SlideShare a Scribd company logo

Symantec SDN Deployment

Download as PPTX, PDF
Rudrajit Tapadar
Rudrajit Tapadar

Symantec deployed an SDN using OpenStack with the following key aspects: 1. They created different "Classes of Service" including a development environment and a production environment to onboard teams and manage workloads. 2. They provided self-service user onboarding through Horizon with automatic network creation to hide complexities. 3. They offered load balancing as a service using HA Proxy with various optimizations to achieve high performance. 4. They attached baremetal servers to the overlay network by launching them in network namespaces. 5. They aimed for over 99.95% control plane availability using a distributed controller and Cassandra setup with automation and monitoring.

Engineering
1 of 22
Symantec SDN Deployment Jasmeet Sidhu, Rudrajit Tapadar Cloud Platform Engineering
Class of Service Copyright © 2015 Symantec Corporation 2
Class of Service • Dev – For developers to get familiar with OpenStack cloud – Each developer has a project • Production – For teams to onboard their members – Each team has a project – Manage user roles – Manage production workloads Copyright © 2015 Symantec Corporation 3
Self-Service User Onboarding Copyright © 2015 Symantec Corporation 4
Self-Service User Onboarding • Zero tickets for user onboarding – Provide sign up capabilities on Horizon • Provide easy networking on Dev CoS – Hide all complexities – Automatically create network – Allocate routable subnets by using Contrail VNC APIs – Create security group with proper rules – Create unique domain names for instances by using Designate for routable IPs Copyright © 2015 Symantec Corporation 5
Load Balancer as a Service Copyright © 2015 Symantec Corporation 6
Load Balancer as a Service •Out of the box – Icehouse, v1 APIs – Launch HA Proxy service instances on a single AZ – SSL Support: Wildcard cert • Symantec fixes –Multiple AZ, SSL Passthrough, Stats and Metrics • Performance: –~6.5 Gbps throughput with 10K parallel connections, VIP with 2 members –20K HTTPS requests/sec for 10K parallel connections with 1 million requests, 1K response size • Tuning - haproxy.cfg: maxconn 50K, nbproc 4, ulimit-n 200K, Cipher • Pain points –No control over ha proxy cfg –No control over resource allocations (cpu, etc) Copyright © 2015 Symantec Corporation 7
Baremetal on Overlay Copyright © 2015 Symantec Corporation 8
Baremetal on Overlay •Applications that run on baremetal but needs to be on the overlay – Example: swift proxy and data nodes – Launch them inside network namespaces – Plug them to the vRouter – East-West Traffic • Manual Setup via scripts – Nova is not aware but Contrail is. – Multiple nics sitting on multiple networks – Static IPs Copyright © 2015 Symantec Corporation 9
Availability::Control Plane Copyright © 2015 Symantec Corporation 10
Control Plane Availability • Goal - 99.95% Availability • 5 SDN controller VMs distributed over 3 racks • 5 Cassandra database baremetal nodes distributed over 3 racks – RF of 3 for analytics – RF of 5 for config – Compaction throughput 256 Mbps • Deployment Automation: Puppet • Issues seen: DB Timeouts, Version mismatch, admin token Copyright © 2015 Symantec Corporation 11
Failed Customer Interactions Copyright © 2015 Symantec Corporation 12
Failed Customer Interactions • Measure the control plane availability • Use Symantec’s Logging-Monitoring-Metering as a Service to parse Neutron logs • Compare response codes: 5XX counted as failures • Dashboards! Copyright © 2015 Symantec Corporation 13
Availability::Data Plane Copyright © 2015 Symantec Corporation 14
Data Plane Availability • Work in progress.. –FIP Availability –vDNS –Link Local –Private Network Copyright © 2015 Symantec Corporation 15
Seamless Upgrades Copyright © 2015 Symantec Corporation 16
Upgrade 1.20 to 2.0.1 • Goal - Zero Downtime • Controller upgrades – No in-place upgrades – Build a parallel control plane with new release – Add them to the VIP pool and gradually decommission old controllers • Database upgrades – Add new DB nodes one by one to the existing cluster – Repair the DB – Decommission old DB node one by one • Compute upgrades – Automate unloading and loading of kernel module in all computes Copyright © 2015 Symantec Corporation 17
Health Monitoring Copyright © 2015 Symantec Corporation 18
Health Monitoring • Volta –Logging •Logstash •Elasticsearch –Metrics •InfluxDB •Statsd •Collectd) –RESTful APIs make it easy: •Response Codes, Bytes Transfered, Time, Verb, etc. • OpsView / Zabbix Copyright © 2015 Symantec Corporation 19
Troubleshooting Copyright © 2015 Symantec Corporation 20
Troubleshooting • Most incidents are trivial – Known issues – Trivial fixes/workarounds • Some incidents are complex – RCA is very involved – Might have to wait for next code release for a fix – Quick and dirty solution – use auto healing scripts for workarounds •Periodically check system health (Synthetic Transactions) •Remediate known bugs •Fix problems as they are detected, Save pagers, run 24x7! (MX Encapsulation, Dead processes, etc.) Copyright © 2015 Symantec Corporation 21
Thank you! Copyright © 2014 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

Recommended

OpenContrail Cloudwatt Feedback
OpenContrail Cloudwatt FeedbackOpenContrail Cloudwatt Feedback
OpenContrail Cloudwatt Feedbackethuleau
 
