John Willis, profile picture
Uploaded byJohn Willis
2,589 views

Cloudstack collaboration conference Europe - SDN and Devops

The document provides an overview of a presentation on how software defined networking (SDN) could be the next frontier for DevOps. It begins with introducing SDN concepts like decoupling the control plane from the data plane. It then discusses lessons learned from DevOps and how those same principles could apply to SDN and network operations. Lastly, it envisions what an SDN and DevOps world might look like, with network operations adopting practices like infrastructure as code that have benefited systems operations.

Embed presentation

Downloaded 65 times
The Network The Next Frontier for Devops ? John Willis Director ... Devops Strategy Dell Software (Enstratius) @botchagalupe http://bit.ly/1alvup7 Friday, November 22, 13 Emphasis the ? part of the title... I have been mostly an ops dude not a netops dude...although I am not unfamiliar ... devops strategy... this is not my title... ... was CSE for Enstratius prior .. twitter .. presentation link
Overview • SDN Overview • Devops Lessons Learned • SDN and Devops Friday, November 22, 13 How many ppl know what SDN is? Ok how many wouldn’t freak out if I was to ask you to stand up and explain what SDN is? Ok.. good we will do a quick walk through of SDN and all the hype and buz and confusion... We are already in the troff and most ppl don’t even know what it is yet... Then we will talk a little history lesson... if you read the abstract you know what this about. It about tying what we did in devops for systems operations and seeing if the same rules apply ... is this a redo? Lastly, we will look at what an SDN and Devops world could look like... All the network guys are begging for this... Almost every presentation I have seen over the past 3 months from the network dudes is “we need Devops” Let’s help them..we have seen this movie before...
Elephant in the Room Friday, November 22, 13 six blind men were asked to determine what an elephant looked like by feeling different parts ...man who feels a leg is a pillar; ..tail says is like a rope ..feels the trunk says a tree branch; the ear is like a hand fan; SDN, NFV, OVS, Network overlays like VXLAN, GRE ...
Network as Code (NaC) • Software Defined Networking • Openflow • Openvswitch (OVS) • Network Overlays • Network Functions Virtulization • Linux Based Network OS Friday, November 22, 13 Network as code in some presentations.. not sure if need another abstract def to add to the primordial soup... but his point is resident... Over the next few minutes we can look at some of the enabled or forcing functions for why we might need new type of management abstractions for this mess.
SDN is the Decoupling of Control From the Data Plan http://networkstatic.net Friday, November 22, 13 SDN is the decoupling of the control plane from the data plane... physically removing... Simple brilliant idea (os shit why didn’t think of that)... Network gear has traditionally been a black box w/coupled arch D,C,M plane (explain) ... data plan is the forwarding plane Data plan has had an abstraction ... OSI Model of layering .. DP has enabled independent innovation at each level... However, the control plane has had no abstraction .. not modular not reusable ... from scratch every time... Around 2008ish Martin Casado as his PHD defined openflow and this SDN ...started Nicira... in summer 2012 1.2B from vmware Look at the right hand side... clean abstraction .. a centralized control plane decoupled from the device ... allows a clean L4-L7 abstraction. Nicira Notes: Nicira Networks was acquired by VMware for $1.26B. (7/23/12) Posted 7/23/12 at 6:14pm via techcrunch.com Nicira Networks added Alan Cohen as VP, Marketing. (10/1/11) Posted 10/21/11 at 4:42am Nicira Networks received $26M in Series C funding. (2/3/11) Posted 2/4/11 at 6:31pm via sec.gov Nicira Networks added John Vrionis as Investor. (2/1/11) Posted 9/4/12 at 9:08am
Openflow http://networkstatic.net Friday, November 22, 13 Rob Sherwood CTO at Bigswitch .. SDN is to Openflow as Web is to HTTP ... in other-words Openflow is not the only protocol but it is the most talked about... OpenFlow is not magic, just a low level primitive with momentum for FIB programming. Explain the flow table... Interesting thing this can be a device as ( a router, switch, firewall, Nat and even a Load Balancer). ... now it starts getting very interesting... The OpenFlow Switch and Controller can communicate via the OpenFlow protocol,
Openvswitch http://openvswitch.org/support/config-cookbooks/vlan-configuration-cookbook/ Friday, November 22, 13 An implementation of OpenFlow Support for VLANs, GRE tunnels and QOS User-space (controller and tools) is under the Apache license Kernel (datapath) is under the GPLv2 designed for more advanced isolation on hypervisors... mostly in cloud like infrastructures... Look at Cloud networking history... Cloud stack you had basic and OS (IPtables/Brtables) ... nova netwk you had bridge’s .. With OVS it acts like a switch on each hypervisor .. and all the ovs’ hook up to a an OVSDB management plan.. The ovs plugin is the default for Openstack and Cloudstack now.. ... also OVS allows you to create network overlays (GRE, VXLAN)
Network Overlays • GRE • STT • VXLAN http://networkstatic.net/eliminating-vlans-and-fragility-in-the-underlay-with-network-virtualization/ Friday, November 22, 13 VLAN only support 4096 ... can run out quickly... especially in cloud architectures VXLAN support 16 million .. uses multicast and unicast... VXLAN Tunnel End Point (VTEP) . creates point to point connections... it’s a higher order abstraction. GRE and STT not supported in fabric ... VXLAN multicast issue - trombone vlan v2... GRE udp STT abuses TCP.. ignores syn/ack Notes: Nicira developed the Stateless Transport Tunneling (STT) protocol for tunneling between open source software switches in the Openvswitch project.
Network Functions Virtualization • Servers • Switches • Routers • Load Balancers • Firewall Servers • Content Delivery http://networkstatic.net Friday, November 22, 13 Came out of SDN "Network Functions Virtualisation".[1] was formed under the European Telecommunications Standards Institute (ETSI). In a cloud world it get very interesting ... ... Self service infra .. workflow->catalog compnents->create cloud resources->invoke api’s for converged infra-> compute (kvm), Storage (nas), Network (SDN Nicira)
Linux Based Network OS • Juniper (JunOS) • Arista (EOS) • Cumulus • Bare Metal Switches (Big Switch & Pica8) Friday, November 22, 13 JuniperOS built XM abstractions to interface w/hidden processes - Chef/Puppet have to be compiled ...Jeremy Schulman later wrote a ruby gem called Netdev that Puppet and Chef are using... Arisata EOS - Python sysdb abstraction .. pretty much closed... . Chef/Puppet have to be compiled Cumulus - basically the first pure Network OS. No hardware... Debian .. ... install chef/puppet, apt-get install collectd.. run graphite... Google, Amazon, and Microsoft are not buying Cisco, HP hardware anymore... they are buying Asian manufacturers Quanta ........ODM Original Design Manufacturer ... Cumulus wants to be the redhat of networking .. Will we start seeing switch turnover cycle times like what we now see in servers. New switch hardware every 3 years. BMS are really disruptive in that that allow basically are wide open.. different chips different os different virtulzation... ODM Original Design Manufacturer Facebook-led Open Compute Project lends itself to ODM market Open Network Install Environment (ONIE) Cumulus - Debian Linux 7.0 Wheezy release http://perspectives.mvdirona.com/2013/06/18/ CumulusNetworksASneakPreviewOfOneOfMyFavoriteStartups.aspx
Friday, November 22, 13 This is what disruption looks like - this is in Kennesaw 5 miles from my house... much better prices if I wanted to buy in bulk ... You can create an openflow switch on your own ...
Late Breaking - Game Changer Friday, November 22, 13 Brent Salisbury quote...alternatives to Broadcom will be healthy :)
SDN Summary • A lot “software” based opportunity • Network’s are becoming more “open” • Network Virtualization is a disrupter • Openstack/Cloudstack are driving a lot of new opportunities Friday, November 22, 13
