DockerCon EU 2015: Using Docker and SDN for telco-grade applications
-
Upload
docker-inc -
Category
Technology
-
view
7.825 -
download
0
Transcript of DockerCon EU 2015: Using Docker and SDN for telco-grade applications
Using Docker and SDN for telco-grade applications@NicoJanssens – Bell Labs
@FlorianOtel – Nuage Networks
KEY TAKE-AWAYS
Evolution: Traditional telco -> agile methodologies and micro-service oriented solutions
Use Case: Using Docker as enabling technology to facilitate this transformation
Lesson learned: Advanced SDN support required to facilitate more sophisticated deployment scenarios
3COPYRIGHT © 2014 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
WHO ARE WE? Nico Janssens
Bell Labs researcher @ ALUVirtualization enthusiastHackerUsing Docker since v0.7 (on a raspberry pi …)
Florian Otel
EMEA Director for Business Development and Strategy @ Nuage NetworksFirst time using Docker: Oct 2013
Operational costs pressures push Telcos to virtualize environments while preserving non-functional requirements
• 5 nines availability• Reliability• Performance and response times
MOVING AWAY FROM TRAD TELCO SERVICE DESIGN
Additional non-functional requirements to take into account
• Scalability• Elasticity• Agility• Operability and portability
Low overheadPortabilityMicro-service architecturesActive eco-systemPublic image registriesFacilitates dev-ops methodology
MOVING AWAY FROM TRAD TELCO SERVICE DESIGNBELL LABS VIEW
DOCKER AND TELCO SERVICES BELL LABS PROJECTS
New Network Analytics Service
Next-gen communication services
New Communication ServiceKey Goal: Simplify interactions among people, machines, and their environments
• From transaction-oriented Web model to persistent conversations
• Uniform interaction model for people, machines, and objects
• Rich context-based communications and collaboration
Mobile 5G Network
WIFI Network Edge Cloud
HubDevice
Distributed Cloud Platform
For Heterogeneous
HW infrastructure
Home
High Performance & Predictability
Small footprints
CentralCloud
New Home/IoT Service Platform
Sensor networkWiFi network
Mobile 5G network
USE CASE ARCHITECTUREMICRO-SERVICE CHAT ARCHITECTURE
load balancer
WS servermessage broker
key-value
database
document-oriented
db
Stateless WorkersChat-Thread Mgr
User MgrGroup Mgr
User View Mgr
User Presence MgrPush Notification Adapter
Call Mgr…
TURN/STUN Media Server
SDK
mobile client
web browser
machine buddies
web storage
distributed object store
and FS
RT + batch analytics
HTTP server
location and geo-fencing service
USE-CASE DEVELOPMENT – Why we chose Docker
8
Low overhead ✔Portability ✔Micro-service architectures ✔Active eco-system ✔Public image registries ✔Facilitates dev-ops methodology ✔…
DOCKER TOOLBOX
DOCKER COMPOSE
DOCKER REGISTRY
INITIAL PRODUCTION DESIGN20 node cluster with RANCHER and DOCKER
Datacenter
Host Host Host
…
RancherAgent
RancherAgent
Private IP Net
Server
FirewallNAT, DHCP,
LB,DNS
DockerDaemon
DockerDaemon
VM
RancherAgent
DockerDaemon
WorkerContainer WorkerContainer
ContainerNative Process
Rancher Cluster Manager• Native Docker support• Re-usage of Docker Compose files
• Low entry hurdle• Dashboard• Redundancy
Public Cloud Operator
MISSING: Mature SDN support for federation
Mgmt Server
RancherMgmt
DockerRegistry
Mgmt Server
RancherMgmt
DockerRegistry
Server
FirewallNAT, DHCP,
LB,DNS
TELCO-GRADE SERVICES – Network fabric requirements
Hybrid deployment scenarios Policies Stringent QoS requirements Security constraints
10
12/11/15
Software Defined Networking
VPN
VPN
VPN
VPN Internet
Network Virtualization
Massive IPScale
Policy BasedEndpoint Attachment
Proven technologies of VPNs (network virtualization), IP (scaling) and Mobile ( policy) applied to SDN
Nuage templates and role-based workflow
Compute Management
Tenant / Application Request
Compute Requestcompleted in sub-second
time
Service velocity is not hindered by network-centric operations
Auto-instantiation
00:01
IP Address
WAN interconnect
Policy/Security Zones
L2 /L3 Service AD
Network ChangeCompleted automatically
Service chaining
Template->Instances
Virtualized Services Directory (VSD)
Virtualized Services Controller (VSC)
Virtual Routing & Switching (VRS)
Nuage Networks Virtualized Services Platform (VSP)
• Business/IT policy engine (definition of rules)
• Service templates and Analytics
• SDN Controller• Instantaneous programming of the
network
• Virtualized service edge• Event-driven automation• Integration of bare-metal assets
Provide unified IP Fabrics
Unified IP FabricSecure GW Secure GW
VRS
VRS
VirtualizedServices
Controller
Virtualized Services
Directory
VRS
VRS
VirtualizedServices
Controller
Virtualized Services
Directory
Public Cloud Private Cloud
MP-BGPExchange Network information
XMPP (Span of control)Exchange Application Policies
- Home/Visiting Policy approach
Legacy VM
L2 and/or L3
(VLAN, VXLAN, GRE)
Virtual Router and Switch(VRS)
VRS-H*
VRS-G
VRS-X
VRS-V
Citrix XEN Hypervisors
VMware vSphere Hypervisors
Microsoft Hyper-V Hypervisors
SW Gateway for Bare Metal Servers &Appliances
KVM Hypervisors
VRS-K
Hardware gateway for Bare Metal/MaaS
VRS-T
L2-L4 VIRTUAL SWITCH• Open vswitch-based • Provides both VXLAN
and MPLSoGRE tunnel encapsulation options
• Programmed through OpenFlow from VSC, Encapsulates VM flow into preferred protocol (L2 or L3)
• Detects VM instantiation and teardownOpenFlow
XMPP
VirtualizedServicesDirectory
VirtualizedServicesController
Virtual Routing &Switching
Host
Virtual Routing &Switching
Hypervisor
Virtual Router and Switch (VRS)
• VIRTUAL MACHINE BASED
• SDN CONTROLLER• POWERED BY
SERVICE ROUTER OPERATING SYSTEM (SROS)
• PEERING & FEDERATION
• AUTO-DISCOVERY• TENANT SLICING
Virtualized Services Controller
(VSC)SROS BASEDSMNP/CLIBGP/IGP
SERVICE MGRForwarding dBRIB/FIB
XMPP
OPENFLOWControl pathto VRS
Message bus for:Event NotificationsPolicy Push
Security
Load Balancer
OpenFlow
XMPP
VirtualizedServicesDirectory
VirtualizedServicesController
Virtual Routing &Switching
Virtualized Services Controller (VSC)
Host
OpenFlow
XMPP
Virtualized Services Directory
(VSD)
• VIRTUAL MACHINE BASED
• SERVICE DEFINITION• POLICY
ESTABLISHMENT• SERVICE TEMPLATING• ANALYTICS ENGINE &
REPORTING
NETWORKS
SECURITY
QOS
STATISTICS
ZONE POLICIES:WEB ACCESSBACKEND LOGICETC.
CRM APP :- VM“80MBPS – REAL TIME”
THRESHHOLD ALARM
UI
REST API
MessageBus
Domain
Zones
Subnets
Policies
VPNPublic
Internet
VirtualizedServicesDirectory
VirtualizedServicesController
Virtual Routing &Switching
Virtualized Services Director (VSD)
UI
Host
Network virtualization with Nuage NetworksFederated Datacenter Services (multiple CMS)
Cloud Service Management Plane
Datacenter Control Plane
DatacenterData Plane
Brooklyn Datacenter - Zone 1
VirtualizedServicesDirectory
VirtualizedServicesController
HOST
HOST
HOST
HOST
HOST
HOST
Cloud M
anager to Hypervisor com
munications
HOST
HOST
HOST
Brooklyn Datacenter - Zone 2
HOST
HOST
HOST
Network Services
Manhattan Datacenter - Zone 2
Federation of Controllers
EdgeRouter
MPLS(MP-BGP) Service
Provider Control Plane
Service Provider Data Plane
BusinessVPN Service
PrivateDatacenter
MP-BGPMP-BGP
Domain
Subnets
VPNInternet
ZonesPolicies
Live DemoPlease pray the Demo Gods be with us today
… else we will show you slides with screenshots
Additional informationNuage SDN resources -- repos:
* official / stable: github.com/nuagenetworks/* unofficial / “radioactive”:
github.com/FlorianOtel/docker-vsp-plugin github.com/FlorianOtel/gonuageshell
SDN performance metrics: Network connectivity and policy for 100’000 Docker containers in 7.5 minutes
(demonstrated at Network Tech Field Day 2014)
Thank you!Nico Janssens & Florian Otel@NicoJanssens
@FlorianOtel