OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. Montero

•

2 likes•715 views

Author Biography Ruben S. Montero, Ph.D, is Chief Architect of the OpenNebula Project and CTO & co-founder at C12G Labs. He has strong expertise in resource provisioning models for distributed systems and cloud computing, in particular resource management and scheduling, distributed management of virtual machines, and inter-operation of cloud infrastructures. Montero holds a Ph.D in Computer Science (UCM) and is also an Associated Professor at UCM.

Technology

OpenNebula Networking: SDN & NFV
Ruben S. Montero
OpenNebula Chief Architect

OpenNebula Network Model: View
Hyper. Hyper. Hyper. Hyper.
Virtual Network
VM VM VM VM
Datacenter Network
● Leaf-Spine switched or routed
backbone
● Not controlled by OpenNebula
● Usually just few TOR switches
Virtual switches
Virtual Network

OpenNebula Network Model: “built-in SDN”
Provide a central point to define, consume and set up Virtual
Networks for Virtual Machines
XML-RPC API
OpenNebula daemon
Infrastructure Drivers
Northbound Interface
● Virtual Network abstract management
● Lease addresses to VMs
● Reserve addresses for users or groups
Network
Southbound Interface
● Uniform interface to interact with network
elements
● Specialized for VM Networking

Northbound Interface
Logical Attributes
Addresses Space (multiple, disjoint ranges)
● IPv4
● IPv6 (Global & ULA)
● Ethernet - MAC addresses
Security Groups
● Managed as a separate entity
● Inbound & Outbound, TCP/UDP/ICMP
Custom Tags
Configuration & Physical Attributes
● Network specific (e.g. BRIDGE, VLAN_ID)
● VM Context (e.g. DNS, GATEWAY)
VirtualNetworkDefinition

Southbound Interface
Hypervisor
NFV - app
Hypervisor
Network device
VM VM VM
VM Network
Overlays
Physical Networks
Network dev
Cluster Network - L2
Virtual Network Green (any)
Network - L2
DataCenter Network - L3
Virtual Network Blue (VXLAN or NFV)
OpenNebula daemon
Infrastructure Drivers
Network stack
Setup networking for VMs interfacing with network & hypervisors
Hypervisor
Network device
VM VM VM

Southbound Interface
Three-phase setup
● pre, post and clean right before, after VM boot and shutdown
● It considers live-migrations
OpenNebula Network Drivers
OpenvSwtich VMware DSwtich
Linux Bridge
802.1Q Flat
Security Group
iptables rules
VXLAN ebtables Flat VLAN Flat Dynamic
NFV Virtual Router*
* Work in progress

VirtualMachine Interface
Virtual Machine Configuration (L3 - L4 - L5)
● Context CD-ROM ISO with network information
● Stock guest packages include support for IP, GATEWAY, DNS,
NETWORK_MASK but easily extensible
● NFV not imposed nor required (e.g. DHCP server per net) but
supported.
Require as less as possible, accommodate any topology

● Approach: Virtualize some network functions by packaging
into an appliance
● Ease & flexible management of your network
○ Hugepages*,
○ NUMA scheduling*,
○ PCI PF/SR-IOV co-allocation*
* Supported only to some extent in 4.14
● As part of a Virtual Network to include more functionality
○ Virtual Router removed from 4.14 to re-architect it.
NFV Management

Virtual Router: Cross-site Networks
Virtual RouterVirtual Router
VM
Virtual Network (VLAN)Virtual Network (VLAN)
VM VM
Cross-site
Network
VM
Ethernet over IP (GRETAP) + IPSec
● Improve Virtual Router Interface & Sunstone Integration
● Link multiple virtual networks (L3/L2)
● Support for hybrid configurations
● Support for L3 inter-DC

Virtual Router: SDN integration
SSH OpenFlow
ovswtich / Linux bridge
link
(to other switches)
VXLAN, VLAN, Ether
virtual
appliance
SDN for the Cross-site network
● Flow control (ReactiveFlow app)
● ARP optimizations
● Flow re-balancing
OpenNebula drivers

OpenNebula Network Model: View
Hyper. Hyper. Hyper. Hyper.
Virtual Network
VM VM VM VM
Virtual Network
Network backbone and Internet
VM VM
Compute Fabric
SDN for vSwitches
Two-level SDN
● Hypervisor for VLAN set up and management
● Interconnection and management of VLAN segments
Virtual switch (or routed)