Devops Lessons Learned 10 Year Cycles • Software 1990‘s - OOP & Agile • Compute 2000‘s - Virt & IAC & Cloud • Network 2010‘s - SDN Friday, November 22, 13 Software revolution really happened in the 1990 decade.. OOP object oriented, java & C++ exploded in 90’s, ... agile XP and SCRUM ... 2001 Agile Manifesto.. Compute in 2000’s .. virtulization on fire, cloud .. ...open sources drove then hell out of compute.. starting w/linux, then middleware, then systems tools .. infrastructure as code (what I like to call Scnd Gen CFGM (cfengine was around for a while universities and web scale .. and used at amazon, facebook .. ...but Luke put a face to IAC w/puppet 2006/7ish ..the IAC revolution.... ... now with Chef.. Network... 2010 & 2011 Nicira gets things cranking... 2012 Vmware buys Nicira. SDN, Network virtualization... (as we already discussed)...
We Friday, November 22, 13 Obviously.. “we” won the war... Devops ... Devopsdays... ... I was a late arrival to the war; however, I got in when it really started to get interesting... ... I met Luke in 2007 at a OSCON..... tell the groundworks story and Luke’s session. ... The next month I got to hang out with luke at a barcamp nashville and I wrote tis blog article called Infr 2.0 .... about this consulting company in Seattle using puppet that took ilike from 400k to 6 million users in one week (all bare metal)... anyone know who that consulting comp was? ( I wrote a blog article) .. ... Then Adam wrote a blog post about me... ... I became a profit for IAC... mostly puppet until 2009 (Chef announced) What did all of us early evangelize do... (The ABC’s of Operations) First principles, Read Marcus Aurelius. Of each particular thing ask: what is it in itself? What is its nature? Abstract-->Source Control --> Unit test --> Integration test --> Behavior testing -- .. .. We told ops they needed to be more like Dev .. They needed to use abstractions for infrastructure.. CFE, Puppet, Chef .. They needed to store it in src control svn & git .. We suggested that they create unit and integration tests for this new abstraction.. .. We suggested that we should delivery continuously... .... However, most (not all) ppl looked at us like we were crazy... until... ... early 2000 sysadmin to server ratios were 1 to 100 for most companies (enterprises no IAC based) ... 80 percent in the muck 20 bus value Notes: When iLike created one of the first Facebook applications, it grew from about ½ million
What Were the Objections • Bob’s scripts • Doit 5 ... ssh’ing things • I don’t trust this thing • You don’t understand my application • You can never “ever ever ever” break my application • I am afraid I will lose my job Friday, November 22, 13 What if it does something really bad. My application will lose millions... We all know that’s bullshit... .. you don’t understand my application. if it goes down the world will end... .. we learned that accepting things breaking was a paradigm shift .. antifragile
What Changed • Commodity Infrastructure • Linux • X86 Hardware • Cloud Infrastructure • Elastic - (East - West Traffic) • Fast Provisioning/Ephemeral Friday, November 22, 13 Commodity infra... ... vendor decoupling.. instead of buying AIX and Sun you bought your own hardware and Redhat/Ubuntu ... Server hardware turnover faster... shorter cycle times (3 years) Cloud Infra ... east west ... 6 days became 6 minutes Applications started going east and west Tell the playing golf story... Even if you weren’t buying the rest of the stories... ephemeral was the kicker..
SDN and Devops http://networkstatic.net Friday, November 22, 13 Enter the Network.. redo... ... early 2013 sysadmin to switch ratios are 1 to 120 for most companies ... Sometimes 6 months to get a network change... ... 80 percent in the muck 20 bus value
What are the New Objections • Bill’s scripts • Expect scripts/ TCL • I don’t trust this thing • You don’t understand the network • Never “ever ever ever” break my network • I am afraid I will lose my job Friday, November 22, 13 Expect scripts, TCL and spreadsheets... really? You are so 1990... It’s a redo... push rewind and hit play...
Friday, November 22, 13 I’ll talk more about Brent later.. but he is the prototype for what net ops needs to look like moving forward...
Some Faces of SDN & Devops Brent Salisbury @networkstatic Jerry Schulman @nwkautomaniac Rob Sherwood @capveg Friday, November 22, 13 Brent (UK) is a commiter on ODL, is a polyglot (java, python and C), Building TDD w/mininet Jerry (Juniper) wrote netdev rubygem and wrote the Puppet module for Junos integration Rob (CTO Big Switch) Was one of Openflow boys at Stanford ... smart mofo...
Friday, November 22, 13 The Illumianti... Arjan Eriks Harm Boertien Hugo Trippaers Funs Kessen Roeland Kuipers Arjen Wolfs
Devops Fundamentals dev2ops.org Friday, November 22, 13 First and foremost.. don’t forget the devops fundamentals Culture ... first we need to be cultural anthropologist & Physiologist .. why are they different .. tribes. ..understand the tribal semantics. Deming Theory of Phycology (SoPK) Gene Kim... The Three ways of Devops... L2R - Understand flow, muda, value stream mapping, TOC -bottlenecks, global optima over local optima R2L - Adonn cord, move the pain forward Control Loop - Kiazen, Kata
What are the Opportunities • Abstraction (Network as Code) • Source Control • Polyglotism • Unit Testing • Integration Testing • Behavior Testing Friday, November 22, 13 Polyglot - roll up our selves .. ODL, a lot of open source projects... be a user and commiter.. Lint, vlans names, port standards... reject non local changes... ... cucumber for network as code? Mininet (containers) can we stub out network requests like we did with java modules Network emulation might be necessary to go deeper with testing Underlays ... fat fast and flat... L3 Overlays ... everything overlays.... The big switch guys are doing some cool stuff here. Could networking someday do dark releases, feature flags, canary releases (see Frenetic) cutting and pasting the wrong data can... NVP is now NSX (vmware)
Abstraction: Low Hanging Fruit • Interface Configuration • VLAN Creation • VLAN to Port Mapping • Link Aggregation Groups Friday, November 22, 13 Really low hanging fruit.... Keeping state of where things live... vlan bookeeping issues with overlaps....
Puppet Netdev Module Friday, November 22, 13
Chef Netdev LWRP Friday, November 22, 13
Abstraction: A Little Higher • BGP • OSPF • RIP Friday, November 22, 13
Puppet Quagga/Bird Friday, November 22, 13
Chef Quagga Cookbook Friday, November 22, 13
What’s Next ( How High Can We Go? ) • OVS/OVSDB NaC Abstractions • Openflow NaC Abstractions • VXLAN NaC Abstractions • OpenDaylight NaC • More Tooling Friday, November 22, 13 How far can we go? I don’t know Has anyone looked at Openstack network even with the simple ovs plugin? There’s a lot of crap there to me managed.... surely we can chef it up a bit... ovs ... talks to fabric if its vendor or kernel if linux (tap)
Very Interesting Friday, November 22, 13 Frenetic is an abstraction for openflow... It uses functional programming framework along with CEP to build a cool abstraction for building flow tables (predicate based) The flow table is very low level.. for example it is very hard to program a basic LB/packet forwarding/monitor app by creating low level match definitions. Frenetic create higher order abstractions as policies. Then mininet... Pyretic is a pyhton based on version of frenetic and it has a nice mininet testbed implementation built in. Networking invariants.. .. Forwarding loops ... packet blackholes Frenetic project.. a low level abstraction for openflow...
Presentation Summary • Please call bullshit • CAMS not AMS • Always the Flow - (Aim, Goal, Why) • Devops can help We’ve seen this movie before Friday, November 22, 13 Aim=Deming, Goal=Goldratt, Sinek=Why
John Willis Director, Devops Stuff Dell (Enstratius) @botchagalupe Some Images licensed under Bigstock.com Friday, November 22, 13
KaChing Operations Software Development InfoSec Networking Friday, November 22, 13 Aim=Deming, Goal=Goldratt, Sinek=Why

