, FWaas etc Neutron 9
  • 11. Copyright © PLUMgrid, Inc. 2011-2016 Kuryr 11 Neutron as the 
 production-ready 
 networking abstraction
 containers need
  • 12. Copyright © PLUMgrid, Inc. 2011-2016 VM/Container Networking: Similar Concepts 12 Docker C1 Docker C2 Docker C3 libNetwork Endpoint Endpoint EndpointEndpoint Frontend Network Backend Network Network Sandbox Network Sandbox Network Sandbox VM2 192.168.1.7 192.168.5.2 VM1 Tenant A Net1 192.168.1.0/0 Tenant A Net2 192.168.5.0/0 192.168.1.5 Neutron
  • 13. Copyright © PLUMgrid, Inc. 2011-2016 • Open source • Part of OpenStack Big-Tent • Brings the Neutron networking model to containers • Aims to support different Container Runtimes (docker, rkt, etc) • E.g. Kubernetes, Mesos, Docker Swarm • Weekly IRC meetings • Working together with OpenStack community • Neutron, Magnum, Kolla Kuryr Project Overview 13
  • 14. Copyright © PLUMgrid, Inc. 2011-2016 Kuryr Components 14 Configuration ManagementKuryr libNetwork Network Plugin K8S CNI Driver Keystone Authentication & Neutron Client Interface Generic VIF Binding Kuryr libNetwork IPAM Plugin
  • 15. Problems with current Nested Containers Why do we need to consider this as a special scenario? 15
  • 16. Copyright © PLUMgrid, Inc. 2011-2016 • Two Separate networking infrastructures • Hard to enforce network policy (N-tier applications) • Security and Isolation • Performance and unneeded overhead Problems with Current Nested Containers Networking 16
  • 17. Copyright © PLUMgrid, Inc. 2011-2016 Problems with Current Nested Containers Networking 17 Docker 0 OVS VXLAN Overlay VM Docker 0 Neutron Plugin VXLAN Overlay VM SDN Overlay Neutron Overlay
  • 18. Copyright © PLUMgrid, Inc. 2011-2016 Problems with Current Nested Containers Networking 18 Neutron Networks VMVM VM Tenant A Net1 192.168.1.0/0
  • 19. Copyright © PLUMgrid, Inc. 2011-2016 Problems with Current Nested Containers Networking 19 Container Networks VMVM VM Backend Network 10.2.0.0/24 Endpoint Endpoint Endpoint Endpoint Endpoint Endpoint Endpoint Frontend Network 10.1.0.0/24
  • 20. Nested Container Networking Solution Design for the nested container networking in OpenStack 20
  • 21. Copyright © PLUMgrid, Inc. 2011-2016 • Nested/baremetal container to nested/baremetal container same/ different hosts • Nested/baremetal container to virtual machine communication • Nested/baremetal container to baremetal communication • Container networking as a first class entity in Neutron • Consistent policy enforcement across containers, VMs, bare metal • Enable advanced networking services like FWaas, LBaas, VPNaas etc Nested Container Networking Use Cases 21
  • 22. Copyright © PLUMgrid, Inc. 2011-2016 Nested Container Networking Design Magnum, Kuryr, Neutron Integration 22 VLAN:100 VLAN:200 VLAN:400 VLAN:100
  • 23. Copyright © PLUMgrid, Inc. 2011-2016 Neutron Trunk Ports 23 Nova Instance port-1 port-0 port-2 network-1 network-0 network-2 Port combined into one vif by turning port-0 into trunk and other ports into supports of the trunk
  • 24. Copyright © PLUMgrid, Inc. 2011-201624
  • 26. Copyright © PLUMgrid, Inc. 2011-2016 • Neutron resources spec approved and patches under review • Trunk • Subport • Subports bring isolation to container-in-VM use cases • Port forwarding can take us further • Vendors can implement new segmentation types • Tagged traffic that does not match a sub port, is considered of the trunk port Capabilities and Considerations 26
  • 27. Copyright © PLUMgrid, Inc. 2011-2016 • Limitations • Policy is applied at the Host level • Initial only VLAN tags for segmentation type • Tags are unique per “trunk port” scope • VM users can alter subport traffic • Logging of VM actions is dependent on integration • Can't work with current OVS Capabilities and Considerations 27
  • 29. Copyright © PLUMgrid, Inc. 2011-2016 • Trunk Port Extension spec approved and code in progress • Binding profile workaround to proceed in parallel • Nested Container networking spec approved in Kuryr • Docker Swarm Integration completed • Kubernetes in progress • Mesos in design stages Current Status 29
  • 31. Copyright © PLUMgrid, Inc. 2011-2016 • Follow up on the Neutron Trunk port implementation • Finish COE baremetal integration • Policy translation • Make Neutron resources available through native APIs • Magnum deployment prototype of worker VM with Kuryr agent • Magnum administrator VM that communicates with Neutron Next Steps 31
  • 33. Join us at #openstack-kuryr THANK YOU! irc: #openstack-kuryr @ freenode