What's hot

OpenNebulaConf 2016 - Storage Hands-on Workshop by Javier Fontán, OpenNebula

OpenNebula Project

Disaster recovery solution with open nebula and storpool

OpenNebula Project

In addition to providing bare-metal access to large amounts of compute FAS Research Computing (FASRC) at Harvard also builds and fully maintains custom virtual machines tailored to faculty and researchers needs including lab websites, portals, databases, project development environments, and more both locally and on public clouds. Recently FASRC converted its internal VM infrastructure from a completely home-made KVM cluster to a more robust and reliable system powered by OpenNebula and Ceph configured with public cloud integration. Over the years as the number of VMs grew our home-made solution started to show signs of wear and tear with respect to scheduling, provisioning, management, inventory, and performance. Our new deployment improves on all of these areas and provides APIs and features that both help us serve clients more efficiently and improve our internal processes for testing new system configurations and dynamically spinning up resources for continous integration and deployment. Our new VM infrastructure deployment is fully automated via puppet and has been used to provision a multi-datacenter, fault-tolerant, VM infrastructure with a multi-tiered back-up system and robust VM and virtual disk monitoring. We will describe our internal system architecture and deployment, challenges we faced, and innovations we made along the way while deploying OpenNebula and Ceph. We will also discuss a new client-facing OpenNebula cloud deployment we’re currently beta testing with select users where users have full control over the creation and configuration of their VMs on FASRC compute resources via the OpenNebula dashboard and APIs.

OpenNebulaconf2017US: Paying down technical debt with "one" dollar bills by ...

OpenNebula Project

OpenNebulaConf 2016 - Evolution of OpenNebula at Netways by Sebastian Saemann...

OpenNebula Project

VTastic: Akamai Innovations for Distributed System Testing - Jack Wadden, Akamai Akamai Technologies’ CDN platform is a complex, highly-integrated distributed system consisting of over 200,000 servers in over 120 countries.. Processing over 3 Trillion web requests per day, the Akamai platform regularly serves over 30Tbps of traffic to end users around the world. Setup and maintenance of Akamai integration test environments involves a significant investment of hardware, time and subject matter expertise. As a result, these environments are a scarce resource. Using Opennebula, Akamai has developed a system for saving and cloning multi-node integration test environments on-demand. The system is succeeding and has the potential to revolutionize Akamai’s approach to software development and testing. After exploring Akamai’s platform architecture and testing challenges, we will describe the key innovations that enabled the Vtastic solution, challenges we faced in implementing a reliable system, and future capabilities the system can offer.

OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...

OpenNebula Project

OpenNebula and VMware - A dance

OpenNebula Project

OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...

OpenNebula Project

FreeIPA is an integrated Identity and Authentication solution for Linux and Unix environments. It provides a centralized authentication and authorization information and it also stores user data information such as user names, groups, hosts and many different objects to manage the security aspects of a network of computers. FreeIPA uses different technologies, but the core of the authentication system is based on MIT Kerberos technology. Thanks to this technology the authentication works on the basis of tickets to allow users or nodes communicating over a non-secure network to prove their identity to get access to different services. In this talk we will show how it is possible to integrate Sunstone authentication with the FreeIPA SSO thanks to the new Sunstone remote authentication plugin provided by OpenNebula. We will describe how to setup Sunstone in an easy way to include Kerberos authentication using Apache and Phusion Passenger module. This configuration approach also changes the security mechanism used by libvirt to establish the connection between hypervisors. We will explain how it is possible, using the host keytabs generated by FreeIPA, to improve the security between the hypervisors when we have to migrate virtual machines in an insecure network.

OpenNebulaConf 2016 - Sunstone integration with FreeIPA using Single Sign by ...