More Related Content

PDF
Introduction to FreeBSD 7.0
bysim303
 
PDF
Dynamic Languages in Production: Progress and Open Challenges
bybcantrill
 
PDF
Introduction to Docker and deployment and Azure
byJérôme Petazzoni
 
PDF
DTrace in the Non-global Zone
bybcantrill
 
PDF
Run containers on bare metal already!
bybcantrill
 
PDF
44CON 2013 - Browser bug hunting - Memoirs of a last man standing - Atte Kett...
by44CON
 
PPT
01 intro
byThe World of Smalltalk
 
PDF
Why it’s (past) time to run containers on bare metal
bybcantrill
 
Introduction to FreeBSD 7.0
bysim303
 
Dynamic Languages in Production: Progress and Open Challenges
bybcantrill
 
Introduction to Docker and deployment and Azure
byJérôme Petazzoni
 
DTrace in the Non-global Zone
bybcantrill
 
Run containers on bare metal already!
bybcantrill
 
44CON 2013 - Browser bug hunting - Memoirs of a last man standing - Atte Kett...
by44CON
 
01 intro
byThe World of Smalltalk
 
Why it’s (past) time to run containers on bare metal
bybcantrill
 

What's hot

PDF
The Peril and Promise of Early Adoption: Arriving 10 Years Early to Containers
bybcantrill
 
PDF
Ben yehuda
byUmesh Deshpande
 
PDF
Docker, Linux Containers, and Security: Does It Add Up?
byJérôme Petazzoni
 
PDF
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
byJérôme Petazzoni
 
PPT
2 - OOP
byThe World of Smalltalk
 
PDF
LXC, Docker, security: is it safe to run applications in Linux Containers?
byJérôme Petazzoni
 
PDF
Namespaces in Linux
byLubomir Rintel
 
PDF
Smalltalk In a Nutshell
byMichele Lanza
 
PDF
110864103 adventures-in-bug-hunting
bybob dobbs
 
PDF
Containers, docker, and security: state of the union (Bay Area Infracoders Me...
byJérôme Petazzoni
 
