Ceph Performance on OpenStack - Barcelona SummitTakehiro Kudou
This document summarizes benchmark results for Ceph performance on OpenStack. Over 50,000 benchmarks were run comparing Ceph 1.3 and the new Ceph 2.0 BlueStore backend. Ceph 1.3 showed extremely high read performance but poor write performance due to limitations of the HDD backend. Initial tests of Ceph 2.0 BlueStore encountered bugs that caused segmentation faults and corrupted OSDs, indicating it is not yet stable enough for production workloads. Further development is needed before BlueStore can realize the full performance benefits of bypassing the journal.
This year, OpenStack is celebrating four years of community milestones and progress via global celebrations among our user groups and with a party at OSCON.
Learn more about OpenStack users and milestones at http://www.openstack.org/birthday
VirtualTech Japan is an OpenStack consulting and support company with 8 employees located in Tokyo. They provide development, consulting, and support services for OpenStack cloud including contributions to projects like Nova bare-metal provisioning. To market their services, VirtualTech Japan holds OpenStack seminars and events, publishes documentation, and plans to open an OpenStack collaborative lab in February 2016 to research SDN/NFV and DevOps themes with partner companies.
Ceph Performance on OpenStack - Barcelona SummitTakehiro Kudou
This document summarizes benchmark results for Ceph performance on OpenStack. Over 50,000 benchmarks were run comparing Ceph 1.3 and the new Ceph 2.0 BlueStore backend. Ceph 1.3 showed extremely high read performance but poor write performance due to limitations of the HDD backend. Initial tests of Ceph 2.0 BlueStore encountered bugs that caused segmentation faults and corrupted OSDs, indicating it is not yet stable enough for production workloads. Further development is needed before BlueStore can realize the full performance benefits of bypassing the journal.
This year, OpenStack is celebrating four years of community milestones and progress via global celebrations among our user groups and with a party at OSCON.
Learn more about OpenStack users and milestones at http://www.openstack.org/birthday
VirtualTech Japan is an OpenStack consulting and support company with 8 employees located in Tokyo. They provide development, consulting, and support services for OpenStack cloud including contributions to projects like Nova bare-metal provisioning. To market their services, VirtualTech Japan holds OpenStack seminars and events, publishes documentation, and plans to open an OpenStack collaborative lab in February 2016 to research SDN/NFV and DevOps themes with partner companies.
This document provides an introduction to Canonical and Ubuntu open source products. It discusses Canonical's mission to reduce risk and operation costs with open source software. It then introduces various Ubuntu products including Metal as a Service (MAAS), Juju, LXD containers, OpenStack, Kubernetes, Livepatch, and support options through Ubuntu Advantage. Example uses of MAAS, Juju, LXD and OpenStack integration are also provided.
Bare Metal Provisioning for Big Data - OpenStack最新情報セミナー(2016年12月)VirtualTech Japan Inc.
Bare Metal Provisioning for Big Data - OpenStack最新情報セミナー(2016年12月)
講師:崔 祐碩(Rakuten)
アジェンダ:
- Virtualization VS Bare Metal
- About Bare Metal management system at Rakuten
- Ready to Provisioning
- What is Next?
OpenStack at NTT Resonant: Lessons Learned in Web InfrastructureTomoya Hashimoto
This slide is what was announced at the OpenStack Summit Tokyo.
NTT Resonant Inc., one of NTT group company, is an operator of the "goo" Japanese web portal and a leading provider of Internet services. NTT Resonant deployed and has been operating OpenStack as its service infrastructure since October 2014 in production. The infrastructure started with 400 hypervisors and now accommodates more than 80 services and over 1700 virtual servers. It processes most of 170 Million unique users per month and 1 Billion page views per month.
We will show our knowledge based on our experience. This talk will specifically cover the following areas:
https://www.openstack.org/summit/tokyo-2015/videos/presentation/openstack-at-ntt-resonant-lessons-learned-in-web-infrastructure
This document discusses TripleO, an open source project that aims to run OpenStack on OpenStack. TripleO uses Heat for orchestration and Nova bare metal to provision physical servers. It defines an "undercloud" OpenStack installation on bare metal servers that then hosts an "overcloud" OpenStack installation as a tenant using KVM virtual machines. This nested approach aims to reduce costs for installing and maintaining OpenStack clouds.
Is OpenStack Neutron production ready for large scale deployments?Елена Ежова
The document discusses the results of testing the scalability of OpenStack Neutron in large deployments. Two hardware labs with 378 and 200 nodes were used. Rally and Shaker tools tested the control and data planes. Over 24500 VMs were launched on the 200-node lab with no loss of data plane connectivity. Near line-rate throughput was achieved in data plane tests. Some issues were encountered and fixed, such as bugs and Ceph failure. The outcomes indicate Neutron can scale to large deployments.
Masakari and recent activity in openstack HA team. This slide is presented at Japan OpenStack User Group on 24th Mar, 2016.
日本OpenStackユーザ会 第25回 の資料。OpenStack インスタンス HA 機能の Masakari と HA team の活動紹介
Unlock Your Cloud Potential with Mirantis OpenStack & Cumulus LinuxCumulus Networks
Are you building a new private cloud or moving your workloads to a hybrid cloud in 2015? Or, are you just interested in exploring what OpenStack has to offer but don't have all the resources and toolsets to understand the gaps.
The document discusses HP's involvement in network function virtualization (NFV) and their plans for Mobile World Congress 2015 in Barcelona. It outlines HP's OpenNFV program to support NFV transformation through an open reference architecture, NFV labs, and a partner program. It describes HP's numerous NFV partners and contributions to standards bodies like ETSI. It also provides details on HP's NFV demonstration plans for MWC2015, including showcasing virtualized mobile core network functions with partners.
This document provides an overview and summary of OpenStack Manila. It begins by introducing the presenter and their background. It then states that Manila provides shared filesystem services and supports file-based use cases. It notes that the market for shared file systems is large at $34.6 billion. It provides details on Manila's REST API and integration with other OpenStack services like Nova, Neutron, Cinder. It supports several third-party enterprise storage systems and has 14 storage drivers. The document lists upcoming features in the Mitaka release and concludes by thanking the audience.
Aspekte von IPv6-Security
• Hackertools & ein paar Angriffsszenarien
• 3 Empfehlungen
q a) Ist IPv6 sicherer als IPv4?
q b) Ist IPv6 unsicherer als IPv4?
q c) Wer ist an allem Schuld?
q d) Wie wirkt sich die Integration von IPv6 in
meine Organisation auf deren IT-Sicherheit aus?
NTT has been using OpenStack in production since 2013 and has contributed significantly to the OpenStack community. Initially, NTT built a proprietary system on top of OpenStack to address issues around stability and operability. Over time, NTT shifted to an "upstream first" approach, contributing fixes and features to the community. Currently, NTT runs a highly available OpenStack deployment with features like VM high availability contributed back to the community. NTT continues working to integrate OpenStack further into its business and explore new use cases like NFV.
Lessons from Building OpenStack Public CloudHui Cheng
The document summarizes the schedule and agenda for the OpenStack China Tour event in Shenzhen. It includes presentations on building public clouds with OpenStack, OpenStack in Hong Kong, Cinder block storage, Juju tool for OpenStack, choosing infrastructure for private clouds, and Swift architecture. The organizer is the China OpenStack User Group (COSUG) and CSDN.
This document discusses using Fluentd and Norikra to collect, process, and summarize OpenStack logs. Fluentd is used to collect logs from OpenStack components like Nova and forward them to Norikra for processing. Norikra allows logs to be queried and aggregated using SQL. It can summarize logs by hostname, log level, and message to detect issues. Notifications of warnings or errors can then be sent via tools like Slack to alert operators. Together, Fluentd and Norikra provide a scalable log management system that makes it easier to monitor OpenStack deployments and detect problems in large, high-volume log streams.
