The document discusses integrating OpenStack Networking (Neutron) with Software Defined Networking (SDN) controllers. It describes how Neutron can use an SDN controller like ONOS instead of traditional mechanism drivers like Open vSwitch. The key components that would need to be modified are the mechanism driver, service plugin, and configuration. Five virtual machines or host machines running specific OpenStack and ONOS services are also needed to demonstrate the integration between Neutron and an SDN controller.
Taking Security Groups to Ludicrous Speed with OVS (OpenStack Summit 2015)Thomas Graf
Open vSwitch (OVS) has long been a critical component of the Neutron's reference implementation, offering reliable and flexible virtual switching for cloud environments.
Being an early adopter of the OVS technology, Neutron's reference implementation made some compromises to stay within the early, stable featureset OVS exposed. In particular, Security Groups (SG) have been so far implemented by leveraging hybrid Linux Bridging and IPTables, which come at a significant performance overhead. However, thanks to recent developments and ongoing improvements within the OVS community, we are now able to implement feature-complete security groups directly within OVS.
In this talk we will summarize the existing Security Groups implementation in Neutron and compare its performance with the Open vSwitch-only approach. We hope this analysis will form the foundation of future improvements to the Neutron Open vSwitch reference design.
OVN (Open Virtual Network) を用いる事により、OVS (Open vSwitch)が動作する複数のサーバー(Hypervisor/Chassis)を横断する仮想ネットワークを構築する事ができます。
本スライドはOVNを用いた論理ネットワークの構成と設定サンプルのメモとなります。
Using OVN, you can build logical network among multiple servers (Hypervisor/Chassis) running OVS (Open vSwitch).
This slide is describes HOW TO example of OVN configuration to create 2 logical switch connecting 4 VMs running on 2 chassis.
Taking Security Groups to Ludicrous Speed with OVS (OpenStack Summit 2015)Thomas Graf
Open vSwitch (OVS) has long been a critical component of the Neutron's reference implementation, offering reliable and flexible virtual switching for cloud environments.
Being an early adopter of the OVS technology, Neutron's reference implementation made some compromises to stay within the early, stable featureset OVS exposed. In particular, Security Groups (SG) have been so far implemented by leveraging hybrid Linux Bridging and IPTables, which come at a significant performance overhead. However, thanks to recent developments and ongoing improvements within the OVS community, we are now able to implement feature-complete security groups directly within OVS.
In this talk we will summarize the existing Security Groups implementation in Neutron and compare its performance with the Open vSwitch-only approach. We hope this analysis will form the foundation of future improvements to the Neutron Open vSwitch reference design.
OVN (Open Virtual Network) を用いる事により、OVS (Open vSwitch)が動作する複数のサーバー(Hypervisor/Chassis)を横断する仮想ネットワークを構築する事ができます。
本スライドはOVNを用いた論理ネットワークの構成と設定サンプルのメモとなります。
Using OVN, you can build logical network among multiple servers (Hypervisor/Chassis) running OVS (Open vSwitch).
This slide is describes HOW TO example of OVN configuration to create 2 logical switch connecting 4 VMs running on 2 chassis.
리눅스 pacemaker 기반의 High Availaiblity 구성방법에 대해 설명합니다. pacemaker를 사용하는 다른 리눅스 기반도 구성이 가능합니다.
Pacemaker 기반 Linux High Availability 입문용으로는 적합하지 않을 수 있습니다. Pacemaker 기반 Linux High Availability를 한 번도 설치 및 구성을 하지 않은 리눅스 관리자라면 설치 문서를 먼저 참고하십시오.
RHEL7 및 CentOS 7을 중심으로 레드햇 계열의 리눅스에 적합한 내용으로 작성되었습니다.
This presentation covers the basics about OpenvSwitch and its components. OpenvSwitch is a Open Source implementation of OpenFlow by the Nicira team.
It also also talks about OpenvSwitch and its role in OpenStack Networking
This presentation start from basic concept such as container and container orchestration
And then go through Kubernetes internal especially Master Node components and Work Node components and show and explain core mechanism with codes.
PostgreSQL continuous backup and PITR with BarmanEDB
How can I achieve an RPO of 5 minutes for the backups of my PostgreSQL databases? And what about RPO=0 for zero data loss backups? This talk will give you answers to those questions, by guiding you through an overview of Disaster Recovery of PostgreSQL databases with Barman, covering its key concepts and providing useful patterns and tips.
OpenStack 운영을 통해 얻은 교훈을 공유합니다.
