SlideShare uma empresa Scribd logo

Cloud Native SDN

Romana Project
Romana Project

Feb 11, 2016 Romana Cloud Native SDN Presentation at Kubernetes Meetup

Internet
1 de 17
Baixar para ler offline
Kubernetes v1.2 Multi-tenant Networking Romana Cloud Native SDN Chris Marino Robert Starmer romana.ioKubernetes Meetup 2/11/16
Multi-tenant Networking • Agenda • Cloud Native Networks • Romana Cloud Native SDN • How it works • Demo • Q & A Kubernetes Meetup 2/11/16 romana.io Slide 1
Cloud Native vs. Enterprise Networks • Amazon AWS Style v. Enterprise Apps • Service orientation (Cattle) v. Endpoint orientation (Pets) • Network requirements • Reachable IP addresses v. Auto discovered MAC (ARP on VLANs) • Service orientation further decouples apps from infrastructure • No VM migration • No IP Failover • Good News: Cloud Native apps don’t need layer 2 networks • Layer 2 networks introduce a lot of SDN complexity • Bad News: Layer 2 networks provided a convenient way to isolate apps romana.ioKubernetes Meetup 2/11/16 Slide 2
Romana Cloud Native SDN • Layer 3 based isolation and tenancy model • Topology-aware addressing • Embed tenant and segment IDs in IP addresses • Requires nothing more than standard L3 routing • Hierarchical design simplifies scalable deployment • No virtual network required • Native performance and visibility • Eliminates overlays romana.ioKubernetes Meetup 2/11/16 Slide 3
Complexity melts away • No VLANs, VXLANs, VTEP/VNID, OpenFlow, OVS/OVN/OVSDB • Route aggregation simplifies operations • Static routing eliminates need for route distribution (BGP, XMPP, KVS) • Reduces the number of firewall rules (i.e. network v. endpoint) • Simplifies Operations • Existing tools, techniques and diagnostics all just work • Existing security, policy and control systems all work • Firewalls, IDS, LB, etc., etc., etc. Kubernetes Meetup 2/11/16 romana.io Slide 4
How does it work? • Assign CIDR length for host (node), tenant and segment • Example: host 16, tenant 24, segment 28 • On every host, each tenant gets a real physical CIDR • Tenant can further sub-net for their own private segments • Configure IP addresses that maintain reachability • Apply layer 3 firewall rules for network isolation Kubernetes Meetup 2/11/16 romana.io Slide 5
Example Kubernetes Meetup 2/11/16 romana.io Slide 6 Bit location 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 Field Capacity 0 0 0 0 1 0 1 0 Example: Bits Length Purpose 10/8 Network 8 10/8 Network Hosts 8 Up to 255 Hosts Tenants 8 Up to 255 Tenants Segments 4 Up to 16 Segments per Tenant Endpoints 4 Up to 16 Endpoints per Segment Host 1 ID CIDR or IP Host 2 ID CIDR or IP Host 3 ID CIDR or IP Physical Addr 192.168.0.10 Physical Addr 192.168.0.11 Physical Addr 192.168.0.12 Host 1 10.1/16 Host 2 10.2/16 Host 3 10.3/16 Tenant 1 10.1.1/24 Tenant 1 10.2.1/24 Tenant 1 10.3.1/24 Segment 1 10.1.1.16/28 Segment 1 10.2.1.16/28 Segment 1 10.3.1.16/28 Pod 1 11 Pod 1 4 Pod 1 4 Pod 2 14 Pod 2 5 Pod 2 5 Tenant 2 10.1.2/24 Tenant 1 10.2.1/24 Tenant 2 10.3.2/24 Segment 1 10.1.2.16/28 Segment 2 10.2.1.32/28 Segment 1 10.3.2.32/28 Pod 1 4 Pod 1 9 Pod 1 9 Pod 2 8 Pod 2 12 Pod 2 12 Location 10/8 Net Mask Host ID Bits (8) Tenant ID Bits (8) Segment ID and IID Up to 255 Hosts Up to 255 Tenants 255 Endpoints for each Tenant 10.1.1.27 10.3.2.28 10.3.2.25 10.3.1.21 10.3.1.20 10.2.1.44 10.2.1.41 10.2.1.21 10.2.1.20 10.1.2.24 10.1.2.20 10.1.1.40 32 28 24 16 8 29-32 25-28 17-24 9-16 1-8
Host 1: 192.168.0.10 on Port 1 Host 2: 192.168.0.11 on Port 2 Host 3: 192.168.0.12 on Port 3 Router, Switch or VPC Physical Deployment Kubernetes Meetup 2/11/16 romana.io 192.168.0.10 192.168.0.11 192.168.0.12 Host 1 Pod 1 1.1.27 G/W: 10.1.0.1/16 Pod 2 1.1.40 Pod 1 1.2.20 Pod 2 1.2.24 Tap Interfaces Host 2 Pod 1 2.1.20 G/W: 10.2.0.1/16 Pod 2 2.1.21 Pod 1 2.1.41 Pod 2 2.1.44 Tap Interfaces Host 3 Pod 1 3.1.20 G/W: 10.3.0.1/16 Pod 2 3.1.21 Pod 1 3.2.25 Pod 2 3.2.28 Tap Interfaces Slide 7
Romana Project • Cloud Native SDN • All details available at romana.io • Open source • Apache 2.0 • Written in Go • www.github.com/romana • Release v0.6.4 available now • Integration with OpenStack • Kubernetes integration very soon romana.ioKubernetes Meetup 2/11/16 Slide 8
Node n Node n Node n Node n Node n KubletAgent Kube Proxy Docker /rkt Pod Pod iptables CNI Romana Romana Networks Kubernetes Meetup 2/11/16 romana.io K8S Master IPAM Routes Tenant DB Topology Controllers Scheduler API etcd ThirdParty Resource Network Policy Schema Slide 9 Policy /apis/romana.io/demo/v1 Pod/Service Spec Network Policy
Network Policy Resource Kubernetes Meetup 2/11/16 romana.io Slide 10 name: network-policy.romana.io apiVersion: extensions/v1beta1 kind: ThirdPartyResource description: “Romana Network Policy Third Party Resource Schema" versions: - name: demo/v1 Resulting API Endpoint /apis/romana.io/demo/v1/networkpolicy/
www.romana.io Tenant t1 Pod Specifications • Frontend apiVersion: v1 kind: Pod metadata: name: nginx-frontend labels: app: nginx owner: t1 tier: frontend spec: containers: - name: nginx image: nginx ports: - containerPort: 80 • Backend apiVersion: v1 kind: Pod metadata: name: nginx-backend labels: app: nginx owner: t1 tier: backend spec: containers: - name: nginx image: nginx ports: - containerPort: 80 Kubernetes Meetup 2/11/16 romana.io Slide 11
www.romana.io Replication Controller • Tenant t2 apiVersion: v1 kind: ReplicationController metadata: name: nginx-default spec: replicas: 3 template: metadata: labels: app: guestbook tier: default owner: t2 spec: containers: - name: nginx-default image: nginx ports: - containerPort: 80 Kubernetes Meetup 2/11/16 romana.io Slide 12
www.romana.io Pod Specifications • Frontend apiVersion: v1 kind: Pod metadata: name: nginx-frontend labels: app: nginx owner: t1 tier: frontend spec: containers: - name: nginx image: nginx ports: - containerPort: 80 • Backend apiVersion: v1 kind: Pod metadata: name: nginx-backend labels: app: nginx owner: t1 tier: backend spec: containers: - name: nginx image: nginx ports: - containerPort: 80 Kubernetes Meetup 2/11/16 romana.io Slide 13
Network Policy • Policy1 kind: NetworkPolicy apiVersion: romana.io/demo/v1 metadata: name: policy1 namespace: default labels: - owner: t1 spec: podSelector: // Standard label selector - selects pods. tier: backend allowIncoming: // (Optional) List of allow rules. - toPorts: // (Optional) List of dest ports to open. - port: 80 // (Optional) Numeric or named port protocol: TCP // [ TCP | UDP] from: // (Optional) List of sources. - pods: // (Optional) Standard label selector. tier: frontend // (Optional) Standard label selector. Kubernetes Meetup 2/11/16 romana.io Slide 14
Router, Switch or VPC Demo Kubernetes Meetup 2/11/16 romana.io 192.168.0.10 192.168.0.11 Host 1 T1 1.1.27 G/W: 10.1.0.1/16 T1 1.1.40 FE 1.2.20 BE 1.2.44 Tap Interfaces Host 2 T1 2.1.20 G/W: 10.2.0.1/16 Tap Interfaces Slide 15
Demo • Running Kubernetes on x EC2 instances • Romana Services running on Kubernetes Master • Demo Script 1. Apply NetworkPolicy ThirdParty Schema 2. Launch Pods as different isolated tenants 3. Within a single tenant, launch Pods on separate Tiers 4. Apply Network Policy to Tiers 5. Show Policy Enforcement Kubernetes Meetup 2/11/16 romana.io Slide 16

