viman lab cloud computing research - university of...
TRANSCRIPT
4/8/2014
1
Software-Defined Networking
Prasad Calyam, Ph.D.
Spring 2014
VIMAN Lab Cloud Computing Research
• Cloud Resource Allocation – Computer and network virtualization models, algorithms, tools
• Cloud Monitoring – Software-defined measurements and performance diagnosis
• Cloud Testbeds for Apps, Marketplaces – e.g., Manufacturing/Healthcare/Education
• Cloud Security – Cyber attacks, Authentication, Authorization, Policy
2
http://people.cs.missouri.edu/~calyamp
4/8/2014
2
Discussion Topics
• Traditional Networking versus Software-Defined Networking
– Overlay Networking
– Network Function Virtualization
– OpenFlow Protocol for SDN
– SDN Programming for Applications
– SDN Experiments on Real Cloud Platforms
3
Discussion Topics
• Traditional Networking versus Software-Defined Networking
– Overlay Networking
– Network Function Virtualization
– OpenFlow Protocol for SDN
– SDN Programming for Applications
– SDN Experiments on Real Cloud Platforms
4
4/8/2014
3
Cloud Applications
Science and Technical Applications
Business Applications Consumer/Social Applications
5
App Marketplaces
6
4/8/2014
4
Evolution of Big Data
Computational
Last
few decades
Analytical
Experimental
Thousand
years ago
Today and the Future
Theoretical
Last few
hundred years
2
2
2.
3
4
a
cG
a
a
Simulation of
complex phenomena
Newton’s laws,
Maxwell’s equations…
Description of
natural
phenomena
Unify theory, experiment and
computation with large
multidisciplinary Big Data
Using data exploration and data
mining (from instruments, sensors,
humans…)
7
End-to-End Overlay Networks
8
Big Data handling requires overlay networking, especially for satisfying real-
time application requirements!
4/8/2014
5
GENI: Infrastructure for Overlay Experimentation
GENI provides compute resources that can be connected in experimenter specified topologies. (Funded by NSF for Future Internet Experiments)
GENI provides compute resources that can be connected in experimenter specified Layer 2 topologies.
GENI: Infrastructure for Experimentation
4/8/2014
6
Inter aggregate connectivity
Experiments live in isolated “slices”
How are these links formed?
Unified Resource Broker (URB) Distributed Control: Network
Provisioning Issues
How can we centrally create intelligent
overlay network infrastructures?
Centralized Control:
Inherent Benefits
12
4/8/2014
7
Distributed/Centralized Switch Control Architecture
• Distributed Control
• Centralized Control
13
Discussion Topics
• Traditional Networking versus Software-Defined Networking
– Overlay Networking
– Network Function Virtualization
– OpenFlow Protocol for SDN
– SDN Programming for Applications
– SDN Experiments on Real Cloud Platforms
14
4/8/2014
8
Network Virtualization
• Virtualizes a physical network interfaces as a virtual network
interface; user flows are treated as ‘virtual tenant’ flows
– This layer sits in between Layer 2 and Layer 3 (i.e., Layer 2.5)
and uses encapsulation (i.e., Mac-in-UDP) for Layer 2 elasticity
and IP address localization
• Enables VM migration, virtual tenancy – across multiple Layer 2
domains!