목차
1. TOAST 클라우드 지금의 모습
2. OpenStack 선택의 이유
3. 구성의 어려움과 극복 사례
4. 활용 사례
5. 풀어야 할 문제들
대상
- TOAST 클라우드를 사용하고 싶은 분
- WMI를 처음 들어보시는 분
Linux offers an extensive selection of programmable and configurable networking components from traditional bridges, encryption, to container optimized layer 2/3 devices, link aggregation, tunneling, several classification and filtering languages all the way up to full SDN components. This talk will provide an overview of many Linux networking components covering the Linux bridge, IPVLAN, MACVLAN, MACVTAP, Bonding/Team, OVS, classification & queueing, tunnel types, hidden routing tricks, IPSec, VTI, VRF and many others.
Introduce the basic concept of Open vSwitch. In this slide, we talked about how Linux kernel and networking stack worked together to forward and process the network packet and also compare those Linux networking stack functionality with Open vSwitch and Openflow.
At the end of this slide, we talk about the challenge to integrate the Open vSwitch with Kubernetes, what kind of the networking function we need to resolve and what is the benefit we can get from the Open Vswitch.
This tutorial covers all parallel replication implementation in MariaDB 10.0 and 10.1 and MySQL 5.6, 5.7 and 8.0 (including how it works in Group Replication).
MySQL and MariaDB have different types of parallel replication. In this tutorial, we present the different implementations that allow us to understand their limitations and tuning parameters. We cover how to make parallel replication faster and what to avoid for maximizing its benefits. We also present tests from Booking.com workloads.
Some of the subjects that are covered are group commit and optimistic parallel replication in MariaDB, the parallelism interval of MySQL and its Write Set optimization, and the ?slowing down the master to speed up the slave? optimization.
After this tutorial, you will know everything you need to implement and tune parallel replication in your environment. But more importantly, we will show how you can test parallel replication benefit in a non-disruptive way before deployment.
Accelerating Envoy and Istio with Cilium and the Linux KernelThomas Graf
This talk will provide an introduction to injection options of Envoy and then deep dive into ongoing Linux kernel work that enables injecting Envoy while introducing as little latency as possible.
The servicemesh and the sidecar proxy model are on a steep trajectory to redefine many networking and security use cases. This talk explains and demos a new socket redirect Linux kernel technology that allows running Envoy with similar performance as if the sidecar was linked to the application using a UNIX domain socket. The talk will also give an outlook on how Envoy can use the recently merged kernel TLS functionality to gain access to the clear text payload transparently for end to end encrypted applications without requiring to decrypt and re-encrypt any data to further reduce the overhead and latency.
[오픈소스컨설팅] Open Stack Ceph, Neutron, HA, Multi-RegionJi-Woong Choi
OpenStack Ceph & Neutron에 대한 설명을 담고 있습니다.
1. OpenStack
2. How to create instance
3. Ceph
- Ceph
- OpenStack with Ceph
4. Neutron
- Neutron
- How neutron works
5. OpenStack HA- controller- l3 agent
6. OpenStack multi-region
MySQL Administrator
Basic course
- MySQL 개요
- MySQL 설치 / 설정
- MySQL 아키텍처 - MySQL 스토리지 엔진
- MySQL 관리
- MySQL 백업 / 복구
- MySQL 모니터링
Advanced course
- MySQL Optimization
- MariaDB / Percona
- MySQL HA (High Availability)
- MySQL troubleshooting
네오클로바
http://neoclova.co.kr/
리눅스 pacemaker 기반의 High Availaiblity 구성방법에 대해 설명합니다. pacemaker를 사용하는 다른 리눅스 기반도 구성이 가능합니다.
Pacemaker 기반 Linux High Availability 입문용으로는 적합하지 않을 수 있습니다. Pacemaker 기반 Linux High Availability를 한 번도 설치 및 구성을 하지 않은 리눅스 관리자라면 설치 문서를 먼저 참고하십시오.
RHEL7 및 CentOS 7을 중심으로 레드햇 계열의 리눅스에 적합한 내용으로 작성되었습니다.
This presentation covers the basics about OpenvSwitch and its components. OpenvSwitch is a Open Source implementation of OpenFlow by the Nicira team.
It also also talks about OpenvSwitch and its role in OpenStack Networking
This presentation start from basic concept such as container and container orchestration
And then go through Kubernetes internal especially Master Node components and Work Node components and show and explain core mechanism with codes.
PostgreSQL continuous backup and PITR with BarmanEDB
How can I achieve an RPO of 5 minutes for the backups of my PostgreSQL databases? And what about RPO=0 for zero data loss backups? This talk will give you answers to those questions, by guiding you through an overview of Disaster Recovery of PostgreSQL databases with Barman, covering its key concepts and providing useful patterns and tips.
OpenStack 운영을 통해 얻은 교훈을 공유합니다.