Flexible, simple deployments with OpenStack-AnsibleMajor Hayden
I gave this talk at the OpenStack Austin Meetup on June 20, 2016. The talk covers the reasons why OpenStack-Ansible exists and the value that it brings for production OpenStack deployments.
Swiss IPv6 Council Event, 24.02.2014
Neue Anforderungen an Security Devices durch IPv6
Referent: Christoph Weber, Swisscom
Mit der Einführung von IPv6 in die Datacenter und Client-Netzwerke werden neue Anforderungen an Security Devices wie Firewall, IDS/IPS und andere Security Enforcement Points gestellt. Dies erfordert Kenntnis von IPv6-spezifischen Security-Threats. Darauf basierend müssen neue Anforderungen definiert werden, gegen die anzuschaffende Geräte getestet werden müssen. Weiterhin müssen Standards bei bestehenden Geräten diesbezüglich angepasst werden, deren Implementierung validiert und Auditierungen angepasst werden.
In der Präsentation durch Christoph Weber von Swisscom werden die Ansätze, Ideen und Tools anhand von Firewall-Tests aufgezeigt und dargestellt, wie diese praktisch durchgeführt werden können und wie Ergebnisse bewertet werden müssen.
Deep Dive into the Microsoft OpenStack CI Infrastructure (Alessandro Pilotti)ITCamp
OpenStack is not only the leading open source cloud computing project, it also features one of the most advanced code review and continuous integration (CI) frameworks.
Since Hyper-V is one of the main compute options available in OpenStack, it required the development of a dedicated infrastructure for CI testing, which is hosted by Microsoft in Cambridge, MA and mantained by Microsoft and Cloudbase Solutions.
Building this infrastructure was no easy task: it features full Puppet based automation with almost 200 physical hosts, Jenkins, a KVM based OpenStack cloud that deploys nested OpenStack Hyper-V clouds, more than 2000 integration tests executed for each run, hundreds of times a day, LogStash and ElasticSearch logging running on Azure and more.
During this session we’ll be able to show how it works and to dive into all the technical and architectural choices we made.
OpenStack cloud for ConoHa, Z.com and GMO AppsCloud in okinawa opendays 2015 ...Naoto Gohko
1. GMO Internet has optimized their OpenStack models over time, initially using Nova network on Onamae.com VPS with Diablo, then implementing Quantum overlay network on ConoHa with Grizzly. They launched GMO AppsCloud with Havana featuring Cinder, Swift, and baremetal compute.
2. ConoHa and GMO AppsCloud have since upgraded to Juno, with ConoHa adding multi-region support across Tokyo, Singapore, and San Jose with Designate DNSaaS and domain structures for tenants.
3. GMO Internet shares a Swift object storage cluster between their different OpenStack installations.
This document provides an introduction to Canonical and Ubuntu open source products. It discusses Canonical's mission to reduce risk and operation costs with open source software. It then introduces various Ubuntu products including Metal as a Service (MAAS), Juju, LXD containers, OpenStack, Kubernetes, Livepatch, and support options through Ubuntu Advantage. Example uses of MAAS, Juju, LXD and OpenStack integration are also provided.
Bare Metal Provisioning for Big Data - OpenStack最新情報セミナー(2016年12月)VirtualTech Japan Inc.
Bare Metal Provisioning for Big Data - OpenStack最新情報セミナー(2016年12月)
講師:崔 祐碩(Rakuten)
アジェンダ:
- Virtualization VS Bare Metal
- About Bare Metal management system at Rakuten
- Ready to Provisioning
- What is Next?
OpenStack at NTT Resonant: Lessons Learned in Web InfrastructureTomoya Hashimoto
This slide is what was announced at the OpenStack Summit Tokyo.
NTT Resonant Inc., one of NTT group company, is an operator of the "goo" Japanese web portal and a leading provider of Internet services. NTT Resonant deployed and has been operating OpenStack as its service infrastructure since October 2014 in production. The infrastructure started with 400 hypervisors and now accommodates more than 80 services and over 1700 virtual servers. It processes most of 170 Million unique users per month and 1 Billion page views per month.
We will show our knowledge based on our experience. This talk will specifically cover the following areas:
https://www.openstack.org/summit/tokyo-2015/videos/presentation/openstack-at-ntt-resonant-lessons-learned-in-web-infrastructure
This document discusses TripleO, an open source project that aims to run OpenStack on OpenStack. TripleO uses Heat for orchestration and Nova bare metal to provision physical servers. It defines an "undercloud" OpenStack installation on bare metal servers that then hosts an "overcloud" OpenStack installation as a tenant using KVM virtual machines. This nested approach aims to reduce costs for installing and maintaining OpenStack clouds.
Is OpenStack Neutron production ready for large scale deployments?Елена Ежова
The document discusses the results of testing the scalability of OpenStack Neutron in large deployments. Two hardware labs with 378 and 200 nodes were used. Rally and Shaker tools tested the control and data planes. Over 24500 VMs were launched on the 200-node lab with no loss of data plane connectivity. Near line-rate throughput was achieved in data plane tests. Some issues were encountered and fixed, such as bugs and Ceph failure. The outcomes indicate Neutron can scale to large deployments.
Masakari and recent activity in openstack HA team. This slide is presented at Japan OpenStack User Group on 24th Mar, 2016.
日本OpenStackユーザ会 第25回 の資料。OpenStack インスタンス HA 機能の Masakari と HA team の活動紹介
Unlock Your Cloud Potential with Mirantis OpenStack & Cumulus LinuxCumulus Networks
Are you building a new private cloud or moving your workloads to a hybrid cloud in 2015? Or, are you just interested in exploring what OpenStack has to offer but don't have all the resources and toolsets to understand the gaps.
The document discusses HP's involvement in network function virtualization (NFV) and their plans for Mobile World Congress 2015 in Barcelona. It outlines HP's OpenNFV program to support NFV transformation through an open reference architecture, NFV labs, and a partner program. It describes HP's numerous NFV partners and contributions to standards bodies like ETSI. It also provides details on HP's NFV demonstration plans for MWC2015, including showcasing virtualized mobile core network functions with partners.
This document provides an overview and summary of OpenStack Manila. It begins by introducing the presenter and their background. It then states that Manila provides shared filesystem services and supports file-based use cases. It notes that the market for shared file systems is large at $34.6 billion. It provides details on Manila's REST API and integration with other OpenStack services like Nova, Neutron, Cinder. It supports several third-party enterprise storage systems and has 14 storage drivers. The document lists upcoming features in the Mitaka release and concludes by thanking the audience.
Aspekte von IPv6-Security
• Hackertools & ein paar Angriffsszenarien
• 3 Empfehlungen
q a) Ist IPv6 sicherer als IPv4?
q b) Ist IPv6 unsicherer als IPv4?
q c) Wer ist an allem Schuld?
q d) Wie wirkt sich die Integration von IPv6 in
meine Organisation auf deren IT-Sicherheit aus?
NTT has been using OpenStack in production since 2013 and has contributed significantly to the OpenStack community. Initially, NTT built a proprietary system on top of OpenStack to address issues around stability and operability. Over time, NTT shifted to an "upstream first" approach, contributing fixes and features to the community. Currently, NTT runs a highly available OpenStack deployment with features like VM high availability contributed back to the community. NTT continues working to integrate OpenStack further into its business and explore new use cases like NFV.
Lessons from Building OpenStack Public CloudHui Cheng
The document summarizes the schedule and agenda for the OpenStack China Tour event in Shenzhen. It includes presentations on building public clouds with OpenStack, OpenStack in Hong Kong, Cinder block storage, Juju tool for OpenStack, choosing infrastructure for private clouds, and Swift architecture. The organizer is the China OpenStack User Group (COSUG) and CSDN.
