Overviews of Cloud Computing and SDN activities in WIDE Project

Yuji Sekiya

The Univ. of Tokyo / WIDE Project

2014/06/18

CJK Workshop 2014 1

WIDE Project Research Consortium

• http://www.wide.ad.jp/

• Commercial companies, research institutions, and universities • over 50 organizations and over 1,000 people are joined

• Founder : Prof. Jun Murai

• Director : Prof. Hiroshi Esaki

Researches

• Activities are in working groups.

• WIDE workshop is held two times a year (May, December)

• WIDE camp is held two times a year (March, September)

2014/06/18

CJK Workshop 2014 2

Cloud Computing Activities in WIDE Project Cloud WG in WIDE Project

• Started on 2010

Targeted to evaluate and develop Fundamental Technologies for Cloud Computing. • Distributed Storage

• Load Balancing of Resources

• Load Balancing of Applications

• Distributed Processing for Big Data

Actual TestBed • The first target is IaaS (Infrastructure as a Service)

• WIDE Cloud (Inter-University IaaS Cloud)

2014/06/18

CJK Workshop 2014 3

WIDE Cloud Distributed IaaS Cloud

2014/06/18

CJK Workshop 2014 4

WIDE Cloud Architecture OpenSource Based

2014/06/18

CJK Workshop 2014 5

kvm

RESTful API

VM Image

map646

iSCSI NFS

NEMO

VLAN

libvirt

Facility Layer

Control Layer

Middleware Layer

Application Layer

Virtual Resource Layer

Network Server

Storage

Application

Fe

de

rate

d C

lou

d C

on

tro

ller

Sheepdog

SQL

NoSQL

VXLAN LISP

glusterFS

Challenges in WIDE Cloud Full IPv6 cloud

• Use map646 for IPv4 translation

Distributed Filesystem • GlusterFS

• ukai

VM Mobility • NEMO (Network Mobility)

• VXLAN + LISP

Resource Management • Auto VM migration

• Cloud Controller (WCC)

Not only IaaS • Hadoop / Presto clusters are

working for NECOMA Project

2014/06/18

CJK Workshop 2014 6

Distributed Storage

Location-Level Redundancy Network Mobility

SiteA

SiteB

Migratable Network

SiteA

SiteB

Migratable Network

SiteA

SiteB

SiteC

VM Replication

IPv6 Internet IPv4 Internet

Datacenter1

Datacenter 3

Datacenter 2

Datacenter 4

Hypervisors

Hypervisors Hypervisors

Hypervisors

VMs

NAT64

Boxes

10

It’s working over four years !! WCC : http://wcc.wide.ad.jp/

Over 400 VMs are working !

2014/06/18

CJK Workshop 2014 7

SDN Activities in WIDE Project GINEW Project

• Joint Research with NICT

• Provide virtual “SLICE” to users on JGN-X testbed

SDN-IX by NECOMA / NSPIXP Project

2014/06/18

CJK Workshop 2014 8

Basic Idea of User Defined and Organized Network

2014/06/18

CJK Workshop 2014 9

A B

C

VirtualLink

UnderlayNetworkLink

VirtualNode

UnderlayNetworkNode

Then,ChangetherouteofVirtualLinkfromAtoB

AbstractedLayerofUDON

CorrespondingConfigura ons

Genera ngUDONAPIChangeRouteofVirtualLinkAtoB

Network Virtualization on JGN-X

2014/06/18

CJK Workshop 2014 10

Fukuoka Hiroshima

Okayama Sendai

NICT Koganei

VN

OF

OF

OF

OF

DCN DCN OF Kanazawa

Kagawa

Okinawa

OF

VN VN VN

Nagoya VN OF

Kochi

Osaka

Iwate

VN OF

Tokyo

DCN

OF Sapporo

仮想資源グループA

JGN-X利用者A

JGN-X利用者B

仮想資源グループC 仮想化リソースプールレイヤー

物理リソースプールレイヤー

NetworkSliceA NetworkSliceB

仮想資源グループB

NetworkforUserA ZoneA-1 ZoneA-2

NetworkSliceB

ZoneB-1 ZoneB-2

仮想化スライス提供レイヤー

ユーザ提供レイヤー

東京大学担当ミドルウェア

Demonstration on SC13

TH SG

• Adaptive Bandwidth Control • Application of GINEW API • Collaboration w/ PerfSONAR