Recomendados

Bay Area Network Virtualization Meetup
Bay Area Network Virtualization MeetupBay Area Network Virtualization Meetup
Bay Area Network Virtualization MeetupRomana Project
 
KubeCon London 2016 Ronana Cloud Native SDN
KubeCon London 2016 Ronana Cloud Native SDNKubeCon London 2016 Ronana Cloud Native SDN
KubeCon London 2016 Ronana Cloud Native SDNRomana Project
 
OpenStack Ops Meetup
OpenStack Ops MeetupOpenStack Ops Meetup
OpenStack Ops MeetupRomana Project
 
OpenStack Summit Pluggable IPAM
OpenStack Summit Pluggable IPAMOpenStack Summit Pluggable IPAM
OpenStack Summit Pluggable IPAMRomana Project
 
Simplifying open stack and kubernetes networking with romana
Simplifying open stack and kubernetes networking with romanaSimplifying open stack and kubernetes networking with romana
Simplifying open stack and kubernetes networking with romanaJuergen Brendel
 
KubeCon EU 2016: Secure, Cloud-Native Networking with Project Calico
KubeCon EU 2016: Secure, Cloud-Native Networking with Project CalicoKubeCon EU 2016: Secure, Cloud-Native Networking with Project Calico
KubeCon EU 2016: Secure, Cloud-Native Networking with Project CalicoKubeAcademy
 
DevOps Guide to Container Networking
DevOps Guide to Container NetworkingDevOps Guide to Container Networking
DevOps Guide to Container NetworkingDirk Wallerstorfer
 
OpenStack in Action 4! Emilien Macchi & Sylvain Afchain - What's new in neutr...
OpenStack in Action 4! Emilien Macchi & Sylvain Afchain - What's new in neutr...OpenStack in Action 4! Emilien Macchi & Sylvain Afchain - What's new in neutr...
OpenStack in Action 4! Emilien Macchi & Sylvain Afchain - What's new in neutr...eNovance
 

Recomendados

Bay Area Network Virtualization Meetup
Bay Area Network Virtualization MeetupBay Area Network Virtualization Meetup
Bay Area Network Virtualization MeetupRomana Project
 
KubeCon London 2016 Ronana Cloud Native SDN
KubeCon London 2016 Ronana Cloud Native SDNKubeCon London 2016 Ronana Cloud Native SDN
KubeCon London 2016 Ronana Cloud Native SDNRomana Project
 
OpenStack Ops Meetup
OpenStack Ops MeetupOpenStack Ops Meetup
OpenStack Ops MeetupRomana Project
 
OpenStack Summit Pluggable IPAM
OpenStack Summit Pluggable IPAMOpenStack Summit Pluggable IPAM
OpenStack Summit Pluggable IPAMRomana Project
 