PDF
Docker on Mesos With OpenVNet (eng)
byskipping classes
 
PDF
Linux distribution for the cloud
byPeter Eisentraut
 
PDF
Portable TeX Documents (PTD): PackagingCon 2021
byJonathan Fine
 
PDF
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
byJérôme Petazzoni
 
PDF
FreeBSD: The Next 10 Years (MeetBSD 2014)
byiXsystems
 
PDF
Introduction to Docker, December 2014 "Tour de France" Edition
byJérôme Petazzoni
 
PDF
OCaml Labs introduction at OCaml Consortium 2012
byAnil Madhavapeddy
 
PDF
The Container Revolution: Reflections after the first decade
bybcantrill
 
PDF
Securing OpenStack and Beyond with Ansible
byMajor Hayden
 
PDF
LXC, Docker, and the future of software delivery | LinuxCon 2013
bydotCloud
 
The Peril and Promise of Early Adoption: Arriving 10 Years Early to Containers
bybcantrill
 
Ben yehuda
byUmesh Deshpande
 
Docker, Linux Containers, and Security: Does It Add Up?
byJérôme Petazzoni
 
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
byJérôme Petazzoni
 
2 - OOP
byThe World of Smalltalk
 
LXC, Docker, security: is it safe to run applications in Linux Containers?
byJérôme Petazzoni
 
Namespaces in Linux
byLubomir Rintel
 
Smalltalk In a Nutshell
byMichele Lanza
 
110864103 adventures-in-bug-hunting
bybob dobbs
 
Containers, docker, and security: state of the union (Bay Area Infracoders Me...
byJérôme Petazzoni
 
Docker on Mesos With OpenVNet (eng)
byskipping classes
 
Linux distribution for the cloud
byPeter Eisentraut
 
Portable TeX Documents (PTD): PackagingCon 2021
byJonathan Fine
 
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
byJérôme Petazzoni
 
FreeBSD: The Next 10 Years (MeetBSD 2014)
byiXsystems
 
Introduction to Docker, December 2014 "Tour de France" Edition
byJérôme Petazzoni
 
OCaml Labs introduction at OCaml Consortium 2012
byAnil Madhavapeddy
 
The Container Revolution: Reflections after the first decade
bybcantrill
 
Securing OpenStack and Beyond with Ansible
byMajor Hayden
 
LXC, Docker, and the future of software delivery | LinuxCon 2013
bydotCloud
 

Viewers also liked

PDF
Operations is a Strategic Weapon
byJohn Willis
 
PDF
Operations as a Strategic Weapon (Part 2)
byJohn Willis
 
PDF
Operations as a Strategic Weapon
byJohn Willis
 
PDF
Introduction to Clouds (Cloud Camp Columbus)
byJohn Willis
 
PDF
A Cloud Outage Under the Lens of “Profound Knowledge”
byJohn Willis
 
PDF
Devops
byGareth Rushgrove
 
PDF
Opscode Lightning Talk - Operations as Code
byJohn Willis
 
Operations is a Strategic Weapon
byJohn Willis
 
Operations as a Strategic Weapon (Part 2)
byJohn Willis
 
Operations as a Strategic Weapon
byJohn Willis
 
Introduction to Clouds (Cloud Camp Columbus)
byJohn Willis
 
A Cloud Outage Under the Lens of “Profound Knowledge”
byJohn Willis
 
Devops
byGareth Rushgrove
 
Opscode Lightning Talk - Operations as Code
byJohn Willis
 

Similar to Cloudstack collaboration conference Europe - SDN and Devops

PDF
The Network The Next Frontier for Devops ?
byJohn Willis
 
PDF
SDN & NFV Introduction - Open Source Data Center Networking
byThomas Graf
 
PDF
Network Virtualization & Software-defined Networking
byDigicomp Academy AG
 
PPTX
OpenStack and the Transformation of the Data Center - Lew Tucker
byLew Tucker
 
PPTX
SDN: Network Agility in the Cloud
bySebastien Goasguen
 
PDF
Devopsdays State of the Union Amsterdam 2014
byJohn Willis
 
PPTX
Cloud, SDN, NFV
byIgor D.C.
 
PPTX
Dave Chandler Presents SDN at World Wide Technology's TECday - St. Louis
byWorld Wide Technology
 
PPTX
A Networking View for the DevOps Crew: SDN
byJeremy Schulman
 
PDF
Sdn primer pdf
byPooja Patel
 
PDF
A Deeper Look at Network Virtualization
byScott Lowe
 
PDF
10 sdn-vir-6up
bySachin Siddappa
 
PDF
[OpenStack Day in Korea 2015] Track 3-6 - Archiectural Overview of the Open S...
byOpenStack Korea Community
 
PPTX
SDN and NFV Friends or Enemies ?
byKedar Raval
 
PPTX
Know about SDN and NFV
byKedar Raval
 
PDF
From Nova-Network to Neutron and Beyond: A Look at OpenStack Networking
byCynthia Thomas
 
PPTX
Midokura OpenStack Meetup Taipei
byDan Mihai Dumitriu
 
PDF
Open stack networking_101_part-1
byyfauser
 
PPTX
2016 open-source-network-softwarization
byChristian Esteve Rothenberg
 
PPTX
2016 open-source-network-softwarization
byChristian Esteve Rothenberg
 
The Network The Next Frontier for Devops ?
byJohn Willis
 
SDN & NFV Introduction - Open Source Data Center Networking
byThomas Graf
 
Network Virtualization & Software-defined Networking
byDigicomp Academy AG
 
OpenStack and the Transformation of the Data Center - Lew Tucker
byLew Tucker
 
SDN: Network Agility in the Cloud
bySebastien Goasguen
 
Devopsdays State of the Union Amsterdam 2014
byJohn Willis
 
Cloud, SDN, NFV
byIgor D.C.
 