OpenContrail deployment experience
OpenContrail deployment experienceOpenContrail deployment experience
OpenContrail deployment experienceJakub Pavlik
 
Network Monitoring and Analytics
Network Monitoring and AnalyticsNetwork Monitoring and Analytics
Network Monitoring and AnalyticsPLUMgrid
 
OpenStack Astara
OpenStack AstaraOpenStack Astara
OpenStack AstaraKiran Murari
 
Meetup 23 - 02 - OVN - The future of networking in OpenStack
Meetup 23 - 02 - OVN - The future of networking in OpenStackMeetup 23 - 02 - OVN - The future of networking in OpenStack
Meetup 23 - 02 - OVN - The future of networking in OpenStackVietnam Open Infrastructure User Group
 
NFV Orchestration for Telcos using OpenStack Tacker
NFV Orchestration for Telcos using OpenStack TackerNFV Orchestration for Telcos using OpenStack Tacker
NFV Orchestration for Telcos using OpenStack TackerSridhar Ramaswamy
 
Deploy TOSCA Network Functions Virtualization (NFV) Workloads in OpenStack
Deploy TOSCA Network Functions Virtualization (NFV) Workloads in OpenStackDeploy TOSCA Network Functions Virtualization (NFV) Workloads in OpenStack
Deploy TOSCA Network Functions Virtualization (NFV) Workloads in OpenStackSahdev Zala
 
OpenStack Discovery and Networking Assurance - Koren Lev - Meetup
OpenStack Discovery and Networking Assurance - Koren Lev - MeetupOpenStack Discovery and Networking Assurance - Koren Lev - Meetup
OpenStack Discovery and Networking Assurance - Koren Lev - MeetupCloud Native Day Tel Aviv
 

Recommended

OpenContrail Cloudwatt Feedback
OpenContrail Cloudwatt FeedbackOpenContrail Cloudwatt Feedback
OpenContrail Cloudwatt Feedbackethuleau
 
OpenContrail deployment experience
OpenContrail deployment experienceOpenContrail deployment experience
OpenContrail deployment experienceJakub Pavlik
 
Network Monitoring and Analytics
Network Monitoring and AnalyticsNetwork Monitoring and Analytics
Network Monitoring and AnalyticsPLUMgrid
 
OpenStack Astara
OpenStack AstaraOpenStack Astara
OpenStack AstaraKiran Murari
 
Meetup 23 - 02 - OVN - The future of networking in OpenStack
Meetup 23 - 02 - OVN - The future of networking in OpenStackMeetup 23 - 02 - OVN - The future of networking in OpenStack
Meetup 23 - 02 - OVN - The future of networking in OpenStackVietnam Open Infrastructure User Group
 
NFV Orchestration for Telcos using OpenStack Tacker
NFV Orchestration for Telcos using OpenStack TackerNFV Orchestration for Telcos using OpenStack Tacker
NFV Orchestration for Telcos using OpenStack TackerSridhar Ramaswamy
 
Deploy TOSCA Network Functions Virtualization (NFV) Workloads in OpenStack
Deploy TOSCA Network Functions Virtualization (NFV) Workloads in OpenStackDeploy TOSCA Network Functions Virtualization (NFV) Workloads in OpenStack
Deploy TOSCA Network Functions Virtualization (NFV) Workloads in OpenStackSahdev Zala
 
OpenStack Discovery and Networking Assurance - Koren Lev - Meetup
OpenStack Discovery and Networking Assurance - Koren Lev - MeetupOpenStack Discovery and Networking Assurance - Koren Lev - Meetup
OpenStack Discovery and Networking Assurance - Koren Lev - MeetupCloud Native Day Tel Aviv
 
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFVOpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFVCloud Native Day Tel Aviv
 
Next Generation Network Developer Skills
Next Generation Network Developer SkillsNext Generation Network Developer Skills
Next Generation Network Developer Skillsmestery
 
Openstack Neutron Insights
Openstack Neutron InsightsOpenstack Neutron Insights
Openstack Neutron InsightsAtul Pandey
 
Deploying OpenDaylight and OpenStack at Ease
Deploying OpenDaylight and OpenStack at EaseDeploying OpenDaylight and OpenStack at Ease
Deploying OpenDaylight and OpenStack at EaseMichelle Holley
 
OVN: Scaleable Virtual Networking for Open vSwitch
OVN: Scaleable Virtual Networking for Open vSwitchOVN: Scaleable Virtual Networking for Open vSwitch
OVN: Scaleable Virtual Networking for Open vSwitchmestery
 
Multisite OpenStack for NFV: Bridging the Gap
Multisite OpenStack for NFV: Bridging the GapMultisite OpenStack for NFV: Bridging the Gap
Multisite OpenStack for NFV: Bridging the GapDimitri Mazmanov
 
Improving Network Application Performance using Load Aware Libeventdev
Improving Network Application Performance using Load Aware LibeventdevImproving Network Application Performance using Load Aware Libeventdev
Improving Network Application Performance using Load Aware LibeventdevMichelle Holley
 
Tungsten Fabric Overview
Tungsten Fabric OverviewTungsten Fabric Overview
Tungsten Fabric OverviewMichelle Holley
 
Summit 16: Deploying Virtualized Mobile Infrastructures on Openstack
Summit 16: Deploying Virtualized Mobile Infrastructures on OpenstackSummit 16: Deploying Virtualized Mobile Infrastructures on Openstack
Summit 16: Deploying Virtualized Mobile Infrastructures on OpenstackOPNFV
 