목차
1. TOAST 클라우드 지금의 모습
2. OpenStack 선택의 이유
3. 구성의 어려움과 극복 사례
4. 활용 사례
5. 풀어야 할 문제들
대상
- TOAST 클라우드를 사용하고 싶은 분
- WMI를 처음 들어보시는 분
Linux offers an extensive selection of programmable and configurable networking components from traditional bridges, encryption, to container optimized layer 2/3 devices, link aggregation, tunneling, several classification and filtering languages all the way up to full SDN components. This talk will provide an overview of many Linux networking components covering the Linux bridge, IPVLAN, MACVLAN, MACVTAP, Bonding/Team, OVS, classification & queueing, tunnel types, hidden routing tricks, IPSec, VTI, VRF and many others.
Introduce the basic concept of Open vSwitch. In this slide, we talked about how Linux kernel and networking stack worked together to forward and process the network packet and also compare those Linux networking stack functionality with Open vSwitch and Openflow.
At the end of this slide, we talk about the challenge to integrate the Open vSwitch with Kubernetes, what kind of the networking function we need to resolve and what is the benefit we can get from the Open Vswitch.
This tutorial covers all parallel replication implementation in MariaDB 10.0 and 10.1 and MySQL 5.6, 5.7 and 8.0 (including how it works in Group Replication).
MySQL and MariaDB have different types of parallel replication. In this tutorial, we present the different implementations that allow us to understand their limitations and tuning parameters. We cover how to make parallel replication faster and what to avoid for maximizing its benefits. We also present tests from Booking.com workloads.
Some of the subjects that are covered are group commit and optimistic parallel replication in MariaDB, the parallelism interval of MySQL and its Write Set optimization, and the ?slowing down the master to speed up the slave? optimization.
After this tutorial, you will know everything you need to implement and tune parallel replication in your environment. But more importantly, we will show how you can test parallel replication benefit in a non-disruptive way before deployment.
Accelerating Envoy and Istio with Cilium and the Linux KernelThomas Graf
This talk will provide an introduction to injection options of Envoy and then deep dive into ongoing Linux kernel work that enables injecting Envoy while introducing as little latency as possible.
The servicemesh and the sidecar proxy model are on a steep trajectory to redefine many networking and security use cases. This talk explains and demos a new socket redirect Linux kernel technology that allows running Envoy with similar performance as if the sidecar was linked to the application using a UNIX domain socket. The talk will also give an outlook on how Envoy can use the recently merged kernel TLS functionality to gain access to the clear text payload transparently for end to end encrypted applications without requiring to decrypt and re-encrypt any data to further reduce the overhead and latency.
[오픈소스컨설팅] Open Stack Ceph, Neutron, HA, Multi-RegionJi-Woong Choi
OpenStack Ceph & Neutron에 대한 설명을 담고 있습니다.
1. OpenStack
2. How to create instance
3. Ceph
- Ceph
- OpenStack with Ceph
4. Neutron
- Neutron
- How neutron works
5. OpenStack HA- controller- l3 agent
6. OpenStack multi-region
MySQL Administrator
Basic course
- MySQL 개요
- MySQL 설치 / 설정
- MySQL 아키텍처 - MySQL 스토리지 엔진
- MySQL 관리
- MySQL 백업 / 복구
- MySQL 모니터링
Advanced course
- MySQL Optimization
- MariaDB / Percona
- MySQL HA (High Availability)
- MySQL troubleshooting
네오클로바
http://neoclova.co.kr/
2017년 5월 25일 (목), IBM과 함께 하는 오픈스택 정기 세미나에서 IBM 김민석 과장님께서 발표해 주신 자료를 공유합니다.
- IBM 클라우드에 대해 궁금하신 사항 있으시면, IBM 담당자께 contact 바랍니다.
(한국IBM 클라우드 마케팅 담당 임지현, jihlim@kr.ibm.com)
Pushing Packets - How do the ML2 Mechanism Drivers Stack UpJames Denton
Architecting a private cloud to meet the use cases of its users can be a daunting task. How do you determine which of the many L2/L3 Neutron plugins and drivers to implement? Does network performance outweigh reliability? Are overlay networks just as performant as VLAN networks? The answers to these questions will drive the appropriate technology choice.
In this presentation, we will look at many of the common drivers built around the ML2 framework, including LinuxBridge, OVS, OVS+DPDK, SR-IOV, and more, and will provide performance data to help drive decisions around selecting a technology that's right for the situation. We will discuss our experience with some of these technologies, and the pros and cons of one technology over another in a production environment.
Openstack Networking Internals - first partlilliput12
Openstack Networking Internals - first part
Description of the Virtual Network Infrastructure inside an OpenStack cluster
The pictures of the VNI were taken with the "Show my network state" tool
https://sites.google.com/site/showmynetworkstate/
Interop Tokyo 2014 SDI (Software Defined Infrustructure) ShowCase Seminoar Presentation. The presentation covers Neutron API models (L2/L3 and Advanced Network services), Neutron Icehouse Update and Juno topics.
