2. • Container Networking and Storage with Ops Policies
• Provides Northbound Integration: entire policy model
exposed natively
– Besides REST interfaces, auto-generated Go/Python clients
• Open Sourced at https://github.com/contiv
Contiv - Introduction
Container Connectivity
Policies for networking
Variety of connectivity options
Works with Kubernetes, Docker,
Mesos, Nomad
Contiv Networking
Policy for volume allocation
Snapshots, IOPs rate-limiting,
Garbage Collection, etc.
Works with Docker
Contiv Storage
Node Discovery, Inventory
Node Life-Cycle Management
Complete Stack, managed
Works for cloud, optimized for
Bare-Metal
Contiv Cluster
Contiv UI
3. • Kubernetes Networking Plugin
• Kubernetes provides a very flexible and open plugin interface
• Enables wider datacenter use cases
Contiv Networking
Microservice Aware
• Segmentation and
policies per
Microservice
• Service discovery and
routing
• Application telemetry
and visibility
Physical Network Integration
• Pure L3 Routed Networks
• Classic L2 and overlay
networks
• Cisco SDN solutions
• Features
• Fully multi tenant
• Built in IPAM
• Public/private cloud
deployments
Single Forwarding pipeline
• High performance
Openflow based pipeline
in kernel
• Highly programmable and
extensible
• IP Routing, security
policies, L4 load
balancing and telemetry
in single switching
pipeline
5. Microservices == Distributed Systems
• Problems of distributed systems
– Complex calling patterns
– RPC mechanisms
• How can networking help?
• Connectivity maps: who is talking to who
• Historical Data for Application
Tuning/Characterization
• No need for code instrumentation or running
agents
• Always-on logging can serve as audit trail
• E.g. who accessed DB tier and if they were authorized accesses
6. Application Telemetry
• What data to collect?
• Time-stamped Interactions between containers and services
• Flow level stats (5 or 7 tuple)
• Per container Stats
• Rx/Tx Bytes and Packets
• TCP connection lengths (Syn/Fin correlation)
• Security Policy violations
• Bandwidth consumption
• Challenges
• Granularity
• Between micro-services, Between containers, Flows (protocol/port), REST calls
• Frequency and sampling
• How to handle transient flows?
• Scale
• Analytics
• Providing a Nicer way to consume it
8. Kuber: On demand taxi app
APP DB
APP
Passenger
DBAPPPassenger
APP
APP DB
APP Driver DB
APP
Driver APP
APP DB
APP Trips DB
APP
Trips APP
APP DB
APP
Payments
DBAPPPayments
APP
Web
Web
Web
Web
Web
Web
Web
Web