Dave Chandler Presents SDN at World Wide Technology's TECday - St. Louis
byWorld Wide Technology
 
A Networking View for the DevOps Crew: SDN
byJeremy Schulman
 
Sdn primer pdf
byPooja Patel
 
A Deeper Look at Network Virtualization
byScott Lowe
 
10 sdn-vir-6up
bySachin Siddappa
 
[OpenStack Day in Korea 2015] Track 3-6 - Archiectural Overview of the Open S...
byOpenStack Korea Community
 
SDN and NFV Friends or Enemies ?
byKedar Raval
 
Know about SDN and NFV
byKedar Raval
 
From Nova-Network to Neutron and Beyond: A Look at OpenStack Networking
byCynthia Thomas
 
Midokura OpenStack Meetup Taipei
byDan Mihai Dumitriu
 
Open stack networking_101_part-1
byyfauser
 
2016 open-source-network-softwarization
byChristian Esteve Rothenberg
 
2016 open-source-network-softwarization
byChristian Esteve Rothenberg
 

More from John Willis

PDF
Automated Governance
byJohn Willis
 
PDF
Devops Long Strange Trip
byJohn Willis
 
PDF
I Got 99 Problems and a Bash DSL Ain't One of Them
byJohn Willis
 
PDF
Math is cool
byJohn Willis
 
PDF
The 7 deadly diseases of DevOps 2019
byJohn Willis
 
PDF
Next Generation Infrastructure - Devops Enterprise Summit 2018
byJohn Willis
 
PDF
swampUP - 2018 - The Divine and Felonious Nature of Cyber Security
byJohn Willis
 
PDF
Divine and felonios cyber security devopsdays austin 2018
byJohn Willis
 
PDF
Devops - A Long Strange Trip It's Been
byJohn Willis
 
PDF
DevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's Been
byJohn Willis
 
PDF
You build it - Cyber Chicago Keynote
byJohn Willis
 
PDF
Art of the Possible - Serverless Conference NYC 2017
byJohn Willis
 
PDF
Why Executives Can't Change
byJohn Willis
 
PDF
Devops Kaizen - DevopsDays Dallas 2017
byJohn Willis
 
PDF
Evolve 2017 - Vegas - Devops, Docker and Security
byJohn Willis
 
PDF
Alibaba Cloud Conference 2016 - Docker Open Source
byJohn Willis
 
PDF
Alibaba Cloud Conference 2016 - Docker Enterprise
byJohn Willis
 
PDF
Breaking Bad Equilibrium - Devops Connect 2017 RSAC
byJohn Willis
 
PDF
Breaking Bad Equilibrium - Devops Connect 2016 LA
byJohn Willis
 
PDF
All daydevops 2016 - Turning Human Capital into High Performance Organizati...
byJohn Willis
 
Automated Governance
byJohn Willis
 
Devops Long Strange Trip
byJohn Willis
 
I Got 99 Problems and a Bash DSL Ain't One of Them
byJohn Willis
 
Math is cool
byJohn Willis
 
The 7 deadly diseases of DevOps 2019
byJohn Willis
 
Next Generation Infrastructure - Devops Enterprise Summit 2018
byJohn Willis
 
swampUP - 2018 - The Divine and Felonious Nature of Cyber Security
byJohn Willis
 
Divine and felonios cyber security devopsdays austin 2018
byJohn Willis
 
Devops - A Long Strange Trip It's Been
byJohn Willis
 
DevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's Been
byJohn Willis
 
You build it - Cyber Chicago Keynote
byJohn Willis
 
Art of the Possible - Serverless Conference NYC 2017
byJohn Willis
 
Why Executives Can't Change
byJohn Willis
 
Devops Kaizen - DevopsDays Dallas 2017
byJohn Willis
 
Evolve 2017 - Vegas - Devops, Docker and Security
byJohn Willis
 
Alibaba Cloud Conference 2016 - Docker Open Source
byJohn Willis
 
Alibaba Cloud Conference 2016 - Docker Enterprise
byJohn Willis
 
Breaking Bad Equilibrium - Devops Connect 2017 RSAC
byJohn Willis
 
Breaking Bad Equilibrium - Devops Connect 2016 LA
byJohn Willis
 
All daydevops 2016 - Turning Human Capital into High Performance Organizati...
byJohn Willis
 

Recently uploaded

PDF
From Hallucinations to High-Confidence AI with Data Enrichment.pdf
byPrecisely
 
PPTX
Microsoft Azure News - February 2026 - BAUG
byDaniel Toomey
 
PDF
Session 1/5: Enhancing Automation with Screenplay & Business Rules
bysuhanisingh58689
 
PDF
Security-Fails-in-the-Gaps-Between-Systems.pptx.pdf
byOhhproJunction
 
PPTX
Celonis Optimizing your future with process
bydevjeremyappleyard
 
PPTX
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
PDF
GDG Cloud Southlake #49: Pradeep R Kumar: Implications of Agentic AI for Iden...
byJames Anderson
 
PDF
final.pdf
byomarbishtawi04
 
PDF
UiPath Modern Automation Playbook -Session 2
bysuhanisingh58689
 
PDF
Digital Twin in IBM for Accelerated Discovery of Climate & Sustainability, K...
byMichiaki Tatsubori
 
PDF
NTG -Company Profile_Software_Vendor_Company_in_MENA
byMustafa Kuğu
 
PPTX
GenerationAI Paris 2025 | AI in Tech: Beyond Expectations, Into Execution
byapidays
 
PDF
HOW TO OVERCOME THE THREATS OF ARTIFICIAL INTELLIGENCE AGAINST HUMANITY.pdf
byFaga1939
 
PPTX
apidays Paris 2025 | Building Agentic Workflows
byapidays
 
PDF
From Artificial Intelligence to African Intelligence: Transforming Research &...
byMoses Kemibaro
 