Simplifying open stack and kubernetes networking with romana
Simplifying open stack and kubernetes networking with romanaSimplifying open stack and kubernetes networking with romana
Simplifying open stack and kubernetes networking with romanaJuergen Brendel
 
KubeCon EU 2016: Secure, Cloud-Native Networking with Project Calico
KubeCon EU 2016: Secure, Cloud-Native Networking with Project CalicoKubeCon EU 2016: Secure, Cloud-Native Networking with Project Calico
KubeCon EU 2016: Secure, Cloud-Native Networking with Project CalicoKubeAcademy
 
DevOps Guide to Container Networking
DevOps Guide to Container NetworkingDevOps Guide to Container Networking
DevOps Guide to Container NetworkingDirk Wallerstorfer
 
OpenStack in Action 4! Emilien Macchi & Sylvain Afchain - What's new in neutr...
OpenStack in Action 4! Emilien Macchi & Sylvain Afchain - What's new in neutr...OpenStack in Action 4! Emilien Macchi & Sylvain Afchain - What's new in neutr...
OpenStack in Action 4! Emilien Macchi & Sylvain Afchain - What's new in neutr...eNovance
 
OpenStack: Virtual Routers On Compute Nodes
OpenStack: Virtual Routers On Compute NodesOpenStack: Virtual Routers On Compute Nodes
OpenStack: Virtual Routers On Compute Nodesclayton_oneill
 
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...Cloud Native Day Tel Aviv
 
OpenStack Neutron's Distributed Virtual Router
OpenStack Neutron's Distributed Virtual RouterOpenStack Neutron's Distributed Virtual Router
OpenStack Neutron's Distributed Virtual Routercarlbaldwin
 
Simplifying and Securing your OpenShift Network with Project Calico
Simplifying and Securing your OpenShift Network with Project CalicoSimplifying and Securing your OpenShift Network with Project Calico
Simplifying and Securing your OpenShift Network with Project CalicoAndrew Randall
 
Container Networking: the Gotchas (Mesos London Meetup 11 May 2016)
Container Networking: the Gotchas (Mesos London Meetup 11 May 2016)Container Networking: the Gotchas (Mesos London Meetup 11 May 2016)
Container Networking: the Gotchas (Mesos London Meetup 11 May 2016)Andrew Randall
 
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack NetworkingONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networkingmarkmcclain
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes NetworkingGiragadurai Vallirajan
 
Overlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container NetworkingOverlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container NetworkingLee Calcote
 
Neutron DVR
Neutron DVRNeutron DVR
Neutron DVREdgar Magana
 
Simplifying the OpenStack and Kubernetes network stack with Romana
Simplifying the OpenStack and Kubernetes network stack with RomanaSimplifying the OpenStack and Kubernetes network stack with Romana
Simplifying the OpenStack and Kubernetes network stack with RomanaJuergen Brendel
 
How to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need toHow to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need tosalv_orlando
 
OpenStack networking - Neutron deep dive with PLUMgrid
OpenStack networking - Neutron deep dive with PLUMgridOpenStack networking - Neutron deep dive with PLUMgrid
OpenStack networking - Neutron deep dive with PLUMgridKamesh Pemmaraju
 
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...Dave Neary
 
L2 and L3 agent restructure
L2 and L3 agent restructureL2 and L3 agent restructure
L2 and L3 agent restructureRossella Sblendido
 
Kubernetes networking & Security
Kubernetes networking & SecurityKubernetes networking & Security
Kubernetes networking & SecurityVietnam Open Infrastructure User Group
 
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...Karthik Prabhakar
 
Sfo17 109 containerized vn fs with data plane acceleration on arm platform
Sfo17 109 containerized vn fs with data plane acceleration on arm platformSfo17 109 containerized vn fs with data plane acceleration on arm platform
Sfo17 109 containerized vn fs with data plane acceleration on arm platformLinaro
 
FreeSWITCH as a Microservice
FreeSWITCH as a MicroserviceFreeSWITCH as a Microservice
FreeSWITCH as a MicroserviceEvan McGee
 
OpenStack Neutron Liberty Updates
OpenStack Neutron Liberty UpdatesOpenStack Neutron Liberty Updates
OpenStack Neutron Liberty Updatesmestery
 
Building the Internet of Things with Thingsquare and Contiki - day 1, part 2
Building the Internet of Things with Thingsquare and Contiki - day 1, part 2Building the Internet of Things with Thingsquare and Contiki - day 1, part 2
Building the Internet of Things with Thingsquare and Contiki - day 1, part 2Adam Dunkels
 
Docker meetup oct14
Docker meetup oct14Docker meetup oct14
Docker meetup oct14Vipin Jain
 
Production Challenges for Container Networking
Production Challenges for Container NetworkingProduction Challenges for Container Networking
Production Challenges for Container NetworkingVipin Jain
 

Mais conteúdo relacionado

Mais procurados

OpenStack: Virtual Routers On Compute Nodes
OpenStack: Virtual Routers On Compute NodesOpenStack: Virtual Routers On Compute Nodes
OpenStack: Virtual Routers On Compute Nodesclayton_oneill
 
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...Cloud Native Day Tel Aviv
 
OpenStack Neutron's Distributed Virtual Router
OpenStack Neutron's Distributed Virtual RouterOpenStack Neutron's Distributed Virtual Router
OpenStack Neutron's Distributed Virtual Routercarlbaldwin
 
Simplifying and Securing your OpenShift Network with Project Calico
Simplifying and Securing your OpenShift Network with Project CalicoSimplifying and Securing your OpenShift Network with Project Calico
Simplifying and Securing your OpenShift Network with Project CalicoAndrew Randall
 
Container Networking: the Gotchas (Mesos London Meetup 11 May 2016)
Container Networking: the Gotchas (Mesos London Meetup 11 May 2016)Container Networking: the Gotchas (Mesos London Meetup 11 May 2016)
Container Networking: the Gotchas (Mesos London Meetup 11 May 2016)Andrew Randall
 
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack NetworkingONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networkingmarkmcclain
 
Overlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container NetworkingOverlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container NetworkingLee Calcote
 
Simplifying the OpenStack and Kubernetes network stack with Romana
Simplifying the OpenStack and Kubernetes network stack with RomanaSimplifying the OpenStack and Kubernetes network stack with Romana
Simplifying the OpenStack and Kubernetes network stack with RomanaJuergen Brendel
 
How to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need toHow to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need tosalv_orlando
 
OpenStack networking - Neutron deep dive with PLUMgrid
OpenStack networking - Neutron deep dive with PLUMgridOpenStack networking - Neutron deep dive with PLUMgrid
OpenStack networking - Neutron deep dive with PLUMgridKamesh Pemmaraju
 
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...Dave Neary
 
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...Karthik Prabhakar
 
Sfo17 109 containerized vn fs with data plane acceleration on arm platform
Sfo17 109 containerized vn fs with data plane acceleration on arm platformSfo17 109 containerized vn fs with data plane acceleration on arm platform
Sfo17 109 containerized vn fs with data plane acceleration on arm platformLinaro
 
FreeSWITCH as a Microservice
FreeSWITCH as a MicroserviceFreeSWITCH as a Microservice
FreeSWITCH as a MicroserviceEvan McGee
 
OpenStack Neutron Liberty Updates
OpenStack Neutron Liberty UpdatesOpenStack Neutron Liberty Updates
OpenStack Neutron Liberty Updatesmestery
 
Building the Internet of Things with Thingsquare and Contiki - day 1, part 2
Building the Internet of Things with Thingsquare and Contiki - day 1, part 2Building the Internet of Things with Thingsquare and Contiki - day 1, part 2
Building the Internet of Things with Thingsquare and Contiki - day 1, part 2Adam Dunkels
 

Mais procurados (20)

OpenStack: Virtual Routers On Compute Nodes
OpenStack: Virtual Routers On Compute NodesOpenStack: Virtual Routers On Compute Nodes
OpenStack: Virtual Routers On Compute Nodes
 
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...
 
OpenStack Neutron's Distributed Virtual Router
OpenStack Neutron's Distributed Virtual RouterOpenStack Neutron's Distributed Virtual Router
OpenStack Neutron's Distributed Virtual Router
 
Simplifying and Securing your OpenShift Network with Project Calico
Simplifying and Securing your OpenShift Network with Project CalicoSimplifying and Securing your OpenShift Network with Project Calico
Simplifying and Securing your OpenShift Network with Project Calico
 
Container Networking: the Gotchas (Mesos London Meetup 11 May 2016)
Container Networking: the Gotchas (Mesos London Meetup 11 May 2016)Container Networking: the Gotchas (Mesos London Meetup 11 May 2016)
Container Networking: the Gotchas (Mesos London Meetup 11 May 2016)
 
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack NetworkingONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes Networking
 
Overlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container NetworkingOverlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container Networking
 
Neutron DVR
Neutron DVRNeutron DVR
Neutron DVR
 
Simplifying the OpenStack and Kubernetes network stack with Romana
Simplifying the OpenStack and Kubernetes network stack with RomanaSimplifying the OpenStack and Kubernetes network stack with Romana
Simplifying the OpenStack and Kubernetes network stack with Romana
 
How to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need toHow to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need to
 
OpenStack networking - Neutron deep dive with PLUMgrid
OpenStack networking - Neutron deep dive with PLUMgridOpenStack networking - Neutron deep dive with PLUMgrid
OpenStack networking - Neutron deep dive with PLUMgrid
 
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...
Networking in OpenStack for non-networking people: Neutron, Open vSwitch and ...
 
L2 and L3 agent restructure
L2 and L3 agent restructureL2 and L3 agent restructure
L2 and L3 agent restructure
 
Kubernetes networking & Security
Kubernetes networking & SecurityKubernetes networking & Security
Kubernetes networking & Security
 
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
Container Networking - State of the Ecosystem [ContainerConf, Mannheim, Nov 2...
 
Sfo17 109 containerized vn fs with data plane acceleration on arm platform
Sfo17 109 containerized vn fs with data plane acceleration on arm platformSfo17 109 containerized vn fs with data plane acceleration on arm platform
Sfo17 109 containerized vn fs with data plane acceleration on arm platform
 
FreeSWITCH as a Microservice
FreeSWITCH as a MicroserviceFreeSWITCH as a Microservice
FreeSWITCH as a Microservice
 
OpenStack Neutron Liberty Updates
OpenStack Neutron Liberty UpdatesOpenStack Neutron Liberty Updates
OpenStack Neutron Liberty Updates
 
Building the Internet of Things with Thingsquare and Contiki - day 1, part 2
Building the Internet of Things with Thingsquare and Contiki - day 1, part 2Building the Internet of Things with Thingsquare and Contiki - day 1, part 2
Building the Internet of Things with Thingsquare and Contiki - day 1, part 2
 

Destaque

Docker meetup oct14
Docker meetup oct14Docker meetup oct14
Docker meetup oct14Vipin Jain
 
Production Challenges for Container Networking
Production Challenges for Container NetworkingProduction Challenges for Container Networking
Production Challenges for Container NetworkingVipin Jain
 
WinOps Conf 2016 - Jeffrey Snover - The DevOpsification of Windows Server
WinOps Conf 2016 - Jeffrey Snover - The DevOpsification of Windows ServerWinOps Conf 2016 - Jeffrey Snover - The DevOpsification of Windows Server
WinOps Conf 2016 - Jeffrey Snover - The DevOpsification of Windows ServerWinOps Conf
 
Container Networking Challenges for Production Readiness
Container Networking Challenges for Production ReadinessContainer Networking Challenges for Production Readiness
Container Networking Challenges for Production ReadinessVipin Jain
 
DockerCon US 2016 - Docker Networking deep dive
DockerCon US 2016 - Docker Networking deep diveDockerCon US 2016 - Docker Networking deep dive
DockerCon US 2016 - Docker Networking deep diveMadhu Venugopal
 