OpenStack Neutron: What's New In Kilo and a Look Toward Liberty
OpenStack Neutron: What's New In Kilo and a Look Toward LibertyOpenStack Neutron: What's New In Kilo and a Look Toward Liberty
OpenStack Neutron: What's New In Kilo and a Look Toward Libertymestery
 
OpenStack Tokyo Summit Keynote Slides
OpenStack Tokyo Summit Keynote SlidesOpenStack Tokyo Summit Keynote Slides
OpenStack Tokyo Summit Keynote Slidesmestery
 
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...Cloud Native Day Tel Aviv
 
Open Source Backends for OpenStack Neutron
Open Source Backends for OpenStack NeutronOpen Source Backends for OpenStack Neutron
Open Source Backends for OpenStack Neutronmestery
 
Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...
Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...
Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...Cloud Native Day Tel Aviv
 
Openstack Tacker - Moving into Pike
Openstack Tacker - Moving into PikeOpenstack Tacker - Moving into Pike
Openstack Tacker - Moving into PikeOPNFV
 
Optimising nfv service chains on open stack using docker
Optimising nfv service chains on open stack using dockerOptimising nfv service chains on open stack using docker
Optimising nfv service chains on open stack using dockerAnanth Padmanabhan
 
Summit 16: Service Function Chaining: Demo and Usage
Summit 16: Service Function Chaining: Demo and UsageSummit 16: Service Function Chaining: Demo and Usage
Summit 16: Service Function Chaining: Demo and UsageOPNFV
 
Tungsten Fabric and DPDK vRouter Architecture
Tungsten Fabric and DPDK vRouter ArchitectureTungsten Fabric and DPDK vRouter Architecture
Tungsten Fabric and DPDK vRouter ArchitectureOpen Source Technology Center MeetUps
 
Summit 16: ARM Mini-Summit - NXP QorIQ NFV Solutions - NXP Semiconductors
Summit 16: ARM Mini-Summit - NXP QorIQ NFV Solutions - NXP SemiconductorsSummit 16: ARM Mini-Summit - NXP QorIQ NFV Solutions - NXP Semiconductors
Summit 16: ARM Mini-Summit - NXP QorIQ NFV Solutions - NXP SemiconductorsOPNFV
 
OPNFV and OCP: Perfect Together
OPNFV and OCP: Perfect TogetherOPNFV and OCP: Perfect Together
OPNFV and OCP: Perfect TogetherOPNFV
 
Symantec Public Meetup
Symantec Public MeetupSymantec Public Meetup
Symantec Public MeetupRudrajit Tapadar
 
Un-clouding the cloud
Un-clouding the cloudUn-clouding the cloud
Un-clouding the cloudDavinder Kohli
 

More Related Content

What's hot

OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFVOpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFVCloud Native Day Tel Aviv
 
Next Generation Network Developer Skills
Next Generation Network Developer SkillsNext Generation Network Developer Skills
Next Generation Network Developer Skillsmestery
 
Openstack Neutron Insights
Openstack Neutron InsightsOpenstack Neutron Insights
Openstack Neutron InsightsAtul Pandey
 
Deploying OpenDaylight and OpenStack at Ease
Deploying OpenDaylight and OpenStack at EaseDeploying OpenDaylight and OpenStack at Ease
Deploying OpenDaylight and OpenStack at EaseMichelle Holley
 
OVN: Scaleable Virtual Networking for Open vSwitch
OVN: Scaleable Virtual Networking for Open vSwitchOVN: Scaleable Virtual Networking for Open vSwitch
OVN: Scaleable Virtual Networking for Open vSwitchmestery
 
Multisite OpenStack for NFV: Bridging the Gap
Multisite OpenStack for NFV: Bridging the GapMultisite OpenStack for NFV: Bridging the Gap
Multisite OpenStack for NFV: Bridging the GapDimitri Mazmanov
 
Improving Network Application Performance using Load Aware Libeventdev
Improving Network Application Performance using Load Aware LibeventdevImproving Network Application Performance using Load Aware Libeventdev
Improving Network Application Performance using Load Aware LibeventdevMichelle Holley
 
Tungsten Fabric Overview
Tungsten Fabric OverviewTungsten Fabric Overview
Tungsten Fabric OverviewMichelle Holley
 
Summit 16: Deploying Virtualized Mobile Infrastructures on Openstack
Summit 16: Deploying Virtualized Mobile Infrastructures on OpenstackSummit 16: Deploying Virtualized Mobile Infrastructures on Openstack
Summit 16: Deploying Virtualized Mobile Infrastructures on OpenstackOPNFV
 
OpenStack Neutron: What's New In Kilo and a Look Toward Liberty
OpenStack Neutron: What's New In Kilo and a Look Toward LibertyOpenStack Neutron: What's New In Kilo and a Look Toward Liberty
OpenStack Neutron: What's New In Kilo and a Look Toward Libertymestery
 
OpenStack Tokyo Summit Keynote Slides
OpenStack Tokyo Summit Keynote SlidesOpenStack Tokyo Summit Keynote Slides
OpenStack Tokyo Summit Keynote Slidesmestery
 
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...Cloud Native Day Tel Aviv
 
Open Source Backends for OpenStack Neutron
Open Source Backends for OpenStack NeutronOpen Source Backends for OpenStack Neutron
Open Source Backends for OpenStack Neutronmestery
 
Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...
Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...
Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...Cloud Native Day Tel Aviv
 