This presentation was shown at the OpenStack Online Meetup session on August 28, 2014. It is an update to the 2013 sessions, and adds content on Services Plugin, Modular plugins, as well as an Outlook to some Juno features like DVR, HA and IPv6 Support
Overview of OpenStack nova-networking evolution towards Neutron. Architecture overview of OVS plugin, ML2, and MidoNet Overlay product. Overview and example of Heat templates, along with automation of physical switches using Cumulus
Presentation given at the 2017 LinuxCon China
With the booming of Container technology, it brings obvious advantages for cloud: simple and faster deployment, portability and lightweight cost. But the networking challenges are significant. Users need to restructure their network and support container deployment with current cloud framework, like container and VMs.
In this presentation, we will introduce new container networking solution, which provides one management framework to work with different network componenets through Open/friendly modelling mechnism. iCAN can simplify network deployment and management with most orchestration systems and a variety of data plane components, and design extendsible architect to define and validate Service Level Agreement(SLA) for cloud native applications, which is important factor for enterprise to deliver successful and stable service via containers.
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...Cloud Native Day Tel Aviv
OpenDaylight is the largest open source SDN controller. OpenDaylight's Netvirt project provides an alternative mechanism and architecture for provisioning networks using Neutron. OpenDaylight Netvirt is an active project with dozens of contributors worldwide and serves as the basis of numerous commercial products and services.
This talk aims to provide a technical overview of the OpenDaylight Netvirt project and its integration with Neutron.
Topics will include:
* Neutron/OpenDaylight architectural overview
* openstack/networking_odl v2 architecture and new features
* OpenDaylight Netvirt's networking deep dive
* Advantages of OpenDaylight Netvirt
This talk targets people interested in using or developing OpenDaylight for OpenStack.
Presentation delivered at LinuxCon China 2017
Real-Time is used for deadline-oriented applications and time-sensitive workloads. Real-Time KVM is the extension of KVM(Linux Kernel-based Virtual Machine) to allow the virtual machines(VM) to be a truly Real-Time operating system.Users sometimes need to run low-latency applications(such as audio/video streaming, highly interactive systems, etc) to meet their requirements in clouds. NFV is a new network concept which uses virtualization and software instead of dedicated network appliances. For some use cases of telecommunications, network latency must be within a certain range of values. Real-Time KVM can help NFV meet this requirements.
In this presentation, Pei Zhang will talk about:
(1)Real-Time KVM introduction
(2)Real-Time cloud building
(3)Real-Time KVM in NFV: VM with openvswitch, dpdk and qemu’s vhostuser
(4)Performance testing results show
Bare Metal to OpenStack with Razor and ChefMatt Ray
Slides from the OpenStack Spring 2013 Summit workshop presented by Egle Sigler (@eglute) and Matt Ray (@mattray) from Rackspace and Opscode respectively. Please refer to http://anystacker.com/ for additional content.
2018년 10월 19일 금요일, 오픈스택 한국 커뮤니티 정기 세미나에서 발표주셨던 자료입니다.
- 행사 정보: http://festa.io/events/118
- 발표자: 김용기 부장님
> Sr. Solution Architect, Red Hat
> Administrator, Ansible Facebook Usergroup
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...informapgpstrackings
Keep tabs on your field staff effortlessly with Informap Technology Centre LLC. Real-time tracking, task assignment, and smart features for efficient management. Request a live demo today!
For more details, visit us : https://informapuae.com/field-staff-tracking/
How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?XfilesPro
Worried about document security while sharing them in Salesforce? Fret no more! Here are the top-notch security standards XfilesPro upholds to ensure strong security for your Salesforce documents while sharing with internal or external people.
To learn more, read the blog: https://www.xfilespro.com/how-does-xfilespro-make-document-sharing-secure-and-seamless-in-salesforce/
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Globus
The Earth System Grid Federation (ESGF) is a global network of data servers that archives and distributes the planet’s largest collection of Earth system model output for thousands of climate and environmental scientists worldwide. Many of these petabyte-scale data archives are located in proximity to large high-performance computing (HPC) or cloud computing resources, but the primary workflow for data users consists of transferring data, and applying computations on a different system. As a part of the ESGF 2.0 US project (funded by the United States Department of Energy Office of Science), we developed pre-defined data workflows, which can be run on-demand, capable of applying many data reduction and data analysis to the large ESGF data archives, transferring only the resultant analysis (ex. visualizations, smaller data files). In this talk, we will showcase a few of these workflows, highlighting how Globus Flows can be used for petabyte-scale climate analysis.
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamtakuyayamamoto1800
In this slide, we show the simulation example and the way to compile this solver.