Kubernetes meetup: Networking for Microservices
Kubernetes meetup: Networking for MicroservicesKubernetes meetup: Networking for Microservices
Kubernetes meetup: Networking for MicroservicesSukhesh Halemane
 
Come With Golang
Come With GolangCome With Golang
Come With Golang尚文 曾
 
[INNOVATUBE] Tech Talk #3: Golang - Takaaki Mizuno
[INNOVATUBE] Tech Talk #3: Golang - Takaaki Mizuno [INNOVATUBE] Tech Talk #3: Golang - Takaaki Mizuno
[INNOVATUBE] Tech Talk #3: Golang - Takaaki MizunoNexus FrontierTech
 
Evolving Virtual Networking with IO Visor [OpenStack Summit Austin | April 2016]
Evolving Virtual Networking with IO Visor [OpenStack Summit Austin | April 2016]Evolving Virtual Networking with IO Visor [OpenStack Summit Austin | April 2016]
Evolving Virtual Networking with IO Visor [OpenStack Summit Austin | April 2016]IO Visor Project
 
Container Networking Meetup March 31 2016
Container Networking Meetup March 31 2016Container Networking Meetup March 31 2016
Container Networking Meetup March 31 2016Andrew Randall
 
Jenkins vs gogs
Jenkins vs gogsJenkins vs gogs
Jenkins vs gogsAaron King
 
Pachyderm: Building a Big Data Beast On Kubernetes
Pachyderm: Building a Big Data Beast On KubernetesPachyderm: Building a Big Data Beast On Kubernetes
Pachyderm: Building a Big Data Beast On KubernetesKubeAcademy
 
Golang basics for Java developers - Part 1
Golang basics for Java developers - Part 1Golang basics for Java developers - Part 1
Golang basics for Java developers - Part 1Robert Stern
 
Docker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversDocker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversBrent Salisbury
 
Unified Underlay and Overlay SDNs for OpenStack Clouds
Unified Underlay and Overlay SDNs for OpenStack CloudsUnified Underlay and Overlay SDNs for OpenStack Clouds
Unified Underlay and Overlay SDNs for OpenStack CloudsPLUMgrid
 
Docker Networking & Swarm Mode Introduction
Docker Networking & Swarm Mode IntroductionDocker Networking & Swarm Mode Introduction
Docker Networking & Swarm Mode IntroductionPhi Huynh
 
Lying, Cheating, and Winning with Containers in Networking
Lying, Cheating, and Winning with Containers in NetworkingLying, Cheating, and Winning with Containers in Networking
Lying, Cheating, and Winning with Containers in NetworkingSargun Dhillon
 
Golang start and tips
Golang start and tipsGolang start and tips
Golang start and tipsAaron King
 
Segment Routing
Segment RoutingSegment Routing
Segment RoutingAPNIC
 
Docker networking Tutorial 101
Docker networking Tutorial 101Docker networking Tutorial 101
Docker networking Tutorial 101LorisPack Project
 

Destaque (20)

Docker meetup oct14
Docker meetup oct14Docker meetup oct14
Docker meetup oct14
 
Production Challenges for Container Networking
Production Challenges for Container NetworkingProduction Challenges for Container Networking
Production Challenges for Container Networking
 
WinOps Conf 2016 - Jeffrey Snover - The DevOpsification of Windows Server
WinOps Conf 2016 - Jeffrey Snover - The DevOpsification of Windows ServerWinOps Conf 2016 - Jeffrey Snover - The DevOpsification of Windows Server
WinOps Conf 2016 - Jeffrey Snover - The DevOpsification of Windows Server
 
Container Networking Challenges for Production Readiness
Container Networking Challenges for Production ReadinessContainer Networking Challenges for Production Readiness
Container Networking Challenges for Production Readiness
 
DockerCon US 2016 - Docker Networking deep dive
DockerCon US 2016 - Docker Networking deep diveDockerCon US 2016 - Docker Networking deep dive
DockerCon US 2016 - Docker Networking deep dive
 
Kubernetes meetup: Networking for Microservices
Kubernetes meetup: Networking for MicroservicesKubernetes meetup: Networking for Microservices
Kubernetes meetup: Networking for Microservices
 
Come With Golang
Come With GolangCome With Golang
Come With Golang
 
[INNOVATUBE] Tech Talk #3: Golang - Takaaki Mizuno
[INNOVATUBE] Tech Talk #3: Golang - Takaaki Mizuno [INNOVATUBE] Tech Talk #3: Golang - Takaaki Mizuno
[INNOVATUBE] Tech Talk #3: Golang - Takaaki Mizuno
 
Evolving Virtual Networking with IO Visor [OpenStack Summit Austin | April 2016]
Evolving Virtual Networking with IO Visor [OpenStack Summit Austin | April 2016]Evolving Virtual Networking with IO Visor [OpenStack Summit Austin | April 2016]
Evolving Virtual Networking with IO Visor [OpenStack Summit Austin | April 2016]
 
Container Networking Meetup March 31 2016
Container Networking Meetup March 31 2016Container Networking Meetup March 31 2016
Container Networking Meetup March 31 2016
 
Jenkins vs gogs
Jenkins vs gogsJenkins vs gogs
Jenkins vs gogs
 
Pachyderm: Building a Big Data Beast On Kubernetes
Pachyderm: Building a Big Data Beast On KubernetesPachyderm: Building a Big Data Beast On Kubernetes
Pachyderm: Building a Big Data Beast On Kubernetes
 
Golang basics for Java developers - Part 1
Golang basics for Java developers - Part 1Golang basics for Java developers - Part 1
Golang basics for Java developers - Part 1
 
Docker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversDocker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan Drivers
 
Unified Underlay and Overlay SDNs for OpenStack Clouds
Unified Underlay and Overlay SDNs for OpenStack CloudsUnified Underlay and Overlay SDNs for OpenStack Clouds
Unified Underlay and Overlay SDNs for OpenStack Clouds
 
