This document discusses production ready container networking challenges and Contiv's approach. It outlines 7 key challenges: 1) scaling to hundreds of containers per host, 2) speed of provisioning networks, 3) layers of orchestration obscuring visibility, 4) need for stable predictable networking, 5) application-centric consumption of resources, 6) policies for shared resources, and 7) consistency across hybrid cloud. It then describes Contiv's approach to address these through techniques like route and policy distribution, automated scaling, flat networks, and integration with application blueprints.

1. Production Ready Container Networking
Docker San Jose Meetup
July 21st, 2016
Github: @jainvipin | Twitter: @jainvipin_

2.  Developer/Hacker/Collaborator/Disruptor
 Networking Enthusiast, Cisco Employee
 DevOps, Golang Fan
 Lately, Mining Containers
Who am I?

3. A word about Contiv
 Networking for Containers
• Multi-tenant multi-host networking for containers
• Service Load Balancing, Security Policies, Telemetry
• Physical Network Integration, etc.
 Storage for Containers
• Persistent Storage for Containers
• Policies for allocation, garbage collection, snapshots, IOPs rate limiting, etc.
• Supports Ceph, NFS backends, etc.
 Clustering
• Discover, Provision and Manage nodes
 All Open Sourced
• Componentized packages for individual use
• Hacks/Contributions Welcome!
 Sponsored by Cisco

4. 1. Scale: 200-500 containers per host may not be unusual
• Efficient Packing; More State (endpoints, networks, policies, DNS queries, etc.)
• More of Everything!
2. Speed: Comes up in a second (many more simultaneously in a cluster)
• Automation is a MUST
• Network/Volume/Scheduling must be quick to provision
• And work at scale!
3. Layers of Orchestration: Container Layer, VM Layer, Physical Layer
• Challenges Workload Visibility: Encap in encap makes it obscure
• Makes Monitoring/Diagnostics difficult
• Reduces Performance: Processing at each layer, and encapsulation/abstraction would affect performance
• Nested and Migrating Apps
4. Stable Predictable Networking Deployment
• Components of networking, and elements should be easy and predictable to install and run
Production Readiness Networking Challenges

5. 5. Application Centric (vs. Infrastructure centric) consumption of resources
• Creating networks, volumes as applications need, and dispose them accordingly
• Must integrate with application blue-print
• Keeping it easy to consume for application
6. Shared Resources
• Needs Predictable resource acquisition/disposal => Need Ops Policies
7. Hybrid Scenarios
• Consistency, Security, Connectivity across heterogeneous workloads
• Across private/public cloud
8. Security
• Tenancy, Isolation, Compliance for network/storage/compute
9. Telemetry and Diagnostics
• Need to be real time, Must work at the scale/speed
Production Readiness Networking Challenges

6. Shared Resources
Policies for Resource
Acquisition
Hybrid Cloud
Consistent Policies For
Network
Security
Tenant Isolation
Security Policies
Telemetry /Diagnostics
Application Statistics
Data Export
Contiv’s Approach
Scale
Route and Policy
Distribution
Speed
Automated
Scale-out
Orchestration Layers
Flat Networks
Bare Metal Options
Application Centric
Integrated with App
Blueprint

7. Elements of Contiv Networking
Cluster-wide Connectivity
Truly Multi-tenant
Network Isolation
Traffic Prioritization
App-Blueprint Integration
Network Monitoring
Scalable
Physical Network Integration: { L2 | L3 | SDN-Fabric }
Micro Services Ready
Leverages NIC
IPAM, Service Discovery
Contiv
Networking
High Throughput

8. Thanks!
http://contiv.io
http://contiv.github.io/documents/tutorials/container-101.html