OpenNebula Project

oVirt Introduction

Roozbeh Shafiee

OpenNebulaconf2017US: Multi-Site Hyperconverged OpenNebula with DRBD9

OpenNebula Project

Akamai Technologies’ CDN platform is a complex, highly-integrated distributed system consisting of over 200,000 servers in over 120 countries.. Processing over 3 Trillion web requests per day, the Akamai platform regularly serves over 30Tbps of traffic to end users around the world. Setup and maintenance of Akamai integration test environments involves a significant investment of hardware, time and subject matter expertise. As a result, these environments are a scarce resource. Using Opennebula, Akamai has developed a system for saving and cloning multi-node integration test environments on-demand. The system is succeeding and has the potential to revolutionize Akamai’s approach to software development and testing. After exploring Akamai’s platform architecture and testing challenges, we will describe the key innovations that enabled the Vtastic solution, challenges we faced in implementing a reliable system, and future capabilities the system can offer.

OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...

OpenNebula Project

New features in OpenNebula 5.4, Jaime Melis

OpenNebula Project

OpenNebulaconf2017US: Software defined networking with OpenNebula by Roy Keen...

OpenNebula Project

TechDay - Cambridge 2016 - OpenNebula Corona

OpenNebula Project

Kishore works with the engineering team in building the open source product with a future focussed cloud technical strategy for “Megam – Cloud Automation Platform “http://gomegam.com”. In his prior incarnation Kishore has worked as an Architect in complex system integration projects for Airport systems with high availability. Kishore has avid experience in architecting large scale build and packaging tools for mainframe platform integrated via thin clients and eclipse IDE.

OpenNebula Conf 2014 | Cloud Automation for OpenNebula by Kishorekumar Neelam...

NETWAYS

OpenNebula 5.4 Enhancements vCenter Integration

OpenNebula Project

TechDay - Toronto 2016 - Hyperconvergence and OpenNebula

OpenNebula Project

OpenNebulaconf2017US: OpenNebula hybrid clouds with Amazon and Azure by Ruben...

OpenNebula Project

OpenNebula Conf 2014 | ONE BIT to rule them all - Stefan Kooman

NETWAYS

OpenNebula TechDay Waterloo 2015 - Hyperconvergence and OpenNebula

OpenNebula Project

What's hot (20)

OpenNebulaConf 2016 - Storage Hands-on Workshop by Javier Fontán, OpenNebula

Disaster recovery solution with open nebula and storpool

OpenNebulaconf2017US: Paying down technical debt with "one" dollar bills by ...

OpenNebulaConf 2016 - Evolution of OpenNebula at Netways by Sebastian Saemann...

OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...

OpenNebula and VMware - A dance

OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...

OpenNebulaConf 2016 - Sunstone integration with FreeIPA using Single Sign by ...

oVirt Introduction

OpenNebulaconf2017US: Multi-Site Hyperconverged OpenNebula with DRBD9

OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...

New features in OpenNebula 5.4, Jaime Melis

OpenNebulaconf2017US: Software defined networking with OpenNebula by Roy Keen...

TechDay - Cambridge 2016 - OpenNebula Corona

OpenNebula Conf 2014 | Cloud Automation for OpenNebula by Kishorekumar Neelam...

OpenNebula 5.4 Enhancements vCenter Integration

TechDay - Toronto 2016 - Hyperconvergence and OpenNebula

OpenNebulaconf2017US: OpenNebula hybrid clouds with Amazon and Azure by Ruben...

OpenNebula Conf 2014 | ONE BIT to rule them all - Stefan Kooman

OpenNebula TechDay Waterloo 2015 - Hyperconvergence and OpenNebula

Similar to OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. Montero

CloudStack Networking Overview - Jan 28, 2014

Sheng Yang

Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...

Công TÔ

Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under Linux

Samsung Open Source Group

Red hat NFV Roadmap - OpenStack Summit 2016/Red Hat NFV Mini Summit

kimw001

CloudStack In Production

Clayton Weise

Open stack networking_101_update_2014

yfauser

Run Your Own 6LoWPAN Based IoT Network

Samsung Open Source Group

NetScaler and advanced networking in cloudstack

Deepak Garg

SDN & NFV Introduction - Open Source Data Center Networking

Thomas Graf

Enterprise Datacenter Virtualization und Cloud Computing stellen neue Anforderungen an das Netzwerk. Traditionsgemäss wurden virtuelle Workloads über als Bridge fungierende virtuelle Switches mit VLANs auf dem physischen Netzwerk verbunden. Mit dem Wachstum der Anfordungen an Skalierung und Automatisierung stossen diese Modelle an Grenzen. Thomas Graf bot an diesem OpenTuesday einen Einblick in Protokolle und Technologien wie OpenFlow, VXLAN, OpenStack Neutron und Open vSwitch, die eingesetzt werden, um neue automatisierte Netzwerkkonzepte der nächsten Generation, wie Software Defined Networking oder Network Function Virtualization, umzusetzen.