This document discusses using Fluentd and Norikra to collect, process, and summarize OpenStack logs. Fluentd is used to collect logs from OpenStack components like Nova and forward them to Norikra for processing. Norikra allows logs to be queried and aggregated using SQL. It can summarize logs by hostname, log level, and message to detect issues. Notifications of warnings or errors can then be sent via tools like Slack to alert operators. Together, Fluentd and Norikra provide a scalable log management system that makes it easier to monitor OpenStack deployments and detect problems in large, high-volume log streams.
Flexible, simple deployments with OpenStack-AnsibleMajor Hayden
I gave this talk at the OpenStack Austin Meetup on June 20, 2016. The talk covers the reasons why OpenStack-Ansible exists and the value that it brings for production OpenStack deployments.
Swiss IPv6 Council Event, 24.02.2014
Neue Anforderungen an Security Devices durch IPv6
Referent: Christoph Weber, Swisscom
Mit der Einführung von IPv6 in die Datacenter und Client-Netzwerke werden neue Anforderungen an Security Devices wie Firewall, IDS/IPS und andere Security Enforcement Points gestellt. Dies erfordert Kenntnis von IPv6-spezifischen Security-Threats. Darauf basierend müssen neue Anforderungen definiert werden, gegen die anzuschaffende Geräte getestet werden müssen. Weiterhin müssen Standards bei bestehenden Geräten diesbezüglich angepasst werden, deren Implementierung validiert und Auditierungen angepasst werden.
In der Präsentation durch Christoph Weber von Swisscom werden die Ansätze, Ideen und Tools anhand von Firewall-Tests aufgezeigt und dargestellt, wie diese praktisch durchgeführt werden können und wie Ergebnisse bewertet werden müssen.
Deep Dive into the Microsoft OpenStack CI Infrastructure (Alessandro Pilotti)ITCamp
OpenStack is not only the leading open source cloud computing project, it also features one of the most advanced code review and continuous integration (CI) frameworks.
Since Hyper-V is one of the main compute options available in OpenStack, it required the development of a dedicated infrastructure for CI testing, which is hosted by Microsoft in Cambridge, MA and mantained by Microsoft and Cloudbase Solutions.
Building this infrastructure was no easy task: it features full Puppet based automation with almost 200 physical hosts, Jenkins, a KVM based OpenStack cloud that deploys nested OpenStack Hyper-V clouds, more than 2000 integration tests executed for each run, hundreds of times a day, LogStash and ElasticSearch logging running on Azure and more.
During this session we’ll be able to show how it works and to dive into all the technical and architectural choices we made.
OpenStack cloud for ConoHa, Z.com and GMO AppsCloud in okinawa opendays 2015 ...Naoto Gohko
1. GMO Internet has optimized their OpenStack models over time, initially using Nova network on Onamae.com VPS with Diablo, then implementing Quantum overlay network on ConoHa with Grizzly. They launched GMO AppsCloud with Havana featuring Cinder, Swift, and baremetal compute.
2. ConoHa and GMO AppsCloud have since upgraded to Juno, with ConoHa adding multi-region support across Tokyo, Singapore, and San Jose with Designate DNSaaS and domain structures for tenants.
3. GMO Internet shares a Swift object storage cluster between their different OpenStack installations.
The document discusses the CERN OpenStack cloud, which provides compute resources for the Large Hadron Collider experiment. Some key points:
- CERN operates a large OpenStack cloud with over 200,000 cores across 4 clouds to provide resources for particle physics experiments like the LHC.
- The LHC is the largest machine on Earth, spanning 27km and containing over 9,600 magnets. It produces enormous amounts of data, with a need for over 400,000 HS06 cores of computing by Run 4.
- CERN's OpenStack cloud has grown significantly over the years to help meet this computing need, now providing over 200,000 cores across more than 5,800 hypervisors. It is a
Madhu Rangarajan will provide an overview of Networking trends they are seeing in Cloud, various network topologies and tradeoffs, and trends in the acceleration of packet processing workloads. They will also talk about some of the work going on in Intel to address these trends, including FPGAs in the datacenter.
This document discusses network design principles and methodology. It begins by outlining the goals of network design which include scalability, availability, security and manageability. It then describes the network design process which involves identifying requirements, characterizing the existing network, and designing the network topology. A key part of the design is implementing a hierarchical architecture with core, distribution and access layers. The core layer is responsible for high-speed data transfer between sections and requires redundancy, load balancing and fast converging routing protocols to minimize downtime. Careful planning is needed to prevent failures and reduce human error.
SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014SAMeh Zaghloul
This document provides an overview of software defined networking (SDN). It discusses how SDN enables data center teams to use software to efficiently control network resources, compared to traditional network switches. The document outlines several SDN topics and related technologies, including SDN standards, network function virtualization, use cases, sample projects, surveys, case studies, online courses, and software tools. It also includes sections on SDN architecture and how SDN is important for virtual environments and VM mobility.
Swaminathan Balasubramanian has over 18 years of experience in networking, core networking, network virtualization, ISP systems administration and e-commerce. He has experience managing teams and leading projects for companies like Tech Mahindra, ATT, British Telecom and Bharti Airtel. Currently he works as a senior technical architect at Tech Mahindra where he is responsible for requirement engineering, network design, testing and troubleshooting for various virtualization and core routing projects.
This document provides an overview of Oracle's Exalogic Elastic Cloud product. It describes Exalogic as an engineered system that provides extreme performance for Java workloads through its use of InfiniBand networking and optimized software stack. It can serve as a foundation for building private or public clouds and consolidating enterprise applications. The performance, scalability, and manageability of Exalogic are positioned as providing significant cost reductions over traditional infrastructure.
Introduction to Software Defined WANs, by Alastair Johnson.
A presentation given at APRICOT 2016’s Software Defined Networking session on 24 February 2016.
Network Automation Journey, A systems engineer NetOps perspectiveWalid Shaari
Network devices play a crucial role; they are not just in the Data Center. It's the Wifi, VOIP, WAN and recently underlays and overlays. Network teams are essential for operations. It's about time we highlight to the configuration management community the importance of Network teams and include them in our discussions. This talk describes the personal experience of systems engineer on how to kickstart a network team into automation. Most importantly, how and where to start, challenges faced, and progress made. The network team in question uses multi-vendor network devices in a large traditional enterprise.
NetDevOps, we do not hear that term as frequent as we should. Every time we hear about automation, or configuration management, it is usually the application, if not, it is the systems that host the applications. How about the network systems and devices that interconnect and protects our services? This talk aims to describe the journey a systems engineer had as part of an automation assignment with the network management team. Building from lessons learned and challenges faced with system automation, how one can kickstart an automation project and gain small wins quickly. Where and how to start the journey? What to avoid? What to prioritise? How to overcome the lack of network skills for the automation engineer and lack of automation and Linux/Unix skills for network engineers. What challenges were faced and how to overcome them? What fights to give up? Where do I see network automation and configuration management as a systems engineer? What are the status quo and future expectations?
Software Architecture for Cloud InfrastructureTapio Rautonen
The document discusses software architecture principles for cloud infrastructure, including microservices, distributed computing fallacies, designing for failure, and new design patterns like cache-aside, circuit breaker, and event sourcing. It also covers topics like autoscaling, asynchronous messaging, reactive streams, configuration management, and challenges like software erosion and failures cascading in distributed systems. The overall message is that building distributed systems on cloud infrastructure requires adopting new architectural patterns to deal with failures and improve scalability, performance and resilience.
The document discusses frameworks for modernizing federal networks through network functions virtualization (NFV) and software-defined networking (SDN). It addresses the need to centralize and scale network configurations, enhance situational awareness, enforce policies, and respond rapidly to changing conditions. The proposed framework involves orchestration of virtualized network functions and SDN control through an architecture that includes the OpenDaylight controller, network virtualization, and analytics. Brocade networking products like the Vyatta vRouter are positioned to enable this vision through NFV, SDN, and integration with OpenStack. Use cases for virtual customer premises equipment, virtual customer edge, and virtual peering are described.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
This document discusses challenges in moving telecom applications to the cloud and how OpenStack capabilities can help address them. It describes telecom applications as traditionally being "pet" applications that require dedicated hardware and high availability. For the cloud, these applications would need to be more like "cattle" with specific SLAs. The document outlines OpenStack capabilities around basic features, management and orchestration, performance, availability and reliability, and operations that could fulfill requirements to support telecom applications in the cloud.