– Typical protocols: OpenFlow, Overlay Transport Virtualization
(OTV), VXLAN
Controller
15
Network Function Virtualization Source: Nicira/VMware
16
• vSwitch and Stateless Transport Protocol (STT) allow running a custom network protocol over a network built for a different protocol
– STT enables transporting Ethernet data inside IP packets
• Open vSwitch is a virtual switch used as the network stitching component in the hypervisor – Maintains logical state of VM’s network connection across physical hosts when VM is migrated
– Managed and monitored by OpenFlow, NetFlow and others
See - http://openvswitch.org/
4/8/2014
9
SDN Related Work
Related Work Features
NEC ProgrammableFlow Matching of packet flows based on the IP
addresses, MAC addresses and the port
numbers
Cisco Overlay Transport
Virtualization (OTV)
MAC-in-IP, Multi-point Tunneling using IP
Multicast
VMware Virtual Extensible LAN
(VXLAN)
MAC-in-UDP, 24-bit LAN segment identifier
Virtual Private LAN Service (VPLS) Multi-point to multi-point communication
over IP/MPLS networks
17
Discussion Topics
• Traditional Networking versus Software-Defined Networking
– Overlay Networking
– Network Function Virtualization
– OpenFlow Protocol for SDN
– SDN Programming for Applications
– SDN Experiments on Real Cloud Platforms
18
4/8/2014
10
Software-Defined Networking with OpenFlow
Traditional Network
OpenFlow Network
19
Flow Table Management
OpenFlow Protocol
Interactions
Forwarding Rule
20
More overview details at - http://archive.openflow.org/documents/openflow-wp-latest.pdf
4/8/2014
11
OpenFlow is an API
• Controller has to populate forwarding table of the switch – Controls how packets are forwarded through a
network path
– In a table miss, switch asks the Controller
• Controller reserves “flow space” in a Slice – Installs flow entries either ‘proactively’ or
‘reactively’ in switches
– Once flow is setup, subsequent traffic does not go through the controller
• Controller is responsible for all traffic, not just your application! – Should handle: ARPs, DHCP, etc.
• Implementable on Commercial off-the-shelf (COTS) hardware – Make deployed networks programmable; Not just
configurable
21
Virtual Data Center Example
Data Center OpenFlow Switches Thin-clients
Unified Resource Broker
Connection Broker
Marker Packet Handler
Packet Capture
OpenFlow Switch
Flow tables Group Tables
Data Plane
Packet/Flow Inspector
Routing Engine
Thin-client
Virtual Desktop
Secure Channel
User Applications
Hypervisor
Security Token RDP/PCoIP Server
Active Directory
RDP/PCoIP Client
Load Balancing
Control
Plane
Service Engine
Measurement
Plane
System Provisioning
File System
Resource Optimization
Secure
Channel
Control
Plane
OpenFlow
Controller
Measurement Engine
Active Measurement
Congestion Detection
Fault Detection
22
4/8/2014
12
Debugging OpenFlow Networks is Hard!
• Mininet
– Before actual deployment, test your OpenFlow Controller in the
Mininet network emulation tool with ‘virtual switches & hosts’
• OVS (Open vSwitch) virtual switch software or a “soft switch” is
used in Mininet
– Does not require the initial network co-ordination for Controller
setup, and also does not require console access to switches
– Requires an OpenFlow Controller Application Framework
• Floodlight, POX, OpenDaylight, Beacon, Trema, …
– http://yuba.stanford.edu/~casado/of-sw.html
– http://groups.geni.net/geni/wiki/OpenFlow/Controllers
– Wireshark helps with debugging control flows of your OpenFlow
Controller application
23
OpenFlow Controller Flavors
24
4/8/2014
13
Floodlight Controller REST API
25
Wireshark for Debugging your OpenFlow Controller!
Virtual Ethernet ports for each switch
OpenFlow Protocol packet analysis
26
4/8/2014
14
Discussion Topics
• Traditional Networking versus Software-Defined Networking
– Overlay Networking
– Network Function Virtualization
– OpenFlow Protocol for SDN
– SDN Programming for Applications
– SDN Experiments on Real Cloud Platforms
27
GENI/SDN Lab Steps
• Lab Experiment – QoS Configuration and Load Balancing using Software Defined Networking/OpenFlow
• Purpose of the Lab – Install and configure Mininet SDN emulator with 2 traffic engineering
experiment applications to understand how to program ‘flow spaces’ within networks to: (i) comply with enterprise network capacity provisioning policies, and (ii) balance the utilization of network resources
– Use Iperf and Ping Tools to verify your SDN functionality
Mininet Installation Floodlight OpenFlow
Controller installation
QoS Configuration in Controller
Application
QoS Experimentation using Iperf Tool
Floodlight OpenFlow
Controller installation
Load Balancer
Configuration in Controller Application
Load Balancing
Experimentation using Ping Tool
Lab Experiment #1 (QoS Control through Network-Edge Rate Limiting) Steps Overview