In this solver, the Helmholtz equation can be solved by helmholtzFoam. Also, the Helmholtz equation with uniformly dispersed bubbles can be simulated by helmholtzBubbleFoam.
Large Language Models and the End of ProgrammingMatt Welsh
Talk by Matt Welsh at Craft Conference 2024 on the impact that Large Language Models will have on the future of software development. In this talk, I discuss the ways in which LLMs will impact the software industry, from replacing human software developers with AI, to replacing conventional software with models that perform reasoning, computation, and problem-solving.
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...Hivelance Technology
Cryptocurrency trading bots are computer programs designed to automate buying, selling, and managing cryptocurrency transactions. These bots utilize advanced algorithms and machine learning techniques to analyze market data, identify trading opportunities, and execute trades on behalf of their users. By automating the decision-making process, crypto trading bots can react to market changes faster than human traders
Hivelance, a leading provider of cryptocurrency trading bot development services, stands out as the premier choice for crypto traders and developers. Hivelance boasts a team of seasoned cryptocurrency experts and software engineers who deeply understand the crypto market and the latest trends in automated trading, Hivelance leverages the latest technologies and tools in the industry, including advanced AI and machine learning algorithms, to create highly efficient and adaptable crypto trading bots
Into the Box Keynote Day 2: Unveiling amazing updates and announcements for modern CFML developers! Get ready for exciting releases and updates on Ortus tools and products. Stay tuned for cutting-edge innovations designed to boost your productivity.
Check out the webinar slides to learn more about how XfilesPro transforms Salesforce document management by leveraging its world-class applications. For more details, please connect with sales@xfilespro.com
If you want to watch the on-demand webinar, please click here: https://www.xfilespro.com/webinars/salesforce-document-management-2-0-smarter-faster-better/
First Steps with Globus Compute Multi-User EndpointsGlobus
In this presentation we will share our experiences around getting started with the Globus Compute multi-user endpoint. Working with the Pharmacology group at the University of Auckland, we have previously written an application using Globus Compute that can offload computationally expensive steps in the researcher's workflows, which they wish to manage from their familiar Windows environments, onto the NeSI (New Zealand eScience Infrastructure) cluster. Some of the challenges we have encountered were that each researcher had to set up and manage their own single-user globus compute endpoint and that the workloads had varying resource requirements (CPUs, memory and wall time) between different runs. We hope that the multi-user endpoint will help to address these challenges and share an update on our progress here.
Developing Distributed High-performance Computing Capabilities of an Open Sci...Globus
COVID-19 had an unprecedented impact on scientific collaboration. The pandemic and its broad response from the scientific community has forged new relationships among public health practitioners, mathematical modelers, and scientific computing specialists, while revealing critical gaps in exploiting advanced computing systems to support urgent decision making. Informed by our team’s work in applying high-performance computing in support of public health decision makers during the COVID-19 pandemic, we present how Globus technologies are enabling the development of an open science platform for robust epidemic analysis, with the goal of collaborative, secure, distributed, on-demand, and fast time-to-solution analyses to support public health.
How Recreation Management Software Can Streamline Your Operations.pptxwottaspaceseo
Recreation management software streamlines operations by automating key tasks such as scheduling, registration, and payment processing, reducing manual workload and errors. It provides centralized management of facilities, classes, and events, ensuring efficient resource allocation and facility usage. The software offers user-friendly online portals for easy access to bookings and program information, enhancing customer experience. Real-time reporting and data analytics deliver insights into attendance and preferences, aiding in strategic decision-making. Additionally, effective communication tools keep participants and staff informed with timely updates. Overall, recreation management software enhances efficiency, improves service delivery, and boosts customer satisfaction.
In software engineering, the right architecture is essential for robust, scalable platforms. Wix has undergone a pivotal shift from event sourcing to a CRUD-based model for its microservices. This talk will chart the course of this pivotal journey.
Event sourcing, which records state changes as immutable events, provided robust auditing and "time travel" debugging for Wix Stores' microservices. Despite its benefits, the complexity it introduced in state management slowed development. Wix responded by adopting a simpler, unified CRUD model. This talk will explore the challenges of event sourcing and the advantages of Wix's new "CRUD on steroids" approach, which streamlines API integration and domain event management while preserving data integrity and system resilience.
Participants will gain valuable insights into Wix's strategies for ensuring atomicity in database updates and event production, as well as caching, materialization, and performance optimization techniques within a distributed system.
Join us to discover how Wix has mastered the art of balancing simplicity and extensibility, and learn how the re-adoption of the modest CRUD has turbocharged their development velocity, resilience, and scalability in a high-growth environment.
Enhancing Research Orchestration Capabilities at ORNL.pdfGlobus
Cross-facility research orchestration comes with ever-changing constraints regarding the availability and suitability of various compute and data resources. In short, a flexible data and processing fabric is needed to enable the dynamic redirection of data and compute tasks throughout the lifecycle of an experiment. In this talk, we illustrate how we easily leveraged Globus services to instrument the ACE research testbed at the Oak Ridge Leadership Computing Facility with flexible data and task orchestration capabilities.
