Datacenter Network Virtualization in Multi-Tenant Environments€¦ · 06/09/2015 · Datacenter...

Chair for Network Architectures and Services

Technische Universität München

Datacenter Network Virtualization in

Multi-Tenant Environments

8. DFN-Forum Kommunikationstechnologien

Viktor Goldberg, Leibniz-Rechenzentrum, TU München

Florian Wohlfart, TU München

Daniel Raumer, TU München

09.06.2015 1

Network Functions Virtualization

09.06.2015 Viktor Goldberg 2

Applications

x86 Hardware

COMPUTE VIRTUALIZATION LAYER DECOUPLED

Network Functions Virtualization

Building the Network Virtualized Datacenter

Overlay Network Architecture

09.06.2015 4Viktor Goldberg

Network Virtualization Overlays

VXLAN creates logical L2 domains over standard L3 infrastructure.

• VM traffic encapsulated inside a UDP/IP frame plus VNI identifier

• VNI defines the L2 domain

• encapsulation performed by a VTEP node

• VTEP is a software or physical switch (at the ToR)

Encapsulated frames are routed to the remote VTEP.

• remote VTEP strips the IP/UDP header

• forwards original frame to the local VM

• transparent to the network core, not aware of the VXLAN overlay

• only edge VTEP nodes need to be VXLAN aware

VXLAN - How does it work?

Open vSwitch (OVS)

Design and Architecture

controller

running in userspace

slowpath

datapath

running in kernel

fastpath

Data Plane Control Plane

Open vSwitch (OVS)

A Deep Dive

Open vSwitch (OVS)

A Deep Dive

KERNEL

Open vSwitch (OVS)

A Deep Dive

Datapath

KERNEL

Open vSwitch (OVS)

A Deep Dive

Datapath

KERNEL

Open vSwitch (OVS)

A Deep Dive

Datapath

KERNEL

Open vSwitch (OVS)

A Deep Dive

Datapath

KERNEL

Open vSwitch (OVS)

09.06.2015

Viktor Goldberg 7

A Deep Dive

Datapath

vswitchd

USERSPACE

KERNEL

Open vSwitch (OVS)

A Deep Dive

Datapath

vswitchd ovsdb-srv

USERSPACE

KERNEL

Open vSwitch (OVS)

A Deep Dive

Datapath

vswitchd ovsdb-srv

OpenFlow

USERSPACE

KERNEL

Open vSwitch (OVS)

A Deep Dive

Datapath

vswitchd ovsdb-srv

OpenFlow

USERSPACE

KERNEL

Open vSwitch (OVS)

A Deep Dive

Datapath

vswitchd ovsdb-srv

OpenFlow

USERSPACE

KERNEL

Open vSwitch (OVS)

A Deep Dive

Datapath

vswitchd ovsdb-srv

OpenFlow

USERSPACE

KERNEL

Open vSwitch (OVS)

A Deep Dive

Datapath

vswitchd ovsdb-srv

OpenFlow

USERSPACE

KERNEL

Open vSwitch (OVS)

A Deep Dive

Datapath

vswitchd ovsdb-srv

OpenFlow

USERSPACE

KERNEL

Open vSwitch (OVS)

A Deep Dive

Datapath

vswitchd ovsdb-srv

OpenFlow

USERSPACE

KERNEL

Open vSwitch (OVS)

A Deep Dive

Datapath

vswitchd ovsdb-srv

OpenFlow

USERSPACE

KERNEL

Open vSwitch (OVS)

A Deep Dive

Datapath

vswitchd ovsdb-srv

ovs-dpctl ovs-vsctl

ovsdb-tool

OpenFlow

ovs-ofctl

USERSPACE

KERNEL

Open vSwitch (OVS)

A Deep Dive

Datapath

vswitchd ovsdb-srv

ovs-dpctl ovs-vsctl

ovsdb-tool

OpenFlow

ovs-ofctl

USERSPACE

KERNEL

• routed traffic at the top of rack

• proven and trusted protocol for scale

• mature open standards for interoperability

• standard scalable model for virtualized and non-virtualized solutions

• minimized size of the L2 domain

• no VLAN scaling issues

Physical Infrastructure

Scaling an L3 network for East to West traffic

Mininet

• “an instant virtual network on your laptop“

• running real kernel, switch and application code in a VM

• supports Open vSwitch

Motivation

• multi-tenant environment with two tenants T1 and T2

• overlapping IP networks and addresses

• completly transparent tunneling, even broadcast traffic (like ARP, DHCP)