Openstack Tacker - Moving into Pike
Openstack Tacker - Moving into PikeOpenstack Tacker - Moving into Pike
Openstack Tacker - Moving into PikeOPNFV
 
Optimising nfv service chains on open stack using docker
Optimising nfv service chains on open stack using dockerOptimising nfv service chains on open stack using docker
Optimising nfv service chains on open stack using dockerAnanth Padmanabhan
 
Summit 16: Service Function Chaining: Demo and Usage
Summit 16: Service Function Chaining: Demo and UsageSummit 16: Service Function Chaining: Demo and Usage
Summit 16: Service Function Chaining: Demo and UsageOPNFV
 
Summit 16: ARM Mini-Summit - NXP QorIQ NFV Solutions - NXP Semiconductors
Summit 16: ARM Mini-Summit - NXP QorIQ NFV Solutions - NXP SemiconductorsSummit 16: ARM Mini-Summit - NXP QorIQ NFV Solutions - NXP Semiconductors
Summit 16: ARM Mini-Summit - NXP QorIQ NFV Solutions - NXP SemiconductorsOPNFV
 
OPNFV and OCP: Perfect Together
OPNFV and OCP: Perfect TogetherOPNFV and OCP: Perfect Together
OPNFV and OCP: Perfect TogetherOPNFV
 

What's hot (20)

OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFVOpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV
 
Next Generation Network Developer Skills
Next Generation Network Developer SkillsNext Generation Network Developer Skills
Next Generation Network Developer Skills
 
Openstack Neutron Insights
Openstack Neutron InsightsOpenstack Neutron Insights
Openstack Neutron Insights
 
Deploying OpenDaylight and OpenStack at Ease
Deploying OpenDaylight and OpenStack at EaseDeploying OpenDaylight and OpenStack at Ease
Deploying OpenDaylight and OpenStack at Ease
 
OVN: Scaleable Virtual Networking for Open vSwitch
OVN: Scaleable Virtual Networking for Open vSwitchOVN: Scaleable Virtual Networking for Open vSwitch
OVN: Scaleable Virtual Networking for Open vSwitch
 
Multisite OpenStack for NFV: Bridging the Gap
Multisite OpenStack for NFV: Bridging the GapMultisite OpenStack for NFV: Bridging the Gap
Multisite OpenStack for NFV: Bridging the Gap
 
Improving Network Application Performance using Load Aware Libeventdev
Improving Network Application Performance using Load Aware LibeventdevImproving Network Application Performance using Load Aware Libeventdev
Improving Network Application Performance using Load Aware Libeventdev
 
Tungsten Fabric Overview
Tungsten Fabric OverviewTungsten Fabric Overview
Tungsten Fabric Overview
 
Summit 16: Deploying Virtualized Mobile Infrastructures on Openstack
Summit 16: Deploying Virtualized Mobile Infrastructures on OpenstackSummit 16: Deploying Virtualized Mobile Infrastructures on Openstack
Summit 16: Deploying Virtualized Mobile Infrastructures on Openstack
 
OpenStack Neutron: What's New In Kilo and a Look Toward Liberty
OpenStack Neutron: What's New In Kilo and a Look Toward LibertyOpenStack Neutron: What's New In Kilo and a Look Toward Liberty
OpenStack Neutron: What's New In Kilo and a Look Toward Liberty
 
OpenStack Tokyo Summit Keynote Slides
OpenStack Tokyo Summit Keynote SlidesOpenStack Tokyo Summit Keynote Slides
OpenStack Tokyo Summit Keynote Slides
 
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
 
Open Source Backends for OpenStack Neutron
Open Source Backends for OpenStack NeutronOpen Source Backends for OpenStack Neutron
Open Source Backends for OpenStack Neutron
 
Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...
Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...
Can the Open vSwitch (OVS) bottleneck be resolved? - Erez Cohen - OpenStack D...
 
Openstack Tacker - Moving into Pike
Openstack Tacker - Moving into PikeOpenstack Tacker - Moving into Pike
Openstack Tacker - Moving into Pike
 
Optimising nfv service chains on open stack using docker
Optimising nfv service chains on open stack using dockerOptimising nfv service chains on open stack using docker
Optimising nfv service chains on open stack using docker
 
Summit 16: Service Function Chaining: Demo and Usage
Summit 16: Service Function Chaining: Demo and UsageSummit 16: Service Function Chaining: Demo and Usage
Summit 16: Service Function Chaining: Demo and Usage
 
Tungsten Fabric and DPDK vRouter Architecture
Tungsten Fabric and DPDK vRouter ArchitectureTungsten Fabric and DPDK vRouter Architecture
Tungsten Fabric and DPDK vRouter Architecture
 
Summit 16: ARM Mini-Summit - NXP QorIQ NFV Solutions - NXP Semiconductors
Summit 16: ARM Mini-Summit - NXP QorIQ NFV Solutions - NXP SemiconductorsSummit 16: ARM Mini-Summit - NXP QorIQ NFV Solutions - NXP Semiconductors
Summit 16: ARM Mini-Summit - NXP QorIQ NFV Solutions - NXP Semiconductors
 
OPNFV and OCP: Perfect Together
OPNFV and OCP: Perfect TogetherOPNFV and OCP: Perfect Together
OPNFV and OCP: Perfect Together
 

Similar to Symantec SDN Deployment

20191201 kubernetes managed weblogic revival - part 1
20191201 kubernetes managed weblogic revival - part 120191201 kubernetes managed weblogic revival - part 1
20191201 kubernetes managed weblogic revival - part 1makker_nl
 