Advanced Flow Concepts Every Developer Should KnowPeter Caitens
Tim Combridge from Sensible Giraffe and Salesforce Ben presents some important tips that all developers should know when dealing with Flows in Salesforce.
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns
Unlocking Business Potential: Tailored Technology Solutions by Prosigns
Discover how Prosigns, a leading technology solutions provider, partners with businesses to drive innovation and success. Our presentation showcases our comprehensive range of services, including custom software development, web and mobile app development, AI & ML solutions, blockchain integration, DevOps services, and Microsoft Dynamics 365 support.
Custom Software Development: Prosigns specializes in creating bespoke software solutions that cater to your unique business needs. Our team of experts works closely with you to understand your requirements and deliver tailor-made software that enhances efficiency and drives growth.
Web and Mobile App Development: From responsive websites to intuitive mobile applications, Prosigns develops cutting-edge solutions that engage users and deliver seamless experiences across devices.
AI & ML Solutions: Harnessing the power of Artificial Intelligence and Machine Learning, Prosigns provides smart solutions that automate processes, provide valuable insights, and drive informed decision-making.
Blockchain Integration: Prosigns offers comprehensive blockchain solutions, including development, integration, and consulting services, enabling businesses to leverage blockchain technology for enhanced security, transparency, and efficiency.
DevOps Services: Prosigns' DevOps services streamline development and operations processes, ensuring faster and more reliable software delivery through automation and continuous integration.
Microsoft Dynamics 365 Support: Prosigns provides comprehensive support and maintenance services for Microsoft Dynamics 365, ensuring your system is always up-to-date, secure, and running smoothly.
Learn how our collaborative approach and dedication to excellence help businesses achieve their goals and stay ahead in today's digital landscape. From concept to deployment, Prosigns is your trusted partner for transforming ideas into reality and unlocking the full potential of your business.
Join us on a journey of innovation and growth. Let's partner for success with Prosigns.
Designing for Privacy in Amazon Web ServicesKrzysztofKkol1
Data privacy is one of the most critical issues that businesses face. This presentation shares insights on the principles and best practices for ensuring the resilience and security of your workload.
Drawing on a real-life project from the HR industry, the various challenges will be demonstrated: data protection, self-healing, business continuity, security, and transparency of data processing. This systematized approach allowed to create a secure AWS cloud infrastructure that not only met strict compliance rules but also exceeded the client's expectations.
Listen to the keynote address and hear about the latest developments from Rachana Ananthakrishnan and Ian Foster who review the updates to the Globus Platform and Service, and the relevance of Globus to the scientific community as an automation platform to accelerate scientific discovery.
3. Environment
• Host: HP Elitebook 820 G1 (Intel
i5-4300U, 2.50GHz / 12GB RAM)
/ Windows 7 Enterprise
• VirtualBox: 5.0.6 with Extension
Pack installed
• Guest: Ubuntu x64 14.04
• OpenStack: Liberty
(Provider Network)
• 설치목차
• 1. 기본 프로그램 설치(python-
openstackclient chrony) 및 네트
워크 인터페이스 설정
2. 컨트롤러 전용 프로그램 설치
(mariasql, rabbitmq)
3-1. Keystone 설치
3-2. 기본 계정 설정하기
(Admin/Demo)
3-3. Keystone 설치 후 동작 확인
4-1. Glance 설치
4-2. Glance 설치 후 동작 확인
• -----------
• 5-1. Nova 설치
• 5-2. Nova 설치 후 동작 확인
• 6-1. Neutron 설치
• 6-2. Neutron 설치 후 동작 확인
• 7. Horizon 설치
4. Provider Networks
• Provider networks generally offer
simplicity, performance, and
reliability at the cost of flexibility.
• Operators can build on this
minimal deployment to enable
more cloud networking features.
공유기=
<OpenStack Networking Guide> <VirtualBox로 구현한 네트워크 구조>
5. Why LinuxBridge and OVS?
• LinuxBridge (since 1999/01/25):
– A Linux bridge is more powerful than a pure
hardware bridge because it can also filter and
shape traffic. The combination of bridging and
firewalling is done with the companion project
ebtables.
• Open vSwitch (since 2009/07/29)
– It is designed to enable massive network
automation through programmatic extension, while
still supporting standard management interfaces
and protocols (e.g. NetFlow, sFlow, IPFIX,
RSPAN, CLI, LACP, 802.1ag).