Docker Networking & Swarm Mode Introduction
Docker Networking & Swarm Mode IntroductionDocker Networking & Swarm Mode Introduction
Docker Networking & Swarm Mode Introduction
 
Lying, Cheating, and Winning with Containers in Networking
Lying, Cheating, and Winning with Containers in NetworkingLying, Cheating, and Winning with Containers in Networking
Lying, Cheating, and Winning with Containers in Networking
 
Golang start and tips
Golang start and tipsGolang start and tips
Golang start and tips
 
Segment Routing
Segment RoutingSegment Routing
Segment Routing
 
Docker networking Tutorial 101
Docker networking Tutorial 101Docker networking Tutorial 101
Docker networking Tutorial 101
 

Semelhante a Cloud Native SDN

Open stackaustinmeetupsept21
Open stackaustinmeetupsept21Open stackaustinmeetupsept21
Open stackaustinmeetupsept21Brent Doncaster
 
How to install and use Kubernetes
How to install and use KubernetesHow to install and use Kubernetes
How to install and use KubernetesLuke Marsden
 
How to Install and Use Kubernetes by Weaveworks
How to Install and Use Kubernetes by Weaveworks How to Install and Use Kubernetes by Weaveworks
How to Install and Use Kubernetes by Weaveworks Weaveworks
 
Orchestrating Microservices with Kubernetes
Orchestrating Microservices with Kubernetes Orchestrating Microservices with Kubernetes
Orchestrating Microservices with Kubernetes Weaveworks
 
Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...
Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...
Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...Ajeet Singh Raina
 
DockerCon EU 2018 Workshop: Container Networking for Swarm and Kubernetes in ...
DockerCon EU 2018 Workshop: Container Networking for Swarm and Kubernetes in ...DockerCon EU 2018 Workshop: Container Networking for Swarm and Kubernetes in ...
DockerCon EU 2018 Workshop: Container Networking for Swarm and Kubernetes in ...Guillaume Morini
 
Docker Networking in Production at Visa - Sasi Kannappan, Visa and Mark Churc...
Docker Networking in Production at Visa - Sasi Kannappan, Visa and Mark Churc...Docker Networking in Production at Visa - Sasi Kannappan, Visa and Mark Churc...
Docker Networking in Production at Visa - Sasi Kannappan, Visa and Mark Churc...Docker, Inc.
 
"One network to rule them all" - OpenStack Summit Austin 2016
"One network to rule them all" - OpenStack Summit Austin 2016"One network to rule them all" - OpenStack Summit Austin 2016
"One network to rule them all" - OpenStack Summit Austin 2016Phil Estes
 
Rancher 2.0 Technical Deep Dive
Rancher 2.0 Technical Deep DiveRancher 2.0 Technical Deep Dive
Rancher 2.0 Technical Deep DiveLINE Corporation
 
Lessons learned and challenges faced while running Kubernetes at Scale
Lessons learned and challenges faced while running Kubernetes at ScaleLessons learned and challenges faced while running Kubernetes at Scale
Lessons learned and challenges faced while running Kubernetes at ScaleSidhartha Mani
 
Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...Tim Mackey
 
Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...Black Duck by Synopsys
 
Edge Computing: A Unified Infrastructure for all the Different Pieces
Edge Computing: A Unified Infrastructure for all the Different PiecesEdge Computing: A Unified Infrastructure for all the Different Pieces
Edge Computing: A Unified Infrastructure for all the Different PiecesCloudify Community
 
Microsoft Offical Course 20410C_05
Microsoft Offical Course 20410C_05Microsoft Offical Course 20410C_05
Microsoft Offical Course 20410C_05gameaxt
 
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17Mario-Leander Reimer
 
A hitchhiker‘s guide to the cloud native stack
A hitchhiker‘s guide to the cloud native stackA hitchhiker‘s guide to the cloud native stack
A hitchhiker‘s guide to the cloud native stackQAware GmbH
 
AWS re:Invent 2016: NextGen Networking: New Capabilities for Amazon’s Virtual...
AWS re:Invent 2016: NextGen Networking: New Capabilities for Amazon’s Virtual...AWS re:Invent 2016: NextGen Networking: New Capabilities for Amazon’s Virtual...
AWS re:Invent 2016: NextGen Networking: New Capabilities for Amazon’s Virtual...Amazon Web Services
 
Docker on docker leveraging kubernetes in docker ee
Docker on docker leveraging kubernetes in docker eeDocker on docker leveraging kubernetes in docker ee
Docker on docker leveraging kubernetes in docker eeDocker, Inc.
 

Semelhante a Cloud Native SDN (20)

Open stackaustinmeetupsept21
Open stackaustinmeetupsept21Open stackaustinmeetupsept21
Open stackaustinmeetupsept21
 
How to install and use Kubernetes
How to install and use KubernetesHow to install and use Kubernetes
How to install and use Kubernetes
 
How to Install and Use Kubernetes by Weaveworks
How to Install and Use Kubernetes by Weaveworks How to Install and Use Kubernetes by Weaveworks
How to Install and Use Kubernetes by Weaveworks
 
Orchestrating Microservices with Kubernetes
Orchestrating Microservices with Kubernetes Orchestrating Microservices with Kubernetes
Orchestrating Microservices with Kubernetes
 
Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...
Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...
Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...
 
DockerCon EU 2018 Workshop: Container Networking for Swarm and Kubernetes in ...
DockerCon EU 2018 Workshop: Container Networking for Swarm and Kubernetes in ...DockerCon EU 2018 Workshop: Container Networking for Swarm and Kubernetes in ...
DockerCon EU 2018 Workshop: Container Networking for Swarm and Kubernetes in ...
 
Docker Networking in Production at Visa - Sasi Kannappan, Visa and Mark Churc...
Docker Networking in Production at Visa - Sasi Kannappan, Visa and Mark Churc...Docker Networking in Production at Visa - Sasi Kannappan, Visa and Mark Churc...
Docker Networking in Production at Visa - Sasi Kannappan, Visa and Mark Churc...
 