AperiStorageResourceManager
AperiStorageResourceManagerAperiStorageResourceManager
AperiStorageResourceManagerRobert Wipfel
 
NetflixOSS for Triangle Devops Oct 2013
NetflixOSS for Triangle Devops Oct 2013NetflixOSS for Triangle Devops Oct 2013
NetflixOSS for Triangle Devops Oct 2013aspyker
 
CloudStack challenges for China customers
CloudStack challenges for China customersCloudStack challenges for China customers
CloudStack challenges for China customersgavin_lee
 
Patterns and Pains of Migrating Legacy Applications to Kubernetes
Patterns and Pains of Migrating Legacy Applications to KubernetesPatterns and Pains of Migrating Legacy Applications to Kubernetes
Patterns and Pains of Migrating Legacy Applications to KubernetesJosef Adersberger
 
Patterns and Pains of Migrating Legacy Applications to Kubernetes
Patterns and Pains of Migrating Legacy Applications to KubernetesPatterns and Pains of Migrating Legacy Applications to Kubernetes
Patterns and Pains of Migrating Legacy Applications to KubernetesQAware GmbH
 
The Kubernetes WebLogic revival (part 1)
The Kubernetes WebLogic revival (part 1)The Kubernetes WebLogic revival (part 1)
The Kubernetes WebLogic revival (part 1)Simon Haslam
 
Microservices Development - ICP Workshop Batch II
Microservices Development - ICP Workshop Batch IIMicroservices Development - ICP Workshop Batch II
Microservices Development - ICP Workshop Batch IIPT Datacomm Diangraha
 
Stay productive_while_slicing_up_the_monolith
Stay productive_while_slicing_up_the_monolithStay productive_while_slicing_up_the_monolith
Stay productive_while_slicing_up_the_monolithMarkus Eisele
 
Using Databases and Containers From Development to Deployment
Using Databases and Containers From Development to DeploymentUsing Databases and Containers From Development to Deployment
Using Databases and Containers From Development to DeploymentAerospike, Inc.
 
Microservices @ Work - A Practice Report of Developing Microservices
Microservices @ Work - A Practice Report of Developing MicroservicesMicroservices @ Work - A Practice Report of Developing Microservices
Microservices @ Work - A Practice Report of Developing MicroservicesQAware GmbH
 
Agile infrastructure
Agile infrastructureAgile infrastructure
Agile infrastructureTarun Rajput
 
Delivering SaaS Using IaaS - RightScale Compute 2013
Delivering SaaS Using IaaS - RightScale Compute 2013Delivering SaaS Using IaaS - RightScale Compute 2013
Delivering SaaS Using IaaS - RightScale Compute 2013RightScale
 
Integrating OpenStack to Existing infrastructure
Integrating OpenStack to Existing infrastructureIntegrating OpenStack to Existing infrastructure
Integrating OpenStack to Existing infrastructurelaurabeckcahoon
 

Similar to Symantec SDN Deployment (20)

Symantec Public Meetup
Symantec Public MeetupSymantec Public Meetup
Symantec Public Meetup
 
Un-clouding the cloud
Un-clouding the cloudUn-clouding the cloud
Un-clouding the cloud
 
20191201 kubernetes managed weblogic revival - part 1
20191201 kubernetes managed weblogic revival - part 120191201 kubernetes managed weblogic revival - part 1
20191201 kubernetes managed weblogic revival - part 1
 
AperiStorageResourceManager
AperiStorageResourceManagerAperiStorageResourceManager
AperiStorageResourceManager
 
Meetup callback
Meetup callbackMeetup callback
Meetup callback
 
NetflixOSS for Triangle Devops Oct 2013
NetflixOSS for Triangle Devops Oct 2013NetflixOSS for Triangle Devops Oct 2013
NetflixOSS for Triangle Devops Oct 2013
 
CloudStack challenges for China customers
CloudStack challenges for China customersCloudStack challenges for China customers
CloudStack challenges for China customers
 
Patterns and Pains of Migrating Legacy Applications to Kubernetes
Patterns and Pains of Migrating Legacy Applications to KubernetesPatterns and Pains of Migrating Legacy Applications to Kubernetes
Patterns and Pains of Migrating Legacy Applications to Kubernetes
 
Patterns and Pains of Migrating Legacy Applications to Kubernetes
Patterns and Pains of Migrating Legacy Applications to KubernetesPatterns and Pains of Migrating Legacy Applications to Kubernetes
Patterns and Pains of Migrating Legacy Applications to Kubernetes
 
The Kubernetes WebLogic revival (part 1)
The Kubernetes WebLogic revival (part 1)The Kubernetes WebLogic revival (part 1)
The Kubernetes WebLogic revival (part 1)
 
Neutron scaling
Neutron scalingNeutron scaling
Neutron scaling
 
Microservices Development - ICP Workshop Batch II
Microservices Development - ICP Workshop Batch IIMicroservices Development - ICP Workshop Batch II
Microservices Development - ICP Workshop Batch II
 
Stay productive_while_slicing_up_the_monolith
Stay productive_while_slicing_up_the_monolithStay productive_while_slicing_up_the_monolith
Stay productive_while_slicing_up_the_monolith
 
AMIS Oracle OpenWorld 2015 Review – part 2- Hardware & IaaS and PaaS Cloud Fo...
AMIS Oracle OpenWorld 2015 Review – part 2- Hardware & IaaS and PaaS Cloud Fo...AMIS Oracle OpenWorld 2015 Review – part 2- Hardware & IaaS and PaaS Cloud Fo...
AMIS Oracle OpenWorld 2015 Review – part 2- Hardware & IaaS and PaaS Cloud Fo...
 