6. Why OVS so complicated?
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/5/html/Cloud_Administrator_Guide/section_networking-scenarios.html
• Ideally, the TAP device vnet0 would be connected directly to the integration bridge, br-int. Unfortunately, this isn't possible because of how OpenStack security
groups are currently implemented. OpenStack uses iptables rules on the TAP devices such as vnet0 to implement security groups, and Open vSwitch is not
compatible with iptables rules that are applied directly on TAP devices that are connected to an Open vSwitch port.
• Networking uses an extra Linux bridge and a veth pair as a workaround for this issue. Instead of connecting vnet0 to an Open vSwitch bridge, it is connected to
a Linux bridge, qbrXXX. This bridge is connected to the integration bridge, br-int, through the (qvbXXX, qvoXXX) veth pair.
LinuxBridgeOpenvSwitch
7. What is ML2
• The Modular Layer 2 (ML2) Plugin is a framework allowing OpenStack
Networking to simultaneously utilize the variety of layer 2 networking
technologies found in complex real-world datacenters.
POST /v2.0/ports.json HTTP/1.1
content-type: application/json
{
"port": {
"admin_state_up": true,
"device_id": "d6b4d3a5-c700-476f-b609-1493dd9dadc0",
"name": "port1",
"network_id": "6aeaf34a-c482-4bd3-9dc3-7faf36412f12"
}
}
LB Agent
11. Bridge, Switch and Router
• Bridge: A network bridge is network hardware that connects multiple network segments.
• Switch: A network switch is a multiport network bridge that uses hardware addresses to
process and forward data at the data link layer (layer 2) of the OSI model.
• Router: A router is connected to two or more data lines from different networks. When
multiple routers are used in interconnected networks, the routers exchange information
about destination addresses using a dynamic routing protocol.
주요 특징 Classical Router Layer 3 Switch
주요 OSI Layer Layer 3 Layer 3
Routing 방법 Software (CPU + Software) Hardware (ASIC chip)
L2 지원 Ethernet, TokerRing, FDDI, ATM, WAN FastEthernet, Gigabit Ethernet
forwarding 성능 Slow Fast
Latency 약 200 ms < 10 ms (100 Mbps)
관리/program가능 매우 높음 적음
지원 Protocol All IP (일부 IPX)
Routing Protocol All RIP1,2 OSPF 등
WAN 지원 지원함 지원하지 않음
비용 높음 낮음
표 출처: http://koreahojin.egloos.com/v/2341317
12. Booting a VM
• 0. _build_instance() & _allocate_network()
• 1. REST (C->N): Create Port
• 2. vif_driver.plug() & Add a port tap with external_ids set
– ‘Neutron OVS agent’ loop to detect port update
– Get the Neutron port id from the external_ids
– Call get_device_details(port_id) to Neutron Server
• 3. Bind_port() & Set up the ovs port
• 4. update_device_up()
15. class OpenDaylightMechanismDriver(driver_api.MechanismDriver):
"""Mechanism Driver for OpenDaylight.
This driver was a port from the NCS MechanismDriver. The API
exposed by ODL is slightly different from the API exposed by NCS,
but the general concepts are the same.
"""
def initialize(self):
self.url = cfg.CONF.ml2_odl.url
self.timeout = cfg.CONF.ml2_odl.timeout
self.username = cfg.CONF.ml2_odl.username
self.password = cfg.CONF.ml2_odl.password
required_opts = ('url', 'username', 'password')
for opt in required_opts:
if not getattr(self, opt):
raise cfg.RequiredOptError(opt, 'ml2_odl')
self.odl_drv = OpenDaylightDriver()
# Postcommit hooks are used to trigger synchronization.
def create_network_postcommit(self, context):
self.odl_drv.synchronize('create', odl_const.ODL_NETWORKS, context)
ML2 for ODL
from networking_odl.common import constants as odl_const
from networking_odl.ml2 import mech_driver
from oslo_config import cfg
from oslo_log import log
from neutron.plugins.ml2 import driver_api as api
https://github.com/openstack/networking-odl
(ODL backend implementation)
16. def sendjson(self, method, urlpath, obj):
"""Send json to the OpenDaylight controller."""
headers = {'Content-Type': 'application/json'}
data = jsonutils.dumps(obj, indent=2) if obj else None
url = '/'.join([self.url, urlpath])
LOG.debug("Sending METHOD (%(method)s) URL (%(url)s) JSON (%(obj)s)",
{'method': method, 'url': url, 'obj': obj})
r = requests.request(method, url=url,
headers=headers, data=data,
auth=self.auth, timeout=self.timeout)
r.raise_for_status()
def sync_single_resource(self, operation, object_type, context):
"""Sync over a single resource from Neutron to OpenDaylight.
Handle syncing a single operation over to OpenDaylight, and correctly
filter attributes out which are not required for the requisite
operation (create or update) being handled.