Network Virtualization & Software-defined Networking

Digicomp Academy AG

NFV Orchestration for Optimal Performance

dfilppi

Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device

Samsung Open Source Group

OpenStack deployments for public or private clouds require overlay networking. Due to the scale and rate of change of virtual resources, it isn't practical to rely on traditional network constructs and isolation mechanims. Today's deployments require performance, resilience, and high availability to be considered truly production-ready. In this session, we deep dive into the MidoNet architecture, and process of sending a data packet across an OpenStack environment through a network overlay. A distributed architecture implements logical constructs that are used to build networks without a single point of failure, all while adding network functionality in a highly-scalable manner. Network functions are applied in a single virtual hop. By applying network services right at the ingress host, the network is free from unnecessary clogging and bottlenecks by avoiding additional hops. Packets reach their destination more efficiently with the single virtual hop. After this session, the audience will understand how distributed architectures allow efficient networking with routing decisions and network services applied at the edge. Also, the audience will understand how it is easier to scale clouds when the network intelligence is distributed.

Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...

Dan Mihai Dumitriu

This talk surveys and explores the scopes and design for the next-generation network model consolidation in CloudStack and a new super-fast micro-vm based VR. The talk will discuss the scope and goals for the next-generation VR, consolidation of basic and advanced networks and zones, flexible networking topologies, UI based network designing, a standard systemvm patching mechanism and uniform VR programming interface with a lightweight secured agent, faster rules programming and zero-downtime upgrades. It will also explore new abilities to allow live/online patching, containerization of VR processes and pluggability of user-imported data/router appliances (bring your own X) such as pfsense, vyos etc for VPN, FTP, DNS, DHCP, etc.

Rohit Yadav - The future of the CloudStack Virtual Router

ShapeBlue

Known basic of NFV Features

Raul Leite

Networking in Openstack - Neutron 101

Mochamad Taufik Romdony

Lisa Caywood and Colin Dixon's presentation at the 2017 Open Networking Summit. OpenDaylight has become a nexus for open source integration, creating a new open networking stack and enabling a new generation of open source, agile IT infrastructure. The fifth “Boron” release provides new tooling and documentation to support application developers, as well as greater integration with industry frameworks from OPNFV and OpenStack to CORD and Atrium. Boron also brings a practical focus on two leading types of deployments: (1) direct control of virtual switches to provide network virtualization and NFV and (2) management and orchestration of existing networks to provide new features and automation. This talk will cover trends in open SDN and cloud networking, with a focus on Boron milestones. In particular, it dives into the architecture across OpenStack and OpenDaylight to enable OpenStack service function chaining support in OpenDaylight.

State of the OpenDaylight Union

Open Networking Summit

Neutron high availability open stack architecture openstack israel event 2015

Arthur Berezin

Livnat Peer & Arthur Berezin, Red Hat - Neutron High Availability - OpenStack...

Cloud Native Day Tel Aviv

Open stack networking_101_update_2014-os-meetups

yfauser

Similar to OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. Montero (20)

CloudStack Networking Overview - Jan 28, 2014

Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...

Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under Linux

Red hat NFV Roadmap - OpenStack Summit 2016/Red Hat NFV Mini Summit

CloudStack In Production

Open stack networking_101_update_2014

Run Your Own 6LoWPAN Based IoT Network

NetScaler and advanced networking in cloudstack

SDN & NFV Introduction - Open Source Data Center Networking

Network Virtualization & Software-defined Networking

NFV Orchestration for Optimal Performance

Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device

Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...

Rohit Yadav - The future of the CloudStack Virtual Router

Known basic of NFV Features

Networking in Openstack - Neutron 101

State of the OpenDaylight Union

Neutron high availability open stack architecture openstack israel event 2015

Livnat Peer & Arthur Berezin, Red Hat - Neutron High Availability - OpenStack...