PPTX
CTO Strategy OS 2026: The Tech, AI & Cloud Playbook Boards Want
byridwansassman
 
PPTX
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
PDF
Agent to agent service discovery using HashiCorp Consul and Vault
byBram Vogelaar
 
PPTX
Do You Control the AI, or Does the AI Control You?
bymedhateltoukhy
 
PDF
Explaining the flow of purpose-specific BOM
byakipii ogaoga
 
From Hallucinations to High-Confidence AI with Data Enrichment.pdf
byPrecisely
 
Microsoft Azure News - February 2026 - BAUG
byDaniel Toomey
 
Session 1/5: Enhancing Automation with Screenplay & Business Rules
bysuhanisingh58689
 
Security-Fails-in-the-Gaps-Between-Systems.pptx.pdf
byOhhproJunction
 
Celonis Optimizing your future with process
bydevjeremyappleyard
 
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
GDG Cloud Southlake #49: Pradeep R Kumar: Implications of Agentic AI for Iden...
byJames Anderson
 
final.pdf
byomarbishtawi04
 
UiPath Modern Automation Playbook -Session 2
bysuhanisingh58689
 
Digital Twin in IBM for Accelerated Discovery of Climate & Sustainability, K...
byMichiaki Tatsubori
 
NTG -Company Profile_Software_Vendor_Company_in_MENA
byMustafa Kuğu
 
GenerationAI Paris 2025 | AI in Tech: Beyond Expectations, Into Execution
byapidays
 
HOW TO OVERCOME THE THREATS OF ARTIFICIAL INTELLIGENCE AGAINST HUMANITY.pdf
byFaga1939
 
apidays Paris 2025 | Building Agentic Workflows
byapidays
 
From Artificial Intelligence to African Intelligence: Transforming Research &...
byMoses Kemibaro
 
CTO Strategy OS 2026: The Tech, AI & Cloud Playbook Boards Want
byridwansassman
 
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
Agent to agent service discovery using HashiCorp Consul and Vault
byBram Vogelaar
 