Automated Deployment and Management of Edge CloudsJay Bryant
This presentation discusses the challenges of cloud computing at the edge. From the exploding number of nodes, the need for integrated monitoring and zero touch discovery. We introduce Lenovo Open Cloud Automation, an automated framework built in collaboration with Red Hat to help address these challenges.
VTU Open Elective 6th Sem CSE - Module 2 - Cloud ComputingSachin Gowda
This document provides an overview of cloud computing architectures and the Aneka cloud application platform. It discusses the different types of cloud services (IaaS, PaaS, SaaS), deployment models (public, private, hybrid clouds), and the characteristics of the Aneka platform which provides a programming model and tools for developing and managing distributed applications on cloud infrastructures. It also summarizes the core components and services that make up the Aneka platform.
Rahul Sharma is seeking a position as a Network Administrator with over 2.5 years of experience in information technology and network administration. He has a CCNA certification and has worked as a Network Administrator for NPCIL and as a Network and Support Engineer for Blaze Technologies on various projects. He has extensive experience designing, implementing, and troubleshooting networking infrastructure including routers, switches, firewalls, and other networking devices.
This presentation introduces VMware vRealize Log Insight, a log management platform for collecting and analyzing logs from VMware environments and beyond. It discusses use cases for log analysis including troubleshooting, monitoring, and compliance. It provides examples of queries such as identifying privileged user activity, VM configuration changes, and performance issues. Finally, it outlines architectural considerations for deploying Log Insight at scale within an enterprise.
Unlock the potential to have express cloud deployments with Mirantis OpenStack and Cumulus Linux
Are you building a new private cloud or moving your workloads to a hybrid cloud in 2015? Or, are you just interested in exploring what OpenStack has to offer but don't have all the resources and toolsets to understand the gaps. Wonder if the networking infrastructure is a bottleneck as a cloud architect? If you have these lingering questions, check out these slides from this joint MIrantis CUmulus webinar to get a better perspective on how the modern data center architecture deployments can be designed with flexible Open Networking and the benefits of Openstack from Mirantis.
This document provides design recommendations for building a highly available campus network. It recommends limiting VLANs to a single closet to avoid STP convergence. If STP is needed, use Rapid PVST+. It also recommends configuring trunks with on/on DTP settings and pruning unused VLANs. At the distribution layer, it recommends using equal-cost redundant connections to the core for fast convergence and avoiding black holes. It also recommends tuning HSRP/GLBP timers for sub-second failover.
This document discusses key responsibilities and concepts related to systems administration. It covers common sysadmin responsibilities like installing and managing servers, applications, and network components. It also discusses server lifecycles, the four main computer subsystems, and differences between servers and workstations. Network configuration topics like managing cabling, IP addressing, firewalls, and NIC teaming are also outlined.
Similar to OpenStack Infrastructure at any Scale - Simple is BEST!? - - OpenStack最新情報セミナー 2014年10月 (20)
This document discusses 5G and multi-access edge computing (MEC). The key points are: 1) 5G can achieve latency of 100ms while 4G is 300ms, and 5G bandwidth is 20Gbps compared to 4G's 1.29Gbps; 2) MEC deployed close to users on 5G can achieve even lower latency of under 10ms; 3) MEC integrated with 5G can enable new applications for IoT, VR/AR with high speed and low latency.
NTT Docomo's Challenge looking ahead the world pf 5G × OpenStack - OpenStack最...VirtualTech Japan Inc.
タイトル:NTT Docomo's Challenge looking ahead the world pf 5G × OpenStack
アジェンダ:
- Current Challenge
-- DOCOMO Cloud Platform
-- BizDevOps
- Challenge for the future
-- DOCOMO 5G Open Cloud
-- Next Challenge
Here are the key points from the AT&T presentation on their "Network AI" framework:
- AT&T is developing an open source framework called "Network AI" to drive their software-defined network transformation.
- The goal is to apply AI/machine learning techniques to continuously optimize their network performance. This will be done by collecting massive amounts of network data and using it to train ML models.
- As part of this effort, AT&T is contributing several open source projects to the Linux Foundation like Airship, Akraino, and Acumos. Airship provides tools for deploying OpenStack and Kubernetes on the edge, while Akraino is an edge computing framework. Acumos allows for developing and
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Speck&Tech
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
Building RAG with self-deployed Milvus vector database and Snowpark Container...Zilliz
This talk will give hands-on advice on building RAG applications with an open-source Milvus database deployed as a docker container. We will also introduce the integration of Milvus with Snowpark Container Services.
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...Zilliz
Join us to introduce Milvus Lite, a vector database that can run on notebooks and laptops, share the same API with Milvus, and integrate with every popular GenAI framework. This webinar is perfect for developers seeking easy-to-use, well-integrated vector databases for their GenAI apps.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
5. OpenStack is NOT a product
Physical Infrastructure
• Compute
• Storage
• Networking
5
Access control
ID mgmt
Cloud Operating
System
Maintenance & Support
• Code
• Hardware
• Help Systems
Enterprise
Cloud
Security Mgmt
Policy Mgmt
Applications
App. mgmt, PaaS
Monitoring &
Analytics
6. What OpenStack brings …
6
Control
Enterprise
Cloud
Flexibility
Vast growing
eco-system
True choice
Catalyst for
Innovation
Visibility
Reduced risk of
Alligator
encounters!
7. Our Focus
7
Enrich the
OpenStack community
Bridge OpenStack
and the enterprise
8. Dell’s Commitment to OpenStack
8
“Dell … was one of the first of the hardware vendors to grasp
the fact that cloud is about provisioning services,
not about the hardware.”Maxwell Cooter, Cloud Pro
Proven solutions Proven components
• First OpenStack cloud solution provider
• Pioneering OpenStack partner
Only tier 1 day 1 hardware provider
• Deep partner ecosystem
with single point of service and support
• ONLY company with automated software for
multi-node OpenStack provisioning: Crowbar
• Dell OpenStack experts continually invest
in the community
• Gold Foundation Member with 2 board positions
Save on licensing
fees
Innovate
aggressively
Scale operations
efficiently
13. Architecture Design Guide Chapter 5. Network focused
Contents
• Contents
13
– User requirements
– Technical considerations
– Operational considerations
– Architecture
– Prescriptive examples
– All OpenStack deployments are dependent, to some extent, on network communication in order to function
properly due to a service-based nature.
– In some cases, however, use cases dictate that the network is elevated beyond simple infrastructure.
– This chapter is a discussion of architectures that are more reliant or focused on network services.
– These architectures are heavily dependent on the network infrastructure and need to be architected so that
the network services perform and are reliable in order to satisfy user and application requirements.
• Some possible use cases include:
– Content delivery network, Network management functions, Network service offerings, Web portals or web
services, High speed high volume transactional systems, High availability, Big Data, Virtual desktop
infrastructure (VDI), Voice over IP (VoIP), Video Conference or web conference, High performance
computing (HPC)
14. Architecture Design Guide Chapter 5. Network focused
Contents
• Contents
14
– User requirements
– Technical considerations
– Operational considerations
– Architecture
– Prescriptive examples
– All OpenStack deployments are dependent, to some extent, on network communication in order to function
properly due to a service-based nature.
䛔᪉䛻䜘䛳䛶䛿䝅䞁䝥䝹䛷䛿䛺䛟䛺䜛
Ᏻᐃ䛧䛯䝛䝑䝖䝽䞊䜽䛻䛴䛔䛶䝕䜱䝇䜹䝑䝅䝵䞁୰
– In some cases, however, use cases dictate that the network is elevated beyond simple infrastructure.