Open stack networking_101_update_2014-os-meetups

More from OpenNebula Project

We've made our way into the world of open cloud — where each organization can find the right cloud for its unique needs. A single cloud management platform cannot be all things to all people. There will be a cloud space with several offerings focused on different environments and/or industries. The OpenNebula commitment to the open cloud is at the very base of its mission — to become the simplest cloud enabling platform — and its purpose — to bring simplicity to the private and hybrid enterprise cloud. OpenNebula exists to help companies build simple, cost-effective, reliable, open enterprise clouds on existing IT infrastructure. The OpenNebula Conference will be a great opportunity to communicate and share our vision and commitment, to look back at how the project has grown in the last 9 years, and to shed some insight into what to expect from the project in the near future.

OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...

OpenNebula Project

Computer networks are undergoing a phenomenal growth, driven by the rapidly increasing number of nodes constituting the networks. At the same time, the number of security threats on Internet and intranet networks is constantly increasing, and the testing and experimentation of cyber defense solutions require the availability of separate, test environments that best reflect the complexity of a real system. Such environments support the deployment and monitoring of complex mission-driven network scenarios, and cyber security training activities, thus enabling enterprises to study cyber defense strategies and allowing security researchers to evaluate their algorithms at scale. The main objective is delivering to researchers and practitioners an overview of the technological means and the practical steps to setup a private cloud platform based on OpenNebula for the creation and management of virtual environments that support cyber-security activities of training and testing, as well as an overview of its possible applications in the cyber security domain. In particular: 1. We describe our infrastructure based on OpenNebula 2. We overview our application, sitting on top of OpenNebula, as well as the technological tools involved in the management of its lifecycle (e.g., Ansible) . 3. We show how the platform can support various examples of security research activities  [References] Building an emulation environment for cyber security analyses of complex networked systems, Tanasache, Florin Dragos and Sorella, Mara and Bonomi, Silvia and Rapone, Raniero and Meacci, Davide, ICDCN '19, ACM, 2019

OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of C...

OpenNebula Project

OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...

OpenNebula Project

OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...

OpenNebula Project

OpenNebula users have a range of storage options available to them, including proprietary appliances, proprietary software and Open Source software projects. This session will present a fully Open Source approach, that tightly integrates with Linux, and makes full use of the mature building blocks within the Linux kernel (LVM, Software RAID, DM-crypt, NVMe-oF Target, DRBD, etc...), and delivers one of the highest performance open source storage stacks currently available. The core goal is to expose the improved performance of NVMe storage devices to VMs and containers. The solution covers both local NVMe drives and NVMe-oF. For interacting with NVMe-oF targets it supports the Swordfish-API and LVM & Linux’s software NVMe-oF target. The solution contains a storage addon for OpenNebula.

OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...

OpenNebula Project

OpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAF

OpenNebula Project

At Iguane Solutions, a lot of our "DevOps" tools are developed in Golang, and we have a good amount of experience in contributing to the Goca. I'll review just what contributions we make, as well as how we use Goca with different tools, on a daily basis, to manage and monitor our OpenNebula cloud. I will delve into the concept of Infrastructure as Code - deployment of VM instances on cloud, as well as, also address the metrics collection of deployed VMs. Finally, I will present how we can abstract VM management with automation tools thanks to GOCA.

OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...

OpenNebula Project

OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...

OpenNebula Project

Replacing vCloud with OpenNebula

OpenNebula Project

NTS: What We Do With OpenNebula - and Why We Do It

OpenNebula Project

OpenNebula from the Perspective of an ISP

OpenNebula Project

NTS CAPTAIN / OpenNebula at Julius Blum GmbH

OpenNebula Project

Performant and Resilient Storage: The Open Source & Linux Way

OpenNebula Project

NetApp Hybrid Cloud with OpenNebula

OpenNebula Project

NSX with OpenNebula - upcoming 5.10

OpenNebula Project

Security for Private Cloud Environments

OpenNebula Project

CheckPoint R80.30 Installation on OpenNebula

OpenNebula Project

DE-CIX: CloudConnectivity

OpenNebula Project

DDC Demo

OpenNebula Project

Cloud Disaggregation with OpenNebula

OpenNebula Project

More from OpenNebula Project (20)