Vyatta cloud expo-sjc_2012-share


Published on

Scott Sneddon of Vyatta - Cloud Expo 2012 Presentation. The SDN (R)evolution and How it Enables a DevOps for NetOps Movement

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Vyatta cloud expo-sjc_2012-share

  1. 1. EMPOWERING SDNSOFTWARE-BASED NETWORKING & SECURITY FROM VYATTA Cloud Expo Santa Clara - 2012 Scott Sneddon Chief Solutions Architect @ssneddon
  2. 2. Who is Vyatta? Leader in software-based networking Founded in 2006 on the belief that the future of networking will be in software
  3. 3. Vyatta is… Router Firewall VPN OSPF, BGP Stateful, NAT IPSec, SSL
  4. 4. Vyatta is… Software-based Networking CLI, API, GUI
  5. 5. Vyatta is… Software-based Networking CLI, API, GUIRemote Access API•  Programmable•  RESTful•  Full Control
  6. 6. Flexible Deployment CLI, API, GUI CLI, API, GUI OR Hypervisor   x86  Server  
  7. 7. Many UsesData Center Cloud Remote Office Security Multi-tenancy Consolidation Remote accessTraffic Optimization Cost Reduction Multi-tenancy
  8. 8. Let’s talk about SDN
  9. 9. What is SDN?“…programmable networks (or more precisely,network elements that can be configured througha reasonable and documented API)…” – Ivan Pepelnjak, ipSpace.net“Software Defined Networking (SDN) is anemerging network architecture where networkcontrol is decoupled from forwarding and isdirectly programmable…” – Open Networking Foundation
  10. 10. What SDN isn’t…We  s0ll  need  smart  network  design.  Maybe  smarter  then  we  did  before.   There’s  more  to  it  then  just  OpenFlow.  
  11. 11. So, SDN is all about…•  Network Programmability –  API interaction with network elements•  Separation of Control Plane and Forwarding Plane –  Infrastructure Agnostic –  Forwarding Plane can be Software or Hardware•  Integration with higher-order Orchestration platforms –  OpenStack, CloudStack, vCloud Director
  12. 12. Traditional Network Control   Control   Forwarding   Forwarding   Control   Control   Forwarding   Forwarding   Control   Control   Forwarding   Forwarding  
  13. 13. Basic SDN Control   Forwarding   Forwarding   Forwarding   Forwarding   Forwarding   Forwarding  
  14. 14. Ecosystem is complex and still emerging vCenter   Systems  view   “NORTHBOUND  API”   Router  Control   Security  Control  Network  control   VXLAN   NVGRE   OpenFlow   SNMP   Switching   Compute   VM   VM   VM   VM   Servers   and  storage   VM   VM   VM   VM   VM   VM  
  15. 15. How is SDN used today?•  Carrier-grade OpenFlow –  WAN Programmability/OpenFlow “paths”•  Datacenter Network Virtualization –  Overlay networks •  Tunnels – VXLAN, STT, GRE •  Solves VLAN exhaustion & L2 extensibility –  Programmability of L2 segments – OpenFlow –  Cloud infrastructure •  Per-tenant network segments & security
  16. 16. SDN Target Use Cases For BrocadeDC  Network  Virtualiza0on   WAN  Network  Virtualiza0on   Applica0on  Delivery   SDN  Cloud  Gateway   DC  Virtualiza0on   WAN  Virtualiza0on   SDN  Orchestra0on  &   ADP  APP  &  SDN  Controller   App  &  SDN  Controller   App  &  SDN  Controller   SDN  Controller   WAN   VM   VM   VM   VM   VM   VM   VM VM VM PHY PHY Customer 1 PHY   PHY   PHY   PHY  VM VM VM ADC   VM VM VM Customer 2 PHY PHY PHY PHY L2/L3VPN WAN DC 1 10/100G WAN DC 2 Customer 3 Customer 2 DC Network Fabric Customer 1 Data Center Data Center Network  Analy0cs   Services  Crea0on  &  Inser0on   Packet-­‐Op0cal  Integra0on     Services  Inser0on   Packet-­‐Op0cal    Integra0on   Network  Analy0cs   ?   App  &  SDN  Controller   APP  &    SDN  Controller   App  &  SDN  Controller   Cloud  Orchestra0on   Production DC1  SDN   OTN   DC2  SDN   10/100G WAN ADC   FW   Cache   DC 1 Optical DC 2 Analytics Tool  1   Network AAA   MPLS/IP   Tool  2   Tool  3   ©  2012  Brocade  Communica0ons  Systems,  Inc.  Proprietary  Informa0on  
  17. 17. Why are SDNs important?•  Datacenter network topologies are changing (or they need to change) –  Server Density –  Changes in traffic flows –  Capital cost of infrastructure needs to decrease –  NetOps needs to keep pace with DevOps•  It’s about the apps… –  DevOps movement and application development velocity We haven’t removed the need for segmentation and security We haven’t removed the need for network engineering