Using Databases and Containers From Development to Deployment
Using Databases and Containers From Development to DeploymentUsing Databases and Containers From Development to Deployment
Using Databases and Containers From Development to Deployment
 
Microservices @ Work - A Practice Report of Developing Microservices
Microservices @ Work - A Practice Report of Developing MicroservicesMicroservices @ Work - A Practice Report of Developing Microservices
Microservices @ Work - A Practice Report of Developing Microservices
 
SD Times - Docker v2
SD Times - Docker v2SD Times - Docker v2
SD Times - Docker v2
 
Agile infrastructure
Agile infrastructureAgile infrastructure
Agile infrastructure
 
Delivering SaaS Using IaaS - RightScale Compute 2013
Delivering SaaS Using IaaS - RightScale Compute 2013Delivering SaaS Using IaaS - RightScale Compute 2013
Delivering SaaS Using IaaS - RightScale Compute 2013
 
Integrating OpenStack to Existing infrastructure
Integrating OpenStack to Existing infrastructureIntegrating OpenStack to Existing infrastructure
Integrating OpenStack to Existing infrastructure
 

Recently uploaded

High Voltage Engineering- OVER VOLTAGES IN ELECTRICAL POWER SYSTEMS
High Voltage Engineering- OVER VOLTAGES IN ELECTRICAL POWER SYSTEMSHigh Voltage Engineering- OVER VOLTAGES IN ELECTRICAL POWER SYSTEMS
High Voltage Engineering- OVER VOLTAGES IN ELECTRICAL POWER SYSTEMSsandhya757531
 
Research Methodology for Engineering pdf
Research Methodology for Engineering pdfResearch Methodology for Engineering pdf
Research Methodology for Engineering pdfCaalaaAbdulkerim
 
Turn leadership mistakes into a better future.pptx
Turn leadership mistakes into a better future.pptxTurn leadership mistakes into a better future.pptx
Turn leadership mistakes into a better future.pptxStephen Sitton
 
Earthing details of Electrical Substation
Earthing details of Electrical SubstationEarthing details of Electrical Substation
Earthing details of Electrical Substationstephanwindworld
 
Immutable Image-Based Operating Systems - EW2024.pdf
Immutable Image-Based Operating Systems - EW2024.pdfImmutable Image-Based Operating Systems - EW2024.pdf
Immutable Image-Based Operating Systems - EW2024.pdfDrew Moseley
 
Novel 3D-Printed Soft Linear and Bending Actuators
Novel 3D-Printed Soft Linear and Bending ActuatorsNovel 3D-Printed Soft Linear and Bending Actuators
Novel 3D-Printed Soft Linear and Bending ActuatorsResearcher Researcher
 
Module-1-(Building Acoustics) Noise Control (Unit-3). pdf
Module-1-(Building Acoustics) Noise Control (Unit-3). pdfModule-1-(Building Acoustics) Noise Control (Unit-3). pdf
Module-1-(Building Acoustics) Noise Control (Unit-3). pdfManish Kumar
 
Katarzyna Lipka-Sidor - BIM School Course
Katarzyna Lipka-Sidor - BIM School CourseKatarzyna Lipka-Sidor - BIM School Course
Katarzyna Lipka-Sidor - BIM School Coursebim.edu.pl
 
Input Output Management in Operating System
Input Output Management in Operating SystemInput Output Management in Operating System
Input Output Management in Operating SystemRashmi Bhat
 
Levelling - Rise and fall - Height of instrument method
Levelling - Rise and fall - Height of instrument methodLevelling - Rise and fall - Height of instrument method
Levelling - Rise and fall - Height of instrument methodManicka Mamallan Andavar
 
THE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTION
THE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTIONTHE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTION
THE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTIONjhunlian
 
2022 AWS DNA Hackathon 장애 대응 솔루션 jarvis.
2022 AWS DNA Hackathon 장애 대응 솔루션 jarvis.2022 AWS DNA Hackathon 장애 대응 솔루션 jarvis.
2022 AWS DNA Hackathon 장애 대응 솔루션 jarvis.elesangwon
 
Prach: A Feature-Rich Platform Empowering the Autism Community
Prach: A Feature-Rich Platform Empowering the Autism CommunityPrach: A Feature-Rich Platform Empowering the Autism Community
Prach: A Feature-Rich Platform Empowering the Autism Communityprachaibot
 
Paper Tube : Shigeru Ban projects and Case Study of Cardboard Cathedral .pdf
Paper Tube : Shigeru Ban projects and Case Study of Cardboard Cathedral .pdfPaper Tube : Shigeru Ban projects and Case Study of Cardboard Cathedral .pdf
Paper Tube : Shigeru Ban projects and Case Study of Cardboard Cathedral .pdfNainaShrivastava14
 
Energy Awareness training ppt for manufacturing process.pptx
Energy Awareness training ppt for manufacturing process.pptxEnergy Awareness training ppt for manufacturing process.pptx
Energy Awareness training ppt for manufacturing process.pptxsiddharthjain2303
 
