Programmable Networking with Open vSwitch · Programmable Networking with Open vSwitch Jesse Gross...
Transcript of Programmable Networking with Open vSwitch · Programmable Networking with Open vSwitch Jesse Gross...
![Page 1: Programmable Networking with Open vSwitch · Programmable Networking with Open vSwitch Jesse Gross LinuxCon September, 2013 . 2 Background: The Evolution of Data Centers Virtualization](https://reader030.fdocuments.us/reader030/viewer/2022033123/5e1acdd35f565f43c109a20a/html5/thumbnails/1.jpg)
© 2009 VMware Inc. All rights reserved
Programmable Networking with Open vSwitch
Jesse Gross
LinuxCon September, 2013
![Page 2: Programmable Networking with Open vSwitch · Programmable Networking with Open vSwitch Jesse Gross LinuxCon September, 2013 . 2 Background: The Evolution of Data Centers Virtualization](https://reader030.fdocuments.us/reader030/viewer/2022033123/5e1acdd35f565f43c109a20a/html5/thumbnails/2.jpg)
2
Background: The Evolution of Data Centers
Virtualization has created data center workloads that are large, rapidly changing, and location independent.
§ Enabled by a layer of software indirection between logical unit (virtual machine) and underlying hardware (physical machine).
§ The virtualization layer exposes a programmable API to what previously required a human to reconfigure.
§ Current networking has many of the same problems as traditional servers, limiting the benefits of virtualization.
Networking needs to be programmable
![Page 3: Programmable Networking with Open vSwitch · Programmable Networking with Open vSwitch Jesse Gross LinuxCon September, 2013 . 2 Background: The Evolution of Data Centers Virtualization](https://reader030.fdocuments.us/reader030/viewer/2022033123/5e1acdd35f565f43c109a20a/html5/thumbnails/3.jpg)
3
What is Open vSwitch?
Open vSwitch is an open source switching stack for virtualization.
The most powerful piece of real estate in a network is the edge and the hypervisor is the new edge.
Two ways to view OVS:
• Gaining back visibility and control that usually comes from the features of a hardware switch.
• An opportunity to exploit the flexibility that comes from software and virtualization.
Open vSwitch allows you to write a program to control your network.
![Page 4: Programmable Networking with Open vSwitch · Programmable Networking with Open vSwitch Jesse Gross LinuxCon September, 2013 . 2 Background: The Evolution of Data Centers Virtualization](https://reader030.fdocuments.us/reader030/viewer/2022033123/5e1acdd35f565f43c109a20a/html5/thumbnails/4.jpg)
4
Sample of Contributors
![Page 5: Programmable Networking with Open vSwitch · Programmable Networking with Open vSwitch Jesse Gross LinuxCon September, 2013 . 2 Background: The Evolution of Data Centers Virtualization](https://reader030.fdocuments.us/reader030/viewer/2022033123/5e1acdd35f565f43c109a20a/html5/thumbnails/5.jpg)
5
openvswitch.ko
ovsdb-server
User
Kernel
Control & Management Cluster
ovs-vswitchd
Management Protocol (6632/TCP) OpenFlow (6633/TCP) Netlink
Off-box
Open vSwitch Architecture
![Page 6: Programmable Networking with Open vSwitch · Programmable Networking with Open vSwitch Jesse Gross LinuxCon September, 2013 . 2 Background: The Evolution of Data Centers Virtualization](https://reader030.fdocuments.us/reader030/viewer/2022033123/5e1acdd35f565f43c109a20a/html5/thumbnails/6.jpg)
6
Basic Features
Open vSwitch brings many features standard in hardware devices to virtualized environments: • VLANs • LACP and other bonding modes
• STP • QoS shaping and policing
• ACLs over a range of L2-L4 protocols
• NetFlow, sFlow, IPFIX, mirroring • A variety of tunneling protocols
Plus remote programmability and management features: • OpenFlow 1.0 and experimental support for versions 1.1-1.3.
• All features and status remotely configurable and viewable.
• Many extensions for supporting high availability control clusters.
![Page 7: Programmable Networking with Open vSwitch · Programmable Networking with Open vSwitch Jesse Gross LinuxCon September, 2013 . 2 Background: The Evolution of Data Centers Virtualization](https://reader030.fdocuments.us/reader030/viewer/2022033123/5e1acdd35f565f43c109a20a/html5/thumbnails/7.jpg)
7
Advanced Capabilities
Programmability requires primitives more similar to a CPU than a network ASIC.
Over time, the flow table in Open vSwitch has slowly changed from a list of policies to a nearly general purpose processing pipeline.
Examples:
§ Resubmit: Move between multiple independent flow tables, similar to subroutines.
§ Registers: Storage for intermediate metadata, including manipulation functions such as a stack.
§ Learning: Dynamically generate new flows based on packet traffic patterns.
§ Hashing and Perform actions based on deterministic or probabilistic Sampling: properties of the traffic.