  18. 18. DevOps?•  “Devops  is  a  sobware  development  method  that  stresses  communica0on,   collabora0on  and  integra0on  between  sobware  developers  and  informa0on   technology  (IT)  professionals”       -­‐  hep://en.wikipedia.org/wiki/DevOps  •  “…these  opera5onally  aware  engineering  teams  and  engineering-­‐aware   opera5onal  teams  must  have  buy  in  at  the  top  because  people  who  code  generally   cost  more,  so  hiring  opera0onal  team  members  who  code  require  a  bigger  budget.”      –  Pedro  Canahua0,  Facebook  (hep://gigaom.com/cloud/how-­‐facebook-­‐ solves-­‐the-­‐it-­‐culture-­‐wars-­‐and-­‐scales-­‐its-­‐site/)    
  19. 19. “Data center networks are in my way” -  2009, James Hamilton, VP/DE Amazon Web Services
  20. 20. DevOps for NetOpsBuild  a  VLAN  and  subnet  on  a  Juniper…   Build  a  VLAN  and  subnet  on  a  Brocade…  interfaces  {   vlan  4  name  customer_a      ge-­‐0/0/9  {    untagged  ethe  1/4                  descrip0on  ”customer  a";    router-­‐interface  ve  4                  unit  0  {   interface  ve  4                          family  ethernet-­‐switching  {    ip  address                                  port-­‐mode  access;                                    vlan  {                                          members  vlan4;                                  }                          }                  }          }    vlan  {                  unit  4  {                          family  inet  {                                  address;   Not  bad,  but  it  could  be  beeer                          }                  }  }  vlans  {    vlan4  {                  l3-­‐interface  vlan.4;          }  }  
  21. 21. DevOps for NetOpsBuild  a  network  (VLAN  and  subnet)  in  OpenStack  Quantum   quantum  net-­‐create  net1   quantum  subnet-­‐create  net1  
  22. 22. How does NetOps get there?•  Knock down organizational boundaries•  Expand our knowledge base as network engineers –  Augment that CCIE with a little Python•  Look beyond plumbing –  Think “Network as a Service”•  Better operational models for repetitive tasks –  API’s to present auto-provisioned services (with constraints) to your customers
  23. 23. The SDN (R)evolution
  24. 24. “It’s hard to make predictions, especially about the future.” - Yogi Berra
  25. 25. Price of Overcommitting Cost / Time To Recover Early Overcommit 1,000  100  10  1  10  100  1,000   Degree of Network Virtualization (Order of Magnitude)
  26. 26. Long View, Shorter Steps 1,000  100  10  1  10  100  1,000   Degree of Network Virtualization (Order of Magnitude)
  27. 27. Early SDN Deployment Network  1   Network  2   Network  3   vSwitch   vSwitch   vSwitch   vSwitch   vSwitch   VM   VM   VM   VM   VM   VM   VM   VM   VM   VM   VM   VM   vSwitch   vSwitch   vSwitch   vSwitch   vSwitch   VM   VM   VM   VM   VM   VM   VM   VM   VM  
  28. 28. Empowering SDN - Services Enterprise   Internet   Network   Network  1   Network  2   Network  3   vSwitch   vSwitch   vSwitch   vSwitch   vSwitch   VM   VM   VM   VM   VM   VM   VM   VM   VM   VM   VM   VM   vSwitch   vSwitch   vSwitch   vSwitch   vSwitch   VM   VM   VM   VM   VM   VM   VM   VM   VM  
  29. 29. Testing Dates: October 10th – 30th 2012   Report Generated: November 1st 2012   Report Author: Steven Noble   Vyatta Subscription Edition 6.5 R1      TEST SYSTEM CONFIGURATION: Key Points        Deployment  Scenarios   Vyatta is able to forward 100%HARDWARE: line-rate IMIX traffic across allSUPERMICRO X9SAE-V VM  2vCPU   VM  4vCPU   Bare  Metal   Interfaces in our test system  INTEL I7-3770 / 32G ECC RAM     7552  FOUR INTEL I340-T2 NICS Performance degrades gracefullyINTEL 520 SERIES 240GB SSD as features are added.  COST: ~$1600 US       Vyatta handles QoS with no  issues, protecting traffic even 3620  VM CONFIGURATION: when the destination interface isVMWARE 5.1.0 HYPERVISOR more than 200% oversubscribed.   1900  2 OR 4VCPUS, 4GB OF RAM    DIRECT ACCESS TO UPLINK PORTS VIA Vyatta can be run directly onVMDIRECTPATH commodity hardware or in a virtual machine   Throughput  (Mbps)                     
  30. 30. Vyatta in Amazon Web Services•  Scalable VPN services –  Office to AWS VPC –  User to AWS VPC Amazon Virtual Private Cloud (VPC) –  AWS VPC to VPC connectivity•  Advanced routing –  Full mesh topologies –  High availability architectures Amazon Virtual Private Cloud (VPC) Amazon Virtual Private Cloud (VPC) –  Traffic management•  IPSEC and SSL VM   VM   Available in Amazon Marketplace Customer Data Center
  31. 31. Why Vyatta?•  Routing & security to connect Layer 2 islands –  Software for flexibility –  REST API for programmability –  Much more to come…
  32. 32. Remember When You Usedto Get Excited about Networking? It’s that time again