Mininet VM Mininet VM

DEMOSYS1

IP: 172.16.116.135

DEMOSYS2

IP: 172.16.116.136

DEMOSYS1

IP: 172.16.116.135

DEMOSYS2

IP: 172.16.116.136

DEMOSYS1

IP: 172.16.116.135

DEMOSYS2

IP: 172.16.116.136

00:00:00:00:00:01 00:00:00:00:00:02

DEMOSYS1

IP: 172.16.116.135

DEMOSYS2

IP: 172.16.116.136

00:00:00:00:00:01

00:00:00:00:00:02

DEMOSYS1

IP: 172.16.116.135

DEMOSYS2

IP: 172.16.116.13610 10

00:00:00:00:00:01

00:00:00:00:00:02

DEMOSYS1

IP: 172.16.116.135

DEMOSYS2

IP: 172.16.116.13610 10

00:00:00:00:00:01

00:00:00:00:00:02

S1 – 172.16.116.135

sh ovs-vsctl add-port s1 vtep -- set interface vtep type=vxlan

option:remote_ip=172.16.116.136 option:key=flow ofport_request=10

S2 – 172.16.116.136

sh ovs-vsctl add-port s2 vtep -- set interface vtep type=vxlan

option:remote_ip=172.16.116.135 option:key=flow ofport_request=10

Demo - Interface Configuration

flows1.txt

table=0,in_port=1,actions=set_field:10->tun_id,resubmit(,1)

table=0,in_port=2,actions=set_field:20->tun_id,resubmit(,1)

table=0,actions=resubmit(,1)

table=1,tun_id=10,dl_dst=00:00:00:00:00:01,actions=output:1

Demo - Flow configuration excerpt

Demo Setup VXLAN Tunneling

T1_1 ping 10.0.0.1

T2_1 ping 10.0.0.2

tcpdump –i eth0

[icmp type {0,8}]

tcpdump –i eth0

[icmp type {0,8}]

tcpdump –i eth0

[icmp type {0,8}]

Conclusion

• simple design of physical environment to provide IP end-to-end connectivity only

• logic should be placed into “Intelligent Edges“, ToR switches like OVS

• logical tenant separation through VXLAN tunneling technologies

Future Work

• identification of services and tenants with specific needs

• deployment of a test environment

• long term goal: NFV rollout and optimization of physical underlay

Chair for Network Architectures and Services

Technische Universität München

Thank You.

Questions?

Datacenter Network Virtualization in Multi-Tenant Environments€¦ · 06/09/2015 · Datacenter...

Documents

Transcript of Datacenter Network Virtualization in Multi-Tenant Environments€¦ · 06/09/2015 · Datacenter...

VMware Virtualization: The Foundation for a Green Datacenter.

Datacenter Management and Virtualization White Paper

VMware Network Virtualization Design GuideThe vCloud Director virtual datacenter container is a highly automatable abstraction of the pooled virtual infrastructure. Network virtualization

The Portable Datacenter - VMware Virtualization for Desktop

20121023 Cmug Datacenter Network Virtualization

Network Virtualization in Multi-tenant Datacenters - USENIX · Network Virtualization in Multi-tenant Datacenters Teemu Koponen, ... ants to deﬁne a set of logical network ... In

Scalable Network Virtualization in Software- Defined Networksecee.colorado.edu/~ekeller/docs/drutsky_ieee_ic_flown_2013.pdf · Network virtualization gives each “tenant” in a

VMware Certified Design Expert 5 – Datacenter Virtualization … · The VMware Certified Design Expert 6 – Data Center Virtualization (VCDX6-DCV) is an advanced certification

Datacenter Optimization Server Virtualization

The Operational Impact of Virtualization in the Datacenter

SNW EUROPE; DATACENTER TECHNOLOGIES; …files.vogel.de/vogelonline/vogelonline/companyfiles/5903.pdfSNW EUROPE; DATACENTER TECHNOLOGIES; VIRTUALIZATION WORLD #ptc #SNWEurope #vw #dct

Datacenter Management and Virtualizationdownload.microsoft.com/documents/uk/enterprise/57... · Datacenter Management and Virtualization ... Datacenter infrastructure and applications

The Software Defined Datacenter - Dell EMC · PDF file10/09/2012 · The Software Defined Datacenter ... Management Cloud Infrastructure Virtualization The Cloud Bill Of Materials

Network Virtualization - Instituto de ComputaçãoMultitenancy •Network virtualization allows tenant can control: •Connectivity layer: Tenant network can be L2 while the provider

Hyper-V Datacenter Virtualization Module 3

DRIVING DATACENTER EFFICIENCY THROUGH …hosteddocs.ittoolbox.com/enterprisemseriesvirtualization.pdfDRIVING DATACENTER EFFICIENCY THROUGH SERVER AND APPLICATION CONSOLIDATION Virtualization

Power Virtualization in Multi-tenant Networks€¦ · Networking In datacenter, ~15% Flat-fee, or byte-based Power oblivious Least energy proportional; Idle power = ~80% peak; 2 power

Preemptive, Low Latency Datacenter Scheduling via ... Low Latency Datacenter Scheduling via Lightweight Virtualization Wei Chen1, Jia Rao2, and Xiaobo Zhou1 1University of Colorado,

Customers want to transform their datacenter...Microsoft’s virtualization and cloud offerings Software Defined Datacenter - WS 2016 Azure Pack + Hyper-V + System Center Microsoft

Multi-tenant Framework for SDN Virtualization