– This chapter is a discussion of architectures that are more reliant or focused on network services.
– These architectures are heavily dependent on the network infrastructure and need to be architected so that
the network services perform and are reliable in order to satisfy user and application requirements.
• Some possible use cases include:
– Content delivery network, Network management functions, Network service offerings, Web portals or web
services, High speed high volume transactional systems, High availability, Big Data, Virtual desktop
infrastructure (VDI), Voice over IP (VoIP), Video Conference or web conference, High performance
computing (HPC)
15. Architecture Design Guide Chapter 5. Network focused
User Requirements
• User requirements
15
– User experience
– Network performance problems can provide a negative experience for the end-user, as well as productivity and economic loss.
– Regulatory requirements
– Networks need to take into consideration any regulatory requirements about the physical location of data as it traverses the network.
– Another network consideration is maintaining network segregation of private data flows and ensuring that the network between cloud
locations is encrypted where required.
• High availability issues
– Often, high performance systems will have SLA requirements for a minimum QoS with regard to guaranteed uptime,
latency and bandwidth. The level of the SLA can have a significant impact on the network architecture and
requirements for redundancy in the systems.
• Risks
– Netowrk misconfigurations, Capacity planning, Network tuning, Single Point Of Failure (SPOF), Complexity, Non-standard
features
• Security
– Security is often overlooked or added after a design has been implemented. Consider security implications and
requirements before designing the physical and logical network topologies.
16. Architecture Design Guide Chapter 5. Network focused
User Requirements
• User requirements
16
– User experience
– Network performance problems can provide a negative experience for the end-user, as well as productivity and economic loss.
– Regulatory requirements
䝛䝑䝖䝽䞊䜽䛜䝖䝷䝤䝹䛸Ⰽ䚻ኚ䛰䛛䜙Ẽ䜢䛡䛶
ἲᚊ䛾䛣䛸⪃䛘䛶ᶵᐦ䝕䞊䝍䛾㌿㏦䛸䛛䝕䞊䝍䛾ಖ⟶ሙᡤ䜒ὀព
– Networks need to take into consideration any regulatory requirements about the physical location of data as it traverses the network.
– Another network consideration is maintaining network segregation of private data flows and ensuring that the network between cloud
locations is encrypted where required.
• High availability issues
– Often, high performance systems will have SLA requirements for a minimum QoS with regard to guaranteed uptime,
latency and bandwidth. The level of the SLA can have a significant impact on the network architecture and
requirements for redundancy in the systems.
• Risks
– Netowrk misconfigurations, Capacity planning, Network tuning, Single Point Of Failure (SPOF), Complexity, Non-standard
features
• Security
– Security is often overlooked or added after a design has been implemented. Consider security implications and
ᛀ䜜䛜䛱䛰䛡䛹䝛䝑䝖䝽䞊䜽タィ䛾๓䛻䝉䜻䝳䝸䝔䜱せ௳䛿⪃䛘䛶䟿
requirements before designing the physical and logical network topologies.
17. Architecture Design Guide Chapter 5. Network focused
Technical Considerations – Layer-2
• Technical considerations
17
– Layer-2 architecture limitations
– Layer-3 architecture advantages
– Network recommendations overview
– Additional considerations
• Layer-2 Ethernet usage has these advantages over layer-3 IP network usage:
– Speed
– Reduced overhead of the IP hierarchy
– No need to keep track of address configuration as systems are moved around. Whereas the simplicity of layer-2 protocols might work well
in a data center with hundreds of physical machines, cloud data centers have the additional burden of needing to keep track of all virtual machine
addresses and networks. In these data centers, it is not uncommon for one physical node to support 30-40 instances.
• Layer-2 architecture limitations
– Number of VLANs is limited to 4096
– The number of MACs stored in switch tables is limited
– The need to maintain a set of layer-4 devices to handle traffic control must be accommodated
– MLAG, often used for switch redundancy, is a proprietary solution that does not scale beyond two devices and forces vendor lock-in
– It can be difficult to troubleshoot a network without IP addresses and ICMP
– Configuring ARP is considered complicated on large layer-2 networks
– All network devices need to be aware of all MACs, even instance MACs, so there is constant churn in MAC tables and network state
changes as instances are started or stopped
– Migrating MACs (instance migration) to different physical locations are a potential problem if ARP table timeouts are not set properly
18. Architecture Design Guide Chapter 5. Network focused
Technical Considerations – Layer-2
• Technical considerations
18
– Layer-2 architecture limitations
– Layer-3 architecture advantages
– Network recommendations overview
– Additional considerations
• Layer-2 Ethernet usage has these advantages over layer-3 IP network usage:
– Speed
– Reduced overhead of the IP hierarchy
– No need to keep track of address configuration as systems are moved around. Whereas the simplicity of layer-2 protocols might work well
䝇䝢䞊䝗䠛
ᑠつᶍ䛺䛖䛱䛿VM䛾ሙᡤ䝖䝷䝑䜽䛧䛺䛟䛶䛔䛔䛛䜙L2䛷䜒䛔䛔䛛䛺
in a data center with hundreds of physical machines, cloud data centers have the additional burden of needing to keep track of all virtual machine
addresses and networks. In these data centers, it is not uncommon for one physical node to support 30-40 instances.
• Layer-2 architecture limitations
– Number of VLANs is limited to 4096
– The number of MACs stored in switch tables is limited
– The need to maintain a set of layer-4 devices to handle traffic control must be accommodated
– MLAG, often used for switch redundancy, is a proprietary solution that does not scale beyond two devices and forces vendor lock-in
– It can be difficult to troubleshoot a network without IP addresses and ICMP
– Configuring ARP is considered complicated on large layer-2 networks
– All network devices need to be aware of all MACs, even instance MACs, so there is constant churn in MAC tables and network state
VLAN4096䛿ព㆑䛩䜛ᚲせ䛒䜛䛡䛹㉸䛘䛺䛔䛺䜙↓ど
MLAG᪩䛔䛡䛹䝧䞁䝎䞊䝻䝑䜽䠛
䛝䛔L2⤌䜐䛸BUM䚸䛸䛟䛻ARP䛷Ᏻᐃ䛻䛺䜛
ARPchanges as instances are started or stopped
䛾䝍䜲䝮䜰䜴䝖タᐃ䛻Ẽ䜢䛡䛺䛔䛸䛧䜀䜙䛟㏻ಙ䛷䛝䛺䛟䛺䜛
– Migrating MACs (instance migration) to different physical locations are a potential problem if ARP table timeouts are not set properly
19. Architecture Design Guide Chapter 5. Network focused
Technical Considerations – Layer-3 advantages
• Technical considerations
19
– Layer-2 architecture limitations
– Layer-3 architecture advantages
– Network recommendations overview
– Additional considerations
• Layer-3 architecture advantages
– Layer-3 networks provide the same level of resiliency and scalability as the Internet
– Controlling traffic with routing metrics is straightforward.
– Layer 3 can be configured to use BGP confederation for scalability so core routers have state proportional to the number of racks,
not to the number of servers or instances.
– Routing ensures that instance MAC and IP addresses out of the network core reducing state churn. Routing state changes only
occur in the case of a ToR switch failure or backbone link failure.
– There are a variety of well tested tools, for example ICMP, to monitor and manage traffic.
– Layer-3 architectures allow for the use of Quality of Service (QoS) to manage network performance.
• Layer-3 architecture limitations
– The main limitation of layer 3 is that there is no built-in isolation mechanism comparable to the VLANs in layer-2 networks
– Furthermore, the hierarchical nature of IP addresses means that an instance will also be on the same subnet as its physical
host. This means that it cannot be migrated outside of the subnet easily
– For these reasons, network virtualization needs to use IP encapsulation and software at the end hosts for both isolation,
as well as for separation of the addressing in the virtual layer from addressing in the physical layer
– Other potential disadvantages of layer 3 include the need to design an IP addressing scheme rather than relying on the
switches to automatically keep track of the MAC addresses and to configure the interior gateway routing protocol in the switches.