Do You Control the AI, or Does the AI Control You?
bymedhateltoukhy
 
Explaining the flow of purpose-specific BOM
byakipii ogaoga
 

Cloudstack collaboration conference Europe - SDN and Devops

  • 1.
    The Network The NextFrontier for Devops ? John Willis Director ... Devops Strategy Dell Software (Enstratius) @botchagalupe http://bit.ly/1alvup7 Friday, November 22, 13 Emphasis the ? part of the title... I have been mostly an ops dude not a netops dude...although I am not unfamiliar ... devops strategy... this is not my title... ... was CSE for Enstratius prior .. twitter .. presentation link
  • 2.
    Overview • SDN Overview •Devops Lessons Learned • SDN and Devops Friday, November 22, 13 How many ppl know what SDN is? Ok how many wouldn’t freak out if I was to ask you to stand up and explain what SDN is? Ok.. good we will do a quick walk through of SDN and all the hype and buz and confusion... We are already in the troff and most ppl don’t even know what it is yet... Then we will talk a little history lesson... if you read the abstract you know what this about. It about tying what we did in devops for systems operations and seeing if the same rules apply ... is this a redo? Lastly, we will look at what an SDN and Devops world could look like... All the network guys are begging for this... Almost every presentation I have seen over the past 3 months from the network dudes is “we need Devops” Let’s help them..we have seen this movie before...
  • 3.
    Elephant in theRoom Friday, November 22, 13 six blind men were asked to determine what an elephant looked like by feeling different parts ...man who feels a leg is a pillar; ..tail says is like a rope ..feels the trunk says a tree branch; the ear is like a hand fan; SDN, NFV, OVS, Network overlays like VXLAN, GRE ...
  • 4.
    Network as Code (NaC) •Software Defined Networking • Openflow • Openvswitch (OVS) • Network Overlays • Network Functions Virtulization • Linux Based Network OS Friday, November 22, 13 Network as code in some presentations.. not sure if need another abstract def to add to the primordial soup... but his point is resident... Over the next few minutes we can look at some of the enabled or forcing functions for why we might need new type of management abstractions for this mess.
  • 5.
    SDN is theDecoupling of Control From the Data Plan http://networkstatic.net Friday, November 22, 13 SDN is the decoupling of the control plane from the data plane... physically removing... Simple brilliant idea (os shit why didn’t think of that)... Network gear has traditionally been a black box w/coupled arch D,C,M plane (explain) ... data plan is the forwarding plane Data plan has had an abstraction ... OSI Model of layering .. DP has enabled independent innovation at each level... However, the control plane has had no abstraction .. not modular not reusable ... from scratch every time... Around 2008ish Martin Casado as his PHD defined openflow and this SDN ...started Nicira... in summer 2012 1.2B from vmware Look at the right hand side... clean abstraction .. a centralized control plane decoupled from the device ... allows a clean L4-L7 abstraction. Nicira Notes: Nicira Networks was acquired by VMware for $1.26B. (7/23/12) Posted 7/23/12 at 6:14pm via techcrunch.com Nicira Networks added Alan Cohen as VP, Marketing. (10/1/11) Posted 10/21/11 at 4:42am Nicira Networks received $26M in Series C funding. (2/3/11) Posted 2/4/11 at 6:31pm via sec.gov Nicira Networks added John Vrionis as Investor. (2/1/11) Posted 9/4/12 at 9:08am
  • 6.
    Openflow http://networkstatic.net Friday, November 22,13 Rob Sherwood CTO at Bigswitch .. SDN is to Openflow as Web is to HTTP ... in other-words Openflow is not the only protocol but it is the most talked about... OpenFlow is not magic, just a low level primitive with momentum for FIB programming. Explain the flow table... Interesting thing this can be a device as ( a router, switch, firewall, Nat and even a Load Balancer). ... now it starts getting very interesting... The OpenFlow Switch and Controller can communicate via the OpenFlow protocol,
  • 7.
    Openvswitch http://openvswitch.org/support/config-cookbooks/vlan-configuration-cookbook/ Friday, November 22,13 An implementation of OpenFlow Support for VLANs, GRE tunnels and QOS User-space (controller and tools) is under the Apache license Kernel (datapath) is under the GPLv2 designed for more advanced isolation on hypervisors... mostly in cloud like infrastructures... Look at Cloud networking history... Cloud stack you had basic and OS (IPtables/Brtables) ... nova netwk you had bridge’s .. With OVS it acts like a switch on each hypervisor .. and all the ovs’ hook up to a an OVSDB management plan.. The ovs plugin is the default for Openstack and Cloudstack now.. ... also OVS allows you to create network overlays (GRE, VXLAN)
  • 8.
    Network Overlays • GRE •STT • VXLAN http://networkstatic.net/eliminating-vlans-and-fragility-in-the-underlay-with-network-virtualization/ Friday, November 22, 13 VLAN only support 4096 ... can run out quickly... especially in cloud architectures VXLAN support 16 million .. uses multicast and unicast... VXLAN Tunnel End Point (VTEP) . creates point to point connections... it’s a higher order abstraction. GRE and STT not supported in fabric ... VXLAN multicast issue - trombone vlan v2... GRE udp STT abuses TCP.. ignores syn/ack Notes: Nicira developed the Stateless Transport Tunneling (STT) protocol for tunneling between open source software switches in the Openvswitch project.
  • 9.
    Network Functions Virtualization • Servers •Switches • Routers • Load Balancers • Firewall Servers • Content Delivery http://networkstatic.net Friday, November 22, 13 Came out of SDN "Network Functions Virtualisation".[1] was formed under the European Telecommunications Standards Institute (ETSI). In a cloud world it get very interesting ... ... Self service infra .. workflow->catalog compnents->create cloud resources->invoke api’s for converged infra-> compute (kvm), Storage (nas), Network (SDN Nicira)
  • 10.
    Linux Based NetworkOS • Juniper (JunOS) • Arista (EOS) • Cumulus • Bare Metal Switches (Big Switch & Pica8) Friday, November 22, 13 JuniperOS built XM abstractions to interface w/hidden processes - Chef/Puppet have to be compiled ...Jeremy Schulman later wrote a ruby gem called Netdev that Puppet and Chef are using... Arisata EOS - Python sysdb abstraction .. pretty much closed... . Chef/Puppet have to be compiled Cumulus - basically the first pure Network OS. No hardware... Debian .. ... install chef/puppet, apt-get install collectd.. run graphite... Google, Amazon, and Microsoft are not buying Cisco, HP hardware anymore... they are buying Asian manufacturers Quanta ........ODM Original Design Manufacturer ... Cumulus wants to be the redhat of networking .. Will we start seeing switch turnover cycle times like what we now see in servers. New switch hardware every 3 years. BMS are really disruptive in that that allow basically are wide open.. different chips different os different virtulzation... ODM Original Design Manufacturer Facebook-led Open Compute Project lends itself to ODM market Open Network Install Environment (ONIE) Cumulus - Debian Linux 7.0 Wheezy release http://perspectives.mvdirona.com/2013/06/18/ CumulusNetworksASneakPreviewOfOneOfMyFavoriteStartups.aspx
  • 11.
    Friday, November 22,13 This is what disruption looks like - this is in Kennesaw 5 miles from my house... much better prices if I wanted to buy in bulk ... You can create an openflow switch on your own ...
  • 12.
    Late Breaking -Game Changer Friday, November 22, 13 Brent Salisbury quote...alternatives to Broadcom will be healthy :)
  • 13.
    SDN Summary • Alot “software” based opportunity • Network’s are becoming more “open” • Network Virtualization is a disrupter • Openstack/Cloudstack are driving a lot of new opportunities Friday, November 22, 13
  • 14.