"""
# Convert underscores to dashes in the URL for ODL
object_type_url = object_type.replace('_', '-')
try:
obj_id = context.current['id']
if operation == odl_const.ODL_DELETE:
self.out_of_sync |= not self.client.try_delete(
object_type_url + '/' + obj_id)
else:
filter_cls = self.FILTER_MAP[object_type]
if operation == odl_const.ODL_CREATE:
urlpath = object_type_url
method = 'post'
attr_filter = filter_cls.filter_create_attributes
elif operation == odl_const.ODL_UPDATE:
urlpath = object_type_url + '/' + obj_id
method = 'put'
attr_filter = filter_cls.filter_update_attributes
resource = context.current.copy()
attr_filter(resource, context)
self.client.sendjson(method, urlpath,
{object_type_url[:-1]: resource})
def synchronize(self, operation, object_type, context):
"""Synchronize ODL with Neutron following a configuration change."""
if self.out_of_sync:
self.sync_full(context._plugin)
else:
self.sync_single_resource(operation, object_type, context)
ML2 for ODL
def create_network_postcommit(self, context):
self.odl_drv.synchronize('create', odl_const.ODL_NETWORKS, context)
self.context = context.get_admin_context()
curl -X POST -H "Content-Type: application/json" -u admin:admin http://localhost:8080/controller/nb/v2/neutron/networks -d '{ "networks": [ { "id": "d17696ea-1d2f-42ff-
9a8f-895eca97b5ed", "name": "Network-1", "tenant_id": "93397de8-7b3c-4450-a700-40d5d0120e89","router:external": true,"shared": true} ]}'
https://github.com/openstack/networking-odl
19. SDN, OpenFlow, SDN Controller
How to integrate SDN controller with
OpenStack?
Demo
Contents
20. SDN(Software Defined Networking) 개념
소프트웨어 정의 네트워킹으로 불리 우며 개방형 API(예를 들어 OpenFlow)를
통해 네트워크 장비에서 하드웨어 기능과 소프트웨어 기능을 분리하여
소프트웨어 기반 컨트롤러에 의해 제거/관리하는 접근 방식임
SDN Architecture
SDN, OpenFlow, SDN Controller
Infrastructure
Layer
Network
Control Layer
Application
Layer
Network Aware
Application
SDN Controller
(e.g., onos, opendaylight, floodlight …)
Physical
Network Device
Virtual
Network Device
Control Data Plane Interface
(e.g., OpenFlow)
Network Information
API API
Network Control
*출처: “OpenFlow를 이용한 SDN입문”
Control Plane
Data Plane
21. Neutron + SDN Controller
Neutron Components
192.168.0.0/24
192.168.1.0/24
117.16.149.0/24
https://github.com/openstack/networking-onos
Mechanism driver: ONOSMechanismDriver (instead of
OpenvswitchMechanismDriver)
Service plugin: ONOSL3Plugin(instead of L3RouterPlugin)
Detail Configuration: http://heavenkong.blogspot.kr/2015/12/integrate-
onosemu-with-openstack-kilo.html
x
x
x
수정
22. Five VMs or host machines are needed
Prerequisite
No usage CPU Memory Disk
1 OpenStack
Controller Node
2 Core 4 GB 20 GB
2 OpenStack Network
Node
2 Core 4 GB 20 GB
3 ONOS Controller
Node
2 Core 4 GB 20 GB
4 Compute Node1 1 Core 2 GB 20 GB
5 Compute Node2 1 Core 2 GB 20 GB
*Reference: SONA User Guide
https://wiki.onosproject.org/display/ONOS/How+to+set+up+environment
24. Openstackswitching from SONA architecture
https://wiki.onosproject.org/display/ONOS/SONA+Architectur
e
They only support switching part
They didn’t support gre tunnel
Networking-onos는 nova로 부터 ONOS사이
REST API형식으로 전달해주는 작용을 함
Openstackswitching은 REST API를 받아
instance들을 위한 가상 네트워크를 만들어 줌
Openstackswithcing app uses the REST API call from onos-
networking plugin only when pushing the DHCP
mapping(VM IP-MAC pair), and it pushes flow rules when
VMs are created and PORT_ADDED/UPDATED events occurs
We need both networking-onos and
openstackswitching app
26. Instance can not receive fixed IP
It means ONOS can not receive fixed IP
Reference:
http://uni2u.tistory.com/58
http://blog.night9.cc/onos-on-centos7/
https://www.youtube.com/watch?v=qP8nPYhz_Mo
https://wiki.onosproject.org/display/ONOS/Simple+workthrough
http://forum.onosfw.com/t/how-to-integrate-onos-master-1-4-0-
with-openstack-kilo/80
https://github.com/hyunsun/documentations/wiki/Neutron-
ONOS-Integration-for-CORD-VTN
Work to be continued …