20. Architecture Design Guide Chapter 5. Network focused
Technical Considerations – Layer-3 advantages
• Technical considerations
20
– Layer-2 architecture limitations
– Layer-3 architecture advantages
– Network recommendations overview
– Additional considerations
• Layer-3 architecture advantages
䜲䞁䝍䞊䝛䝑䝖䛸ྠ䛨䝺䝧䝹䛷ᣑᙇ䛷䛝䛶ቯ䜜䛻䛟䛔䛧䛔䜔䛩䛔
䝁䜰ഃ䛷䛿L2䛸㐪䛳䛶䝣䝷䝑䝕䜱䞁䜾䛺䛔䛛䜙Ᏻᐃ䛩䜛
䝃䞊䝞䞊䛸䛛ᛀ䜜䛶䝷䝑䜽༢䛷⟶⌮䛩䜜䜀䛔䛔䛛䜙ᴦ
Ping䛸䛛L3䝖䝷䝤䝹䝅䝳䞊䝔䜱䞁䜾䛾䝒䞊䝹䛿䜏䜣䛺䛘䜛䜘䛽䠛
– Layer-3 networks provide the same level of resiliency and scalability as the Internet
– Controlling traffic with routing metrics is straightforward.
– Layer 3 can be configured to use BGP confederation for scalability so core routers have state proportional to the number of racks,
not to the number of servers or instances.
– Routing ensures that instance MAC and IP addresses out of the network core reducing state churn. Routing state changes only
occur in the case of a ToR switch failure or backbone link failure.
– There are a variety of well tested tools, for example ICMP, to monitor and manage traffic.
– Layer-3 architectures allow for the use of Quality of Service (QoS) to manage network performance.
• Layer-3 architecture limitations
䜲䞁䝇䝍䞁䝇䛾⛣ື䛜IP䝉䜾䝯䞁䝖䛻౫Ꮡ䛩䜛䛛䜙L2䜘䜚⡆༢䛨䜓䛺䛔
䛷䜒௬䝛䝑䝖䝽䞊䜽⤌䜑䜀ゎỴ
L2䛰䛸MAC⮬ືᏛ⩦䛧䛶䛟䜜䜛䛡䛹IP䛿䝎䜲䝘䝭䝑䜽䝹䞊䝔䜱䞁䜾䛾タᐃ䛜ᚲせ
– The main limitation of layer 3 is that there is no built-in isolation mechanism comparable to the VLANs in layer-2 networks
– Furthermore, the hierarchical nature of IP addresses means that an instance will also be on the same subnet as its physical
host. This means that it cannot be migrated outside of the subnet easily
– For these reasons, network virtualization needs to use IP encapsulation and software at the end hosts for both isolation,
as well as for separation of the addressing in the virtual layer from addressing in the physical layer
– Other potential disadvantages of layer 3 include the need to design an IP addressing scheme rather than relying on the
switches to automatically keep track of the MAC addresses and to configure the interior gateway routing protocol in the switches.
21. Architecture Design Guide Chapter 5. Network focused
Technical Considerations – Network recommendations overview
• Network recommendations overview
21
– OpenStack has complex networking requirements for several reasons. Many components interact at
different levels of the system stack that adds complexity. Data flows are complex. Data in an OpenStack
cloud moves both between instances across the network (also known as East-West), as well as in and out of
the system (also known as North-South). Physical server nodes have network requirements that are
independent of those used by instances which need to be isolated from the core network to account for
scalability. It is also recommended to functionally separate the networks for security purposes and tune
performance through traffic shaping.
– A number of important general technical and business factors need to be taken into consideration when
planning and designing an OpenStack network. They include:
– A requirement for vendor independence. To avoid hardware or software vendor lock-in, the design should not rely on
specific features of a vendor’s router or switch.
– A requirement to massively scale the ecosystem to support millions of end users.
– A requirement to support indeterminate platforms and applications.
– A requirement to design for cost efficient operations to take advantage of massive scale.
– A requirement to ensure that there is no single point of failure in the cloud ecosystem.
– A requirement for high availability architecture to meet customer SLA requirements.
– A requirement to be tolerant of rack level failure.
– A requirement to maximize flexibility to architect future production environments.
22. Architecture Design Guide Chapter 5. Network focused
Technical Considerations – Network recommendations overview
• Network recommendations overview
22
– OpenStack has complex networking requirements for several reasons. Many components interact at different
OpenStack䛾䝛䝑䝖䝽䞊䜽䛿䛔䜝䜣䛺⌮⏤䛜䛒䛳䛶」㞧䛻䛺䜛
ከᩘ䛾䝁䞁䝫䞊䝛䞁䝖䛾᥋⥆
䝕䞊䝍䝉䞁䝍䞊ෆ䛾ᶓ䛾㏻ಙ(East-West)䛸䝅䝇䝔䝮እ㒊䜈䛾㏻ಙ(North-South)
䝁䜰䛸䝜䞊䝗䛿䝛䝑䝖䝽䞊䜽䜢䜟䛡䛶⪃䛘䜛
ᶵ⬟䜔䝉䜻䝳䝸䝔䜱せ௳䛤䛸䛻䝛䝑䝖䝽䞊䜽䜢䜟䛡䜛
levels of the system stack that adds complexity. Data flows are complex. Data in an OpenStack cloud moves
both between instances across the network (also known as East-West), as well as in and out of the system
(also known as North-South). Physical server nodes have network requirements that are independent of
those used by instances which need to be isolated from the core network to account for scalability. It is also
recommended to functionally separate the networks for security purposes and tune performance through
traffic shaping.
– A number of important general technical and business factors need to be taken into consideration when
planning and designing an OpenStack network. They include:
– A requirement for vendor independence. To avoid hardware or software vendor lock-in, the design should not rely on
䝧䞁䝎䞊䝻䝑䜽䜲䞁䜢㑊䛡䜛
specific features of a vendor’s router or switch.
ᣑᙇᛶ䜢☜ಖ䚸ᣑᙇ䛾䝁䝇䝖䜒Ᏻ䛟
ᰂ㌾ᛶ䜢᭱䛻䛧䛶䚸ᑗ᮶䛾䛹䜣䛺䜰䝥䝸䜿䞊䝅䝵䞁䜒䝃䝫䞊䝖䛷䛝䜛䜘䛖䛻
༢୍㞀ᐖⅬ䛿䛺䛟䛭䛖
䝷䝑䜽༢䛾㞀ᐖ䛻䜒⪏䛘䜛䜘䛖䛻
– A requirement to massively scale the ecosystem to support millions of end users.
– A requirement to support indeterminate platforms and applications.
– A requirement to design for cost efficient operations to take advantage of massive scale.
– A requirement to ensure that there is no single point of failure in the cloud ecosystem.
– A requirement for high availability architecture to meet customer SLA requirements.
– A requirement to be tolerant of rack level failure.
– A requirement to maximize flexibility to architect future production environments.
23. Architecture Design Guide Chapter 5. Network focused
Technical Considerations – Network recommendations overview(Cont’d)
• Keeping all of these in mind, the following network design recommendations can be made:
23
– Layer-3 designs are preferred over layer-2 architectures.
– Design a dense multi-path network core to support multi-directional scaling and flexibility.
– Use hierarchical addressing because it is the only viable option to scale network ecosystem.
– Use virtual networking to isolate instance service network traffic from the management and internal
network traffic.
– Isolate virtual networks using encapsulation technologies.
– Use traffic shaping for performance tuning.
– Use eBGP to connect to the Internet up-link.
– Use iBGP to flatten the internal traffic on the layer-3 mesh.