    Devops Lessons Learned 10Year Cycles • Software 1990‘s - OOP & Agile • Compute 2000‘s - Virt & IAC & Cloud • Network 2010‘s - SDN Friday, November 22, 13 Software revolution really happened in the 1990 decade.. OOP object oriented, java & C++ exploded in 90’s, ... agile XP and SCRUM ... 2001 Agile Manifesto.. Compute in 2000’s .. virtulization on fire, cloud .. ...open sources drove then hell out of compute.. starting w/linux, then middleware, then systems tools .. infrastructure as code (what I like to call Scnd Gen CFGM (cfengine was around for a while universities and web scale .. and used at amazon, facebook .. ...but Luke put a face to IAC w/puppet 2006/7ish ..the IAC revolution.... ... now with Chef.. Network... 2010 & 2011 Nicira gets things cranking... 2012 Vmware buys Nicira. SDN, Network virtualization... (as we already discussed)...
  • 15.
    We Friday, November 22,13 Obviously.. “we” won the war... Devops ... Devopsdays... ... I was a late arrival to the war; however, I got in when it really started to get interesting... ... I met Luke in 2007 at a OSCON..... tell the groundworks story and Luke’s session. ... The next month I got to hang out with luke at a barcamp nashville and I wrote tis blog article called Infr 2.0 .... about this consulting company in Seattle using puppet that took ilike from 400k to 6 million users in one week (all bare metal)... anyone know who that consulting comp was? ( I wrote a blog article) .. ... Then Adam wrote a blog post about me... ... I became a profit for IAC... mostly puppet until 2009 (Chef announced) What did all of us early evangelize do... (The ABC’s of Operations) First principles, Read Marcus Aurelius. Of each particular thing ask: what is it in itself? What is its nature? Abstract-->Source Control --> Unit test --> Integration test --> Behavior testing -- .. .. We told ops they needed to be more like Dev .. They needed to use abstractions for infrastructure.. CFE, Puppet, Chef .. They needed to store it in src control svn & git .. We suggested that they create unit and integration tests for this new abstraction.. .. We suggested that we should delivery continuously... .... However, most (not all) ppl looked at us like we were crazy... until... ... early 2000 sysadmin to server ratios were 1 to 100 for most companies (enterprises no IAC based) ... 80 percent in the muck 20 bus value Notes: When iLike created one of the first Facebook applications, it grew from about ½ million
  • 16.
    What Were the Objections •Bob’s scripts • Doit 5 ... ssh’ing things • I don’t trust this thing • You don’t understand my application • You can never “ever ever ever” break my application • I am afraid I will lose my job Friday, November 22, 13 What if it does something really bad. My application will lose millions... We all know that’s bullshit... .. you don’t understand my application. if it goes down the world will end... .. we learned that accepting things breaking was a paradigm shift .. antifragile
  • 17.
    What Changed • CommodityInfrastructure • Linux • X86 Hardware • Cloud Infrastructure • Elastic - (East - West Traffic) • Fast Provisioning/Ephemeral Friday, November 22, 13 Commodity infra... ... vendor decoupling.. instead of buying AIX and Sun you bought your own hardware and Redhat/Ubuntu ... Server hardware turnover faster... shorter cycle times (3 years) Cloud Infra ... east west ... 6 days became 6 minutes Applications started going east and west Tell the playing golf story... Even if you weren’t buying the rest of the stories... ephemeral was the kicker..
  • 18.
    SDN and Devops http://networkstatic.net Friday,November 22, 13 Enter the Network.. redo... ... early 2013 sysadmin to switch ratios are 1 to 120 for most companies ... Sometimes 6 months to get a network change... ... 80 percent in the muck 20 bus value
  • 19.
    What are theNew Objections • Bill’s scripts • Expect scripts/ TCL • I don’t trust this thing • You don’t understand the network • Never “ever ever ever” break my network • I am afraid I will lose my job Friday, November 22, 13 Expect scripts, TCL and spreadsheets... really? You are so 1990... It’s a redo... push rewind and hit play...
  • 20.
    Friday, November 22,13 I’ll talk more about Brent later.. but he is the prototype for what net ops needs to look like moving forward...
  • 21.
    Some Faces of SDN& Devops Brent Salisbury @networkstatic Jerry Schulman @nwkautomaniac Rob Sherwood @capveg Friday, November 22, 13 Brent (UK) is a commiter on ODL, is a polyglot (java, python and C), Building TDD w/mininet Jerry (Juniper) wrote netdev rubygem and wrote the Puppet module for Junos integration Rob (CTO Big Switch) Was one of Openflow boys at Stanford ... smart mofo...
  • 22.
    Friday, November 22,13 The Illumianti... Arjan Eriks Harm Boertien Hugo Trippaers Funs Kessen Roeland Kuipers Arjen Wolfs
  • 23.
    Devops Fundamentals dev2ops.org Friday, November22, 13 First and foremost.. don’t forget the devops fundamentals Culture ... first we need to be cultural anthropologist & Physiologist .. why are they different .. tribes. ..understand the tribal semantics. Deming Theory of Phycology (SoPK) Gene Kim... The Three ways of Devops... L2R - Understand flow, muda, value stream mapping, TOC -bottlenecks, global optima over local optima R2L - Adonn cord, move the pain forward Control Loop - Kiazen, Kata
  • 24.
    What are the Opportunities •Abstraction (Network as Code) • Source Control • Polyglotism • Unit Testing • Integration Testing • Behavior Testing Friday, November 22, 13 Polyglot - roll up our selves .. ODL, a lot of open source projects... be a user and commiter.. Lint, vlans names, port standards... reject non local changes... ... cucumber for network as code? Mininet (containers) can we stub out network requests like we did with java modules Network emulation might be necessary to go deeper with testing Underlays ... fat fast and flat... L3 Overlays ... everything overlays.... The big switch guys are doing some cool stuff here. Could networking someday do dark releases, feature flags, canary releases (see Frenetic) cutting and pasting the wrong data can... NVP is now NSX (vmware)
  • 25.
    Abstraction: Low Hanging Fruit •Interface Configuration • VLAN Creation • VLAN to Port Mapping • Link Aggregation Groups Friday, November 22, 13 Really low hanging fruit.... Keeping state of where things live... vlan bookeeping issues with overlaps....
  • 26.
  • 27.
    Chef Netdev LWRP Friday,November 22, 13
  • 28.
    Abstraction: A Little Higher •BGP • OSPF • RIP Friday, November 22, 13
  • 29.
  • 30.
  • 31.
    What’s Next ( HowHigh Can We Go? ) • OVS/OVSDB NaC Abstractions • Openflow NaC Abstractions • VXLAN NaC Abstractions • OpenDaylight NaC • More Tooling Friday, November 22, 13 How far can we go? I don’t know Has anyone looked at Openstack network even with the simple ovs plugin? There’s a lot of crap there to me managed.... surely we can chef it up a bit... ovs ... talks to fabric if its vendor or kernel if linux (tap)
  • 32.
    Very Interesting Friday, November22, 13 Frenetic is an abstraction for openflow... It uses functional programming framework along with CEP to build a cool abstraction for building flow tables (predicate based) The flow table is very low level.. for example it is very hard to program a basic LB/packet forwarding/monitor app by creating low level match definitions. Frenetic create higher order abstractions as policies. Then mininet... Pyretic is a pyhton based on version of frenetic and it has a nice mininet testbed implementation built in. Networking invariants.. .. Forwarding loops ... packet blackholes Frenetic project.. a low level abstraction for openflow...
  • 33.
    Presentation Summary • Pleasecall bullshit • CAMS not AMS • Always the Flow - (Aim, Goal, Why) • Devops can help We’ve seen this movie before Friday, November 22, 13 Aim=Deming, Goal=Goldratt, Sinek=Why
  • 34.
    John Willis Director, DevopsStuff Dell (Enstratius) @botchagalupe Some Images licensed under Bigstock.com Friday, November 22, 13
  • 35.