Gravity concentration_MI20612MI_________
Gravity concentration_MI20612MI_________Gravity concentration_MI20612MI_________
Gravity concentration_MI20612MI_________Romil Mishra
 
CS 3251 Programming in c all unit notes pdf
CS 3251 Programming in c all unit notes pdfCS 3251 Programming in c all unit notes pdf
CS 3251 Programming in c all unit notes pdfBalamuruganV28
 
KCD Costa Rica 2024 - Nephio para parvulitos
KCD Costa Rica 2024 - Nephio para parvulitosKCD Costa Rica 2024 - Nephio para parvulitos
KCD Costa Rica 2024 - Nephio para parvulitosVictor Morales
 
11. Properties of Liquid Fuels in Energy Engineering.pdf
11. Properties of Liquid Fuels in Energy Engineering.pdf11. Properties of Liquid Fuels in Energy Engineering.pdf
11. Properties of Liquid Fuels in Energy Engineering.pdfHafizMudaserAhmad
 
US Department of Education FAFSA Week of Action
US Department of Education FAFSA Week of ActionUS Department of Education FAFSA Week of Action
US Department of Education FAFSA Week of ActionMebane Rash
 

Recently uploaded (20)

High Voltage Engineering- OVER VOLTAGES IN ELECTRICAL POWER SYSTEMS
High Voltage Engineering- OVER VOLTAGES IN ELECTRICAL POWER SYSTEMSHigh Voltage Engineering- OVER VOLTAGES IN ELECTRICAL POWER SYSTEMS
High Voltage Engineering- OVER VOLTAGES IN ELECTRICAL POWER SYSTEMS
 
Research Methodology for Engineering pdf
Research Methodology for Engineering pdfResearch Methodology for Engineering pdf
Research Methodology for Engineering pdf
 
Turn leadership mistakes into a better future.pptx
Turn leadership mistakes into a better future.pptxTurn leadership mistakes into a better future.pptx
Turn leadership mistakes into a better future.pptx
 
Earthing details of Electrical Substation
Earthing details of Electrical SubstationEarthing details of Electrical Substation
Earthing details of Electrical Substation
 
Immutable Image-Based Operating Systems - EW2024.pdf
Immutable Image-Based Operating Systems - EW2024.pdfImmutable Image-Based Operating Systems - EW2024.pdf
Immutable Image-Based Operating Systems - EW2024.pdf
 
Novel 3D-Printed Soft Linear and Bending Actuators
Novel 3D-Printed Soft Linear and Bending ActuatorsNovel 3D-Printed Soft Linear and Bending Actuators
Novel 3D-Printed Soft Linear and Bending Actuators
 
Module-1-(Building Acoustics) Noise Control (Unit-3). pdf
Module-1-(Building Acoustics) Noise Control (Unit-3). pdfModule-1-(Building Acoustics) Noise Control (Unit-3). pdf
Module-1-(Building Acoustics) Noise Control (Unit-3). pdf
 
Katarzyna Lipka-Sidor - BIM School Course
Katarzyna Lipka-Sidor - BIM School CourseKatarzyna Lipka-Sidor - BIM School Course
Katarzyna Lipka-Sidor - BIM School Course
 
Input Output Management in Operating System
Input Output Management in Operating SystemInput Output Management in Operating System
Input Output Management in Operating System
 
Levelling - Rise and fall - Height of instrument method
Levelling - Rise and fall - Height of instrument methodLevelling - Rise and fall - Height of instrument method
Levelling - Rise and fall - Height of instrument method
 
THE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTION
THE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTIONTHE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTION
THE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTION
 
2022 AWS DNA Hackathon 장애 대응 솔루션 jarvis.
2022 AWS DNA Hackathon 장애 대응 솔루션 jarvis.2022 AWS DNA Hackathon 장애 대응 솔루션 jarvis.
2022 AWS DNA Hackathon 장애 대응 솔루션 jarvis.
 
Prach: A Feature-Rich Platform Empowering the Autism Community
Prach: A Feature-Rich Platform Empowering the Autism CommunityPrach: A Feature-Rich Platform Empowering the Autism Community
Prach: A Feature-Rich Platform Empowering the Autism Community
 
Paper Tube : Shigeru Ban projects and Case Study of Cardboard Cathedral .pdf
Paper Tube : Shigeru Ban projects and Case Study of Cardboard Cathedral .pdfPaper Tube : Shigeru Ban projects and Case Study of Cardboard Cathedral .pdf
Paper Tube : Shigeru Ban projects and Case Study of Cardboard Cathedral .pdf
 
Energy Awareness training ppt for manufacturing process.pptx
Energy Awareness training ppt for manufacturing process.pptxEnergy Awareness training ppt for manufacturing process.pptx
Energy Awareness training ppt for manufacturing process.pptx
 
Gravity concentration_MI20612MI_________
Gravity concentration_MI20612MI_________Gravity concentration_MI20612MI_________
Gravity concentration_MI20612MI_________
 
CS 3251 Programming in c all unit notes pdf
CS 3251 Programming in c all unit notes pdfCS 3251 Programming in c all unit notes pdf
CS 3251 Programming in c all unit notes pdf
 
KCD Costa Rica 2024 - Nephio para parvulitos
KCD Costa Rica 2024 - Nephio para parvulitosKCD Costa Rica 2024 - Nephio para parvulitos
KCD Costa Rica 2024 - Nephio para parvulitos
 