"One network to rule them all" - OpenStack Summit Austin 2016
"One network to rule them all" - OpenStack Summit Austin 2016"One network to rule them all" - OpenStack Summit Austin 2016
"One network to rule them all" - OpenStack Summit Austin 2016
 
Demystfying container-networking
Demystfying container-networkingDemystfying container-networking
Demystfying container-networking
 
Rancher 2.0 Technical Deep Dive
Rancher 2.0 Technical Deep DiveRancher 2.0 Technical Deep Dive
Rancher 2.0 Technical Deep Dive
 
Lessons learned and challenges faced while running Kubernetes at Scale
Lessons learned and challenges faced while running Kubernetes at ScaleLessons learned and challenges faced while running Kubernetes at Scale
Lessons learned and challenges faced while running Kubernetes at Scale
 
Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...
 
Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...
 
Edge Computing: A Unified Infrastructure for all the Different Pieces
Edge Computing: A Unified Infrastructure for all the Different PiecesEdge Computing: A Unified Infrastructure for all the Different Pieces
Edge Computing: A Unified Infrastructure for all the Different Pieces
 
Microsoft Offical Course 20410C_05
Microsoft Offical Course 20410C_05Microsoft Offical Course 20410C_05
Microsoft Offical Course 20410C_05
 
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
 
A hitchhiker‘s guide to the cloud native stack
A hitchhiker‘s guide to the cloud native stackA hitchhiker‘s guide to the cloud native stack
A hitchhiker‘s guide to the cloud native stack
 
AWS re:Invent 2016: NextGen Networking: New Capabilities for Amazon’s Virtual...
AWS re:Invent 2016: NextGen Networking: New Capabilities for Amazon’s Virtual...AWS re:Invent 2016: NextGen Networking: New Capabilities for Amazon’s Virtual...
AWS re:Invent 2016: NextGen Networking: New Capabilities for Amazon’s Virtual...
 
Docker on docker leveraging kubernetes in docker ee
Docker on docker leveraging kubernetes in docker eeDocker on docker leveraging kubernetes in docker ee
Docker on docker leveraging kubernetes in docker ee
 
Introduction of k8s rancher
Introduction of k8s rancherIntroduction of k8s rancher
Introduction of k8s rancher
 

Último

一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理F
 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirtrahman018755
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfJOHNBEBONYAP1
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查ydyuyu
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查ydyuyu
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsMonica Sydney
 
一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理F
 
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...meghakumariji156
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsMonica Sydney
 
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime BalliaBallia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Balliameghakumariji156
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC
 
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...kumargunjan9515
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样ayvbos
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样ayvbos
 
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制pxcywzqs
 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrHenryBriggs2
 
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...kajalverma014
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsMonica Sydney
 

Último (20)

一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理
 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
 
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
 
一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理
 
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
 
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime BalliaBallia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
 