– Determine the most effective configuration for block storage network.
• Additional considerations
– OpenStack Networking versus legacy networking (nova-network) considerations
– Redundant networking: ToR switch high availability risk analysis
– Preparing for the future: IPv6 support
– Asymmetric links
– Performance
24. Architecture Design Guide Chapter 5. Network focused
Technical Considerations – Network recommendations overview(Cont’d)
• Keeping all of these in mind, the following network design recommendations can be made:
24
– Layer-3 designs are preferred over layer-2 architectures.
– Design a dense multi-path network core to support multi-directional scaling and flexibility.
– Use hierarchical addressing because it is the only viable option to scale network ecosystem.
– Use virtual networking to isolate instance service network traffic from the management and internal
L3䛜䛔䛔䜘
㧗ᐦᗘ䛺䝁䜰䛳䛶
IPnetwork 䛾㝵ᒙ䜢䛧䛺䛔䛸䝇䜿䞊䝹䛷䛝䛺䛔䜘
traffic.
䝛䝑䝖䝽䞊䜽௬䛿ᚲ㡲
䛸䜚䛒䛘䛪BGP䛳䛶䝯䝑䝅䝳ᵓᡂ
䝤䝻䝑䜽䝇䝖䝺䞊䝆䛿≉Ṧ䛰䛛䜙䝛䝑䝖䝽䞊䜽Ẽ䜢䛡䛶
– Isolate virtual networks using encapsulation technologies.
– Use traffic shaping for performance tuning.
– Use eBGP to connect to the Internet up-link.
– Use iBGP to flatten the internal traffic on the layer-3 mesh.
– Determine the most effective configuration for block storage network.
• Additional considerations
– OpenStack Networking versus legacy networking (nova-network) considerations
– Redundant networking: ToR switch high availability risk analysis
– Preparing for the future: IPv6 support
– Asymmetric links
– Performance
25. Architecture Design Guide Chapter 5. Network focused
Technical Considerations – Prescriptive examples
25
• A large-scale web application has been designed with cloud
principles in mind. The application is designed to scale horizontally in
a bursting fashion and will generate a high instance count. The
application requires an SSL connection to secure data and must not
lose connection state to individual servers.
• An example design for this workload is depicted in the figure below. In
this example, a hardware load balancer is configured to provide
SSL offload functionality and to connect to tenant networks in order to
reduce address consumption. This load balancer is linked to the
routing architecture as it will service the VIP for the application. The
router and load balancer are configured with GRE tunnel ID of the
application's tenant network and provided an IP address within the
tenant subnet but outside of the address pool. This is to ensure that the
load balancer can communicate with the application's HTTP servers
without requiring the consumption of a public IP address.
• Because sessions persist until they are closed, the routing and
switching architecture is designed for high availability. Switches are
meshed to each hypervisor and each other, and also provide an
MLAG implementation to ensure that layer-2 connectivity does not
fail. Routers are configured with VRRP and fully meshed with switches
to ensure layer-3 connectivity. Since GRE is used as an overlay
network, Networking is installed and configured to use the Open
vSwitch agent in GRE tunnel mode. This ensures all devices can reach
all other devices and that tenant networks can be created for private
addressing links to the load balancer.
26. Architecture Design Guide Chapter 5. Network focused
Technical Considerations – Prescriptive examples
26
• A large-scale web application has been designed with cloud
principles in mind. The application is designed to scale horizontally in
a bursting fashion and will generate a high instance count. The
application requires an SSL connection to secure data and must not
lose connection state to individual servers.
• An example design for this workload is depicted in the figure below. In
䜽䝷䜴䝗⎔ቃྥ䛡䛾䝕䝄䜲䞁䠛
this example, a hardware load balancer is configured to provide
SSL offload functionality and to connect reduce 䝻䞊䝗䝞䝷䞁䝃䞊䛿address consumption. This load SSLto tenant networks in order to
balancer 䜸䝣䝻䞊䝗⏝
is linked to the
routing architecture as it will service the VIP for the application. The
router LBand 䛿䜰䝥䝸䜿䞊䝅䝵䞁䛾load balancer are configured with GRE VIPtunnel application's tenant network and provided an IP address 䜒ᥦ౪
ID of the
within the
tenant subnet but outside of the address pool. This is to ensure that the
load balancer can communicate with the application's HTTP servers
without requiring the consumption of a public IP address.
OVS䛷GRE䝖䞁䝛䝹䠛
MLAG䛷䝃䞊䝞䞊㛗
• Because sessions persist until they are closed, the routing and
switching architecture is designed for high availability. Switches are
meshed to each hypervisor and each other, and also provide an
MLAG implementation to ensure that layer-2 connectivity does not
fail. Routers are configured with VRRP and fully meshed with switches
to ensure layer-3 connectivity. Since GRE is used as an overlay
network, Networking is installed and configured to use the Open
vSwitch agent in GRE tunnel mode. This ensures all devices can reach
all other devices and that tenant networks can be created for private
addressing links to the load balancer.
29. Fabrics Trend: The changing data center core
Modular migration to fixed-form factor
29
Density: Fixed vs. Chassis
40GbE per RU @ Line Rate (L3)
70
60
50
40
30
20
10
0
Conventional
ActCihvaes sFisa Cborreic
Chassis Fixed
2008 2010 2012 2014 2016
Data Center – Modular vs. Fixed Ethernet Switch
50
40
30
20
10
0
Chassis Fixed
2010 2012 2014 2016
Source: Dell Oro, 2013
Power: Fixed vs.
Chassis
Max Watts /
30. Cloud Big Data 従来のアプローチ
30
PARTITIONED CAPACIT
Y
Core
Dist
Access
VM
Network
Topology
Capacity
Topology
L2
31. Cloud Big Data 適切なアプローチ
31
Spine
UNIFORM
CAPACITY
Leaf
VM
Network
Topology
Capacity
Topology
L3
L2
32. Uniform fabric for Cloud Big Data
Name Node
32
Database
1280 Server ports
(64) (16)
L3
L2
vSwitch vSwitch
VM VM VM VM
Job Tracker
Rack
1
Rack
2
Rack
3
Rack
N
Node Secondary NN
Node
Node
Node
Node
Client
Node
Node
Node
Node
Client
Node
Node
Node
Node
Node
Node
Node
Node
Node
Node
Node
Node
Node
Node
Block I/O
NAS
Object
33. Uniform fabric for Cloud Big Data
Name Node
Node Secondary NN
Node
Node
Node
Node
33
(64) (16)
L3
L2
Rack
1
Job Tracker
Rack
2
Client
Node
Node
Node
Node
Client
Firewall
Firewall
World
LB
LB
vswitch
VM VM VM
vswitch
VM VM VM
vswitch
VM VM VM
vswitch
VM VM VM
vswitch
VM VM VM
vswitch
VM VM VM
x86 Gateways
34. 10GE OpenStack Pod – Overlay based
34
10GE Cluster Interconnect
Line rate, Low Latency
VLT VLT VLT L3
Open vSwitch
Server cabinet 1
40 nodes
Nova Compute
• L2-in-L3 Overlay (GRE/VXLAN/STT)
• 40 Nodes per rack
• 4 racks, 160 nodes
• 2.5:1 oversubscription @ ToR
Server cabinet 2
40 nodes
Cloud API
Compute
Scheduler
Server cabinet 4
40 nodes
L2
10GE
ToR
160G
ECMP
160G
ECMP
160G
ECMP
160G
ECMP
160G
ECMP
160G
ECMP
Spine
Leaf
Core
x8
• Layer 3 Fabric with 2 Spine x 8 Leaf
• 2 switches per rack w/ VLT (S4810)