11. Properties of Liquid Fuels in Energy Engineering.pdf
11. Properties of Liquid Fuels in Energy Engineering.pdf11. Properties of Liquid Fuels in Energy Engineering.pdf
11. Properties of Liquid Fuels in Energy Engineering.pdf
 
US Department of Education FAFSA Week of Action
US Department of Education FAFSA Week of ActionUS Department of Education FAFSA Week of Action
US Department of Education FAFSA Week of Action
 

Symantec SDN Deployment

  • 1. Symantec SDN Deployment Jasmeet Sidhu, Rudrajit Tapadar Cloud Platform Engineering
  • 2. Class of Service Copyright © 2015 Symantec Corporation 2
  • 3. Class of Service • Dev – For developers to get familiar with OpenStack cloud – Each developer has a project • Production – For teams to onboard their members – Each team has a project – Manage user roles – Manage production workloads Copyright © 2015 Symantec Corporation 3
  • 4. Self-Service User Onboarding Copyright © 2015 Symantec Corporation 4
  • 5. Self-Service User Onboarding • Zero tickets for user onboarding – Provide sign up capabilities on Horizon • Provide easy networking on Dev CoS – Hide all complexities – Automatically create network – Allocate routable subnets by using Contrail VNC APIs – Create security group with proper rules – Create unique domain names for instances by using Designate for routable IPs Copyright © 2015 Symantec Corporation 5
  • 6. Load Balancer as a Service Copyright © 2015 Symantec Corporation 6
  • 7. Load Balancer as a Service •Out of the box – Icehouse, v1 APIs – Launch HA Proxy service instances on a single AZ – SSL Support: Wildcard cert • Symantec fixes –Multiple AZ, SSL Passthrough, Stats and Metrics • Performance: –~6.5 Gbps throughput with 10K parallel connections, VIP with 2 members –20K HTTPS requests/sec for 10K parallel connections with 1 million requests, 1K response size • Tuning - haproxy.cfg: maxconn 50K, nbproc 4, ulimit-n 200K, Cipher • Pain points –No control over ha proxy cfg –No control over resource allocations (cpu, etc) Copyright © 2015 Symantec Corporation 7
  • 8. Baremetal on Overlay Copyright © 2015 Symantec Corporation 8
  • 9. Baremetal on Overlay •Applications that run on baremetal but needs to be on the overlay – Example: swift proxy and data nodes – Launch them inside network namespaces – Plug them to the vRouter – East-West Traffic • Manual Setup via scripts – Nova is not aware but Contrail is. – Multiple nics sitting on multiple networks – Static IPs Copyright © 2015 Symantec Corporation 9
  • 10. Availability::Control Plane Copyright © 2015 Symantec Corporation 10
  • 11. Control Plane Availability • Goal - 99.95% Availability • 5 SDN controller VMs distributed over 3 racks • 5 Cassandra database baremetal nodes distributed over 3 racks – RF of 3 for analytics – RF of 5 for config – Compaction throughput 256 Mbps • Deployment Automation: Puppet • Issues seen: DB Timeouts, Version mismatch, admin token Copyright © 2015 Symantec Corporation 11
  • 12. Failed Customer Interactions Copyright © 2015 Symantec Corporation 12
  • 13. Failed Customer Interactions • Measure the control plane availability • Use Symantec’s Logging-Monitoring-Metering as a Service to parse Neutron logs • Compare response codes: 5XX counted as failures • Dashboards! Copyright © 2015 Symantec Corporation 13
  • 14. Availability::Data Plane Copyright © 2015 Symantec Corporation 14
  • 15. Data Plane Availability • Work in progress.. –FIP Availability –vDNS –Link Local –Private Network Copyright © 2015 Symantec Corporation 15
  • 16. Seamless Upgrades Copyright © 2015 Symantec Corporation 16
  • 17. Upgrade 1.20 to 2.0.1 • Goal - Zero Downtime • Controller upgrades – No in-place upgrades – Build a parallel control plane with new release – Add them to the VIP pool and gradually decommission old controllers • Database upgrades – Add new DB nodes one by one to the existing cluster – Repair the DB – Decommission old DB node one by one • Compute upgrades – Automate unloading and loading of kernel module in all computes Copyright © 2015 Symantec Corporation 17
  • 18. Health Monitoring Copyright © 2015 Symantec Corporation 18
  • 19. Health Monitoring • Volta –Logging •Logstash •Elasticsearch –Metrics •InfluxDB •Statsd •Collectd) –RESTful APIs make it easy: •Response Codes, Bytes Transfered, Time, Verb, etc. • OpsView / Zabbix Copyright © 2015 Symantec Corporation 19
  • 20. Troubleshooting Copyright © 2015 Symantec Corporation 20
  • 21. Troubleshooting • Most incidents are trivial – Known issues – Trivial fixes/workarounds • Some incidents are complex – RCA is very involved – Might have to wait for next code release for a fix – Quick and dirty solution – use auto healing scripts for workarounds •Periodically check system health (Synthetic Transactions) •Remediate known bugs •Fix problems as they are detected, Save pagers, run 24x7! (MX Encapsulation, Dead processes, etc.) Copyright © 2015 Symantec Corporation 21
  • 22. Thank you! Copyright © 2014 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

Editor's Notes

  1. VIP Members - 16 CPU, 32GB RAM Stats - num connections, session active/total/drops, bytes in/out, response times
  2. Two nics on two different networks (swift proxy network and replication network) Not production yet. Still exploring. Recent issues: Kernel panic on 3.16 kernel with network namespaces.