• User’s Program manage shared bandwidth, • Measuring by PerfSONAR • Controlling by GINEW

• Already prepared, Will be applied soon. => DONE

Bandwidth Measurement By PerfSONAR

Bandwidth Control By GINEW

User’s Program

Sharing Bandwidth

CJK Workshop 2014

2014/06/18

11

SDN-IX Developing and Deploying SDN-IX (PIX-IE)

• PIX-IE : Programmable Internet eXchange in EDO • Technology is developed in NECOMA Project

Current roles of Internet Exchanges • Layer-3 IX / Layer-2 IX • Exchanging “Internet Traffic” following BGP information

Need more ? • The granularity of TE (Traffic Engineering) is BGP prefix.

• BGP granularity is /24 (IPv4) and /48 (IPv6) prefixes

Need more ? • DDoS is one of the most serious problem in the Internet

• An ISP wants to prevent or mitigate the traffic at the edges of ingress

Need more ? • Path exchanges between Ases

• The index is not only VLAN. • Using dst address and/or src address, dst port, TOS, MPLS label, VXLAN…

2014/06/18

12 CJK Workshop 2014

NSPIXP Project Operated by WIDE Project

• Research IX

2 IXs in Tokyo and Osaka • DIX-IE (Tokyo) : 53 ASes

• NSPIXP3 (Osaka) : 13 Ases

Activities • IPv4/IPv6 native dual stack

• Connected between Tokyo = OSAKA (NSPIXP23)

More Research => • SDN-IX (Programmable IX)

2014/06/18

13

NF Park ComSpace-1

NTT Otemachi

@Tokyo

GbE x 2

10G

20G(10G x 2) KDDI Otemachi

BI15K-1

BI15K-2

MLX-1

MLX-1 MLX-1

BI151

BI81

MLX-3

MG8-1

MG8-2

MLX-1 MLX-2

CJK Workshop 2014

1) DDoS Prevention and Mitigation on IX

2014/06/18

14

Programmable IX (PIX-IE)

ISP

ISP ISP

ISP

ISP

ISP Victim

ISP Victim Service

Spoofed SRC UDP

Link Saturation

CJK Workshop 2014

Current Solution

2014/06/18

15

Programmable IX (PIX-IE)

ISP

ISP ISP

ISP

ISP

ISP Victim

ISP Victim Service

Spoofed SRC UDP

Link Saturation

The operator has to contact to each ISP, and ask to filter the DDoS packets …

Human Interaction

CJK Workshop 2014

Solution by SDN

2014/06/18

16

Programmable IX (PIX-IE)

ISP

ISP ISP

ISP

ISP

ISP Victim

ISP Victim Service

Mitigation

Mitigation

Mitigation

Mitigation

REST API

CJK Workshop 2014

2) Flexible Path Exchanges The demand for extend own local network into other

Autonomous Systems

• Event : Temporally use (e.g. experiments at SC)

• Connect to colocation hosts at Data Centers

• IaaS Cloud • Equinix serves their customers with private wires that are connected to

Amazon EC2

Existing way to extend

• VPN (including Overlay Networks): They have encapsulation and encryption overhead...

17

2014/06/18

CJK Workshop 2014

Programmable IX (PIX-IE) VLAN # migration

2) Flexible Path Exchanges Interconnection of VLAN, VXLAN, MPLS, Application…

2014/06/18

18

VLAN : 30

VLAN : 100

VLAN : 2000

VLAN : 1000

VLAN : 500

VLAN : 50

Datacenter A Datacenter B

Datacenter C Datacenter D

CJK Workshop 2014

Current Implementation

Controller

AS X Network

AS Y Network

Context + ASnum + VLANnum

①

Check Context and Authentication

②

Context + ASnum + VLANnum

①’

JSON Format { context : “String”, AS : AS Number, VLAN : VLAN ID }

OpenFlow based IX

Create L2 circuit for AS X and Y

③

19

2014/06/18

CJK Workshop 2014

Demonstration in Interop Tokyo 2014 Interop Tokyo 2014

• The largest ITC events in Japan

• Over 130,000 people are visited

2014/06/18

CJK Workshop 2014 20

Screenshots a

2014/06/18

CJK Workshop 2014 21

Thank You