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
 
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
 

Cloud Native SDN

  • 1. Kubernetes v1.2 Multi-tenant Networking Romana Cloud Native SDN Chris Marino Robert Starmer romana.ioKubernetes Meetup 2/11/16
  • 2. Multi-tenant Networking • Agenda • Cloud Native Networks • Romana Cloud Native SDN • How it works • Demo • Q & A Kubernetes Meetup 2/11/16 romana.io Slide 1
  • 3. Cloud Native vs. Enterprise Networks • Amazon AWS Style v. Enterprise Apps • Service orientation (Cattle) v. Endpoint orientation (Pets) • Network requirements • Reachable IP addresses v. Auto discovered MAC (ARP on VLANs) • Service orientation further decouples apps from infrastructure • No VM migration • No IP Failover • Good News: Cloud Native apps don’t need layer 2 networks • Layer 2 networks introduce a lot of SDN complexity • Bad News: Layer 2 networks provided a convenient way to isolate apps romana.ioKubernetes Meetup 2/11/16 Slide 2
  • 4. Romana Cloud Native SDN • Layer 3 based isolation and tenancy model • Topology-aware addressing • Embed tenant and segment IDs in IP addresses • Requires nothing more than standard L3 routing • Hierarchical design simplifies scalable deployment • No virtual network required • Native performance and visibility • Eliminates overlays romana.ioKubernetes Meetup 2/11/16 Slide 3
  • 5. Complexity melts away • No VLANs, VXLANs, VTEP/VNID, OpenFlow, OVS/OVN/OVSDB • Route aggregation simplifies operations • Static routing eliminates need for route distribution (BGP, XMPP, KVS) • Reduces the number of firewall rules (i.e. network v. endpoint) • Simplifies Operations • Existing tools, techniques and diagnostics all just work • Existing security, policy and control systems all work • Firewalls, IDS, LB, etc., etc., etc. Kubernetes Meetup 2/11/16 romana.io Slide 4
  • 6. How does it work? • Assign CIDR length for host (node), tenant and segment • Example: host 16, tenant 24, segment 28 • On every host, each tenant gets a real physical CIDR • Tenant can further sub-net for their own private segments • Configure IP addresses that maintain reachability • Apply layer 3 firewall rules for network isolation Kubernetes Meetup 2/11/16 romana.io Slide 5
  • 7. Example Kubernetes Meetup 2/11/16 romana.io Slide 6 Bit location 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 Field Capacity 0 0 0 0 1 0 1 0 Example: Bits Length Purpose 10/8 Network 8 10/8 Network Hosts 8 Up to 255 Hosts Tenants 8 Up to 255 Tenants Segments 4 Up to 16 Segments per Tenant Endpoints 4 Up to 16 Endpoints per Segment Host 1 ID CIDR or IP Host 2 ID CIDR or IP Host 3 ID CIDR or IP Physical Addr 192.168.0.10 Physical Addr 192.168.0.11 Physical Addr 192.168.0.12 Host 1 10.1/16 Host 2 10.2/16 Host 3 10.3/16 Tenant 1 10.1.1/24 Tenant 1 10.2.1/24 Tenant 1 10.3.1/24 Segment 1 10.1.1.16/28 Segment 1 10.2.1.16/28 Segment 1 10.3.1.16/28 Pod 1 11 Pod 1 4 Pod 1 4 Pod 2 14 Pod 2 5 Pod 2 5 Tenant 2 10.1.2/24 Tenant 1 10.2.1/24 Tenant 2 10.3.2/24 Segment 1 10.1.2.16/28 Segment 2 10.2.1.32/28 Segment 1 10.3.2.32/28 Pod 1 4 Pod 1 9 Pod 1 9 Pod 2 8 Pod 2 12 Pod 2 12 Location 10/8 Net Mask Host ID Bits (8) Tenant ID Bits (8) Segment ID and IID Up to 255 Hosts Up to 255 Tenants 255 Endpoints for each Tenant 10.1.1.27 10.3.2.28 10.3.2.25 10.3.1.21 10.3.1.20 10.2.1.44 10.2.1.41 10.2.1.21 10.2.1.20 10.1.2.24 10.1.2.20 10.1.1.40 32 28 24 16 8 29-32 25-28 17-24 9-16 1-8
  • 8. Host 1: 192.168.0.10 on Port 1 Host 2: 192.168.0.11 on Port 2 Host 3: 192.168.0.12 on Port 3 Router, Switch or VPC Physical Deployment Kubernetes Meetup 2/11/16 romana.io 192.168.0.10 192.168.0.11 192.168.0.12 Host 1 Pod 1 1.1.27 G/W: 10.1.0.1/16 Pod 2 1.1.40 Pod 1 1.2.20 Pod 2 1.2.24 Tap Interfaces Host 2 Pod 1 2.1.20 G/W: 10.2.0.1/16 Pod 2 2.1.21 Pod 1 2.1.41 Pod 2 2.1.44 Tap Interfaces Host 3 Pod 1 3.1.20 G/W: 10.3.0.1/16 Pod 2 3.1.21 Pod 1 3.2.25 Pod 2 3.2.28 Tap Interfaces Slide 7
  • 9. Romana Project • Cloud Native SDN • All details available at romana.io • Open source • Apache 2.0 • Written in Go • www.github.com/romana • Release v0.6.4 available now • Integration with OpenStack • Kubernetes integration very soon romana.ioKubernetes Meetup 2/11/16 Slide 8
  • 10. Node n Node n Node n Node n Node n KubletAgent Kube Proxy Docker /rkt Pod Pod iptables CNI Romana Romana Networks Kubernetes Meetup 2/11/16 romana.io K8S Master IPAM Routes Tenant DB Topology Controllers Scheduler API etcd ThirdParty Resource Network Policy Schema Slide 9 Policy /apis/romana.io/demo/v1 Pod/Service Spec Network Policy
  • 11. Network Policy Resource Kubernetes Meetup 2/11/16 romana.io Slide 10 name: network-policy.romana.io apiVersion: extensions/v1beta1 kind: ThirdPartyResource description: “Romana Network Policy Third Party Resource Schema" versions: - name: demo/v1 Resulting API Endpoint /apis/romana.io/demo/v1/networkpolicy/
  • 12. www.romana.io Tenant t1 Pod Specifications • Frontend apiVersion: v1 kind: Pod metadata: name: nginx-frontend labels: app: nginx owner: t1 tier: frontend spec: containers: - name: nginx image: nginx ports: - containerPort: 80 • Backend apiVersion: v1 kind: Pod metadata: name: nginx-backend labels: app: nginx owner: t1 tier: backend spec: containers: - name: nginx image: nginx ports: - containerPort: 80 Kubernetes Meetup 2/11/16 romana.io Slide 11
  • 13. www.romana.io Replication Controller • Tenant t2 apiVersion: v1 kind: ReplicationController metadata: name: nginx-default spec: replicas: 3 template: metadata: labels: app: guestbook tier: default owner: t2 spec: containers: - name: nginx-default image: nginx ports: - containerPort: 80 Kubernetes Meetup 2/11/16 romana.io Slide 12
  • 14. www.romana.io Pod Specifications • Frontend apiVersion: v1 kind: Pod metadata: name: nginx-frontend labels: app: nginx owner: t1 tier: frontend spec: containers: - name: nginx image: nginx ports: - containerPort: 80 • Backend apiVersion: v1 kind: Pod metadata: name: nginx-backend labels: app: nginx owner: t1 tier: backend spec: containers: - name: nginx image: nginx ports: - containerPort: 80 Kubernetes Meetup 2/11/16 romana.io Slide 13
  • 15. Network Policy • Policy1 kind: NetworkPolicy apiVersion: romana.io/demo/v1 metadata: name: policy1 namespace: default labels: - owner: t1 spec: podSelector: // Standard label selector - selects pods. tier: backend allowIncoming: // (Optional) List of allow rules. - toPorts: // (Optional) List of dest ports to open. - port: 80 // (Optional) Numeric or named port protocol: TCP // [ TCP | UDP] from: // (Optional) List of sources. - pods: // (Optional) Standard label selector. tier: frontend // (Optional) Standard label selector. Kubernetes Meetup 2/11/16 romana.io Slide 14
  • 16. Router, Switch or VPC Demo Kubernetes Meetup 2/11/16 romana.io 192.168.0.10 192.168.0.11 Host 1 T1 1.1.27 G/W: 10.1.0.1/16 T1 1.1.40 FE 1.2.20 BE 1.2.44 Tap Interfaces Host 2 T1 2.1.20 G/W: 10.2.0.1/16 Tap Interfaces Slide 15
  • 17. Demo • Running Kubernetes on x EC2 instances • Romana Services running on Kubernetes Master • Demo Script 1. Apply NetworkPolicy ThirdParty Schema 2. Launch Pods as different isolated tenants 3. Within a single tenant, launch Pods on separate Tiers 4. Apply Network Policy to Tiers 5. Show Policy Enforcement Kubernetes Meetup 2/11/16 romana.io Slide 16