• Layer 3 handoff to Core via Leaf
Nova Compute
VM VM VM
Open vSwitch
VM VM VM
Nova
Volume
Swift /
Glance
vF
W
vLB
Message
Bus
OVS
Controller
L2-in-L3
Distributed Edge Overlay
37. Active Fabric solutions at any scale
37
Server/VM density
Fabric scale
Micro Scale Fabric
Macro Scale Fabric
Hyper Scale Fabric
Pay-As-You-Go model for
small-scale Data Centers
Dense, energy-efficient, low
latency solutions
Massively scalable with 40GbE
interconnects inside fabric
39. Midokura MidoNet Network Virtualization Platform
Logical Switching– Layer 2 over Layer 3, decoupled from
the physical network; VXLAN L2 Gateway with S6000
Logical Routing– Routing between virtual networks
without exiting the software container
Distributed Firewall – Distributed Firewall, Kernel
Integrated, High Performance, avoids buying hardware
Distributed Load Balancer – Application Load Balancing
in software, avoids expensive hardware
Distributed VPN – Site-to-Site Remote Access VPN in
software, avoids expensive hardware
MidoNet API – RESTful API for integration into any Cloud
Management Platform
Any application – Supports Pricing: Model based on per host per year premium support any application
Emulates entire network topologies, with intelligence at the edge
Decentralized control plane, VXLAN, OpenFlow, OpenStack support
39
Any Application
Virtual Networks
Any Cloud Management Platform
MidoNet Virtualization Platform
Logical L2
Distributed VPN
Existing Network Hardware
Distributed
Firewall service
Distributed
Load Balancer ser
Service
Logical L3
KVM, ESXi, Xen LXC
40. Active Fabric Controller (AFC) for OpenStack
40
Simple
• Zero-touch provisioning
• Centralized control plane
• Built-in support for L4-L7
Flexible
• Ready for DC and Cloud solutions
• Hypervisor agnostic
• Blades, rack servers, and VMs
Programmable
• Single interface for fabric-wide mgmt control
• Language-agnostic APIs (REST)
• Simple/Extensible object model
Horizon UI
Blade Servers
OpenStack
Neutron
Plug-in
Object Model API
Controller software
Rack Servers
Storage Arrays
L4-L7 Services
Controller
UI
Simple, Flexible Programmable
fabric for Openstack Cloud
Deployments
51. 51
Dell Red Hat Cloud Solutions
Dellは Red Hat Enterprise
Linux OpenStack Platform
の世界初のOEMベンダー
OpenStack – NOW open
for business
http://www.dell.com/learn/us/en/uscorp1/secure/2014-04-16-dell-partner-red-hat-openstack-private-cloud
53. 53
Dell Red Hat Cloud Solutionコンポーネント
検証済みハードウェア。
もっとも安定した最新の
Dell PowerEdgeサーバ
とForce10スイッチで信
頼できるOpenStackソ
リューションを提供
検証済みのReference Architecture
と事前設定済み構成により環境構築の
経費と効率率率を向上
Red Hat Enterprise
Linux OpenStackプラ
ットフォームのセキュリ
テ、安定性、サポートを
提供
Dell Red Hat
Cloud
Solutions
Dell Professional
Services
Dell ProSupport
54. Dell | Red Hat OpenStack Lighthouse Program
OpenStackでプライベートクラウド構築を手軽に始めたい企業に向けた期間限定の特別価格プログラム
v Red Hat Enterprise Linux OpenStack Platformの初期導⼊入コストを抑え、短期
間でプライベートクラウドの環境構築を実現します。
54
【プログラム内容】
60 ⽇日間有効なPOC 向けRed Hat OpenStack サブスクリプション
Red Hat OpenStack 検証準備⽀支援
Red Hat OpenStack リモート技術⽀支援(30時間)
Red Hat OpenStack 管理理者トレーニング&エキスパート認定試験 x 2名様分
【デル・ハードウエア】
Dell PowerEdge R720 Servers (x3)
Dell Networking S55 Switch, 1GB networking (x1)
【提供条件】
お客様事例例紹介のご協⼒力力に同意していただくことをお願いします。
【お問い合わせ】
デル株式会社
エンタープライズソリューション統括本部
ソリューションビジネス開発部
E-‐‑‒MAIL : JP_̲ESG_̲BDM@Dell.com
【本プログラムに関するご注意】 記載内容は製品の改良良のため、予告なく変更更されることがあります。
63. Dell offers Choice of Software Defined Networking
Open Standards + Open Protocols + Open Source = Open IT with Choices
63
Vmware, Microsoft, Open Stack
TCL, Perl Python scripting
REST-API, XML, OMI, Puppet, Chef
Programmable
Solutions
Overlay /Hypervisor
Solutions
SDN Controllers
Open Standards, Open Source
Software-Defined
Networks
Controller
Solutions
Open
Networking
64. Compute paradigm shift
The disaggregated server model changed the landscape
Mainframe/Proprietary model X86 servers model Today
64
Proprietary architectures
mgmt tools
Limited apps
Proprietary OS
(e.g., Solaris, HP-UX, Ultrix)
Proprietary CPUs
(e.g., SPARC, PA-RISC, Alpha)
Orchestration/automation for
distributed computing
Application ecosystem
Standard OS—hypervisors
Industry standard (X86 CPU)
Dell
HP
Others
VMware | Windows Server System | RedHat Linux
| Suse
Intel | AMD
65. Now: Networking paradigm shift
65
Traditional networking Future of networking
Proprietary architectures
mgmt tools
Hundreds of protocols
Proprietary networking
OS
Proprietary ASICs
Standard orchestration automation tools
Optional 3rd party SDN/NVO controller
Any networking OS
Open standard hardware
Merchant silicon
66. New S-Series open networking models
66
Dell S4810-ON
Dell S6000-ON
Dell’s first disaggregated open
networking switches
• Designed for flexibility, performance and
support of 3rd party OS
• 1RU high-density 10/40Gbps TOR
switches
– S4810-ON with 48 ports 10GbE and 4 ports
40GbE
– S6000-ON with 32 ports of 40GbE or 96
ports of 10GbE + 8 ports of 40GbE
• Supports the open source Open Network
Install Environment (ONIE)
• Dell global ProSupport Services
67. Imagine - “Androidification” of networking
67
Standard orchestration
and automation tools
Optional 3rd party SDN /
NVO controller
Any networking OS
Open standard hardware
Merchant silicon
+
Open Source Apps
+
Independent
Software Vendor
Apps
Standard orchestration
and automation tools
Optional 3rd party SDN /
NVO controller
Open network platform OS
Open standard hardware
Merchant silicon
Virtual
services
Power and
traffic
optimization
app
Performance
monitoring
opt app
Security
app
Our focus is on Apps
68. Best of breed Network Operating Systems
68
Dell Networking Operating Systems
• Feature rich, mission critical, line rate performance
Cumulus Linux
• Linux expertise and Linux standardized environments that value
common Linux tools for server and network management
Big Switch Networks Switch Light OS
• Network tapping and monitoring for customers interested in adopting
SDN
69. Open Networking Ecosystem with Cumulus Linux
69
Routing Network
NSX
Automation Orchestration Network
Virtualization Monitoring Storage Security Others
Cumulus Linux
Industry Standard Hardware
70. Configuration Management
70
• Converged administration
– Same automation tools for managing servers now available for the network
Layer 3 Fabric
Servers
Switches
71. This is exactly what dell + big switch bring to market
Big Switch SDN
software...
SDN Controller – single, centralized,
command control
Sits in customer Virtual Machine
(VM) environment / appliance
71
S4810-ON
…Dell open network switch
hardware…
Same high-density, high-quality Dell hardware
used in production ENT, SP and PS hyper-scale
datacenters
1G, 10G, 40G ports for maximum flexibility
BIG TAP
CONTROLLER
SWITCH LIGHT™ OS
ONIE BOOT LOADER
…deliver
monitoring fabrics
Scalable, multi-tenant
network monitoring
solution
Open-networking enables rapid innovation and customer choice through hardware and software disaggregation