![Page 8: Programmable Networking with Open vSwitch · Programmable Networking with Open vSwitch Jesse Gross LinuxCon September, 2013 . 2 Background: The Evolution of Data Centers Virtualization](https://reader030.fdocuments.us/reader030/viewer/2022033123/5e1acdd35f565f43c109a20a/html5/thumbnails/8.jpg)
8
A Simple Switch Pipeline
Admission Control Input VLAN Processing
Learn Source
MAC/VLAN Lookup
Output Port Output VLAN
Processing
Open vSwitch makes it possible to emulate a traditional pipeline or extend for new models.
1. Flows to drop illegal packets (i.e. reserved addresses) and resubmit valid packets to the next stage.
2. Classify packets on ingress port and add VLAN tag. Resubmit to next stage.
3. Learning action to generate new flows based on source MAC, VLAN, and input port. Fields populate a template and placed in next stage. Resubmit.
4. Match flows generated by learning or use low priority flood flow. Resubmit.
5. Strip VLAN tag for access ports and output.
![Page 9: Programmable Networking with Open vSwitch · Programmable Networking with Open vSwitch Jesse Gross LinuxCon September, 2013 . 2 Background: The Evolution of Data Centers Virtualization](https://reader030.fdocuments.us/reader030/viewer/2022033123/5e1acdd35f565f43c109a20a/html5/thumbnails/9.jpg)
9
Performance
How does programmability impact forwarding rates?
0.1
1
10
100
1000
10000
0.001 0.01 0.1 1 10 100 1000 10000
Native OVS
Ban
dwid
th (M
bps)
Message Size (KB)
![Page 10: Programmable Networking with Open vSwitch · Programmable Networking with Open vSwitch Jesse Gross LinuxCon September, 2013 . 2 Background: The Evolution of Data Centers Virtualization](https://reader030.fdocuments.us/reader030/viewer/2022033123/5e1acdd35f565f43c109a20a/html5/thumbnails/10.jpg)
10
Performance
Many aspects of performance:
Established Flows:
New flows are sent to userspace and exact match entries are installed in the kernel. All classification happens in userspace, out of the fast path. Most additional features do not affect performance.
Connection Setup:
Most challenging case for Open vSwitch. Optimizations are currently under development to both reduce the number of unique flows and increase the speed of setup.
Many Sustained Connections:
A large number of flows does not directly affect throughput but the overhead of maintaining statistics increases. Heuristics are used to balance the rate of updates with overhead.
![Page 11: Programmable Networking with Open vSwitch · Programmable Networking with Open vSwitch Jesse Gross LinuxCon September, 2013 . 2 Background: The Evolution of Data Centers Virtualization](https://reader030.fdocuments.us/reader030/viewer/2022033123/5e1acdd35f565f43c109a20a/html5/thumbnails/11.jpg)
11
Integration Points: libvirt and OpenStack
Quantum Open vSwitch
Plugin
Nova
Swift
OVS + libvirt
Hypervisors Two main touch points between Open vSwitch and the rest of the environment:
libvirt (0.9.11): VM lifecycle on hypervisors – attach ports to bridges.
OpenStack/Quantum (Folsom): Manage many Open vSwitch instances to create network abstractions.
![Page 12: Programmable Networking with Open vSwitch · Programmable Networking with Open vSwitch Jesse Gross LinuxCon September, 2013 . 2 Background: The Evolution of Data Centers Virtualization](https://reader030.fdocuments.us/reader030/viewer/2022033123/5e1acdd35f565f43c109a20a/html5/thumbnails/12.jpg)
12
Physical Compute & Memory
Server Hypervisor Requirement: x86
Virtual Machine
Virtual Machine
Virtual Machine
Application Application Application
x86 Environment
Physical Network
Network Virtualization Platform Requirement: IP Transport
Virtual Network
Virtual Network
Virtual Network
Workload Workload Workload
L2, L3, L4-7 Network Services
Decoupled
Tying It All Together: Network Virtualization
![Page 13: Programmable Networking with Open vSwitch · Programmable Networking with Open vSwitch Jesse Gross LinuxCon September, 2013 . 2 Background: The Evolution of Data Centers Virtualization](https://reader030.fdocuments.us/reader030/viewer/2022033123/5e1acdd35f565f43c109a20a/html5/thumbnails/13.jpg)
13
Future Directions
Performance • Wildcards in the kernel to reduce flow setups
• Userspace multi-threading
• General optimization
Increased Integration • Tunnel upstreaming
• Further native support from both hypervisor and network management tools
• Additional use of Linux components, particularly for stateful features
Additional Features • Production-ready support for OpenFlow 1.1+
• Additional protocols and networking functionality
• More programmability and controller assistance
Contribute: http://openvswitch.org
![Page 14: Programmable Networking with Open vSwitch · Programmable Networking with Open vSwitch Jesse Gross LinuxCon September, 2013 . 2 Background: The Evolution of Data Centers Virtualization](https://reader030.fdocuments.us/reader030/viewer/2022033123/5e1acdd35f565f43c109a20a/html5/thumbnails/14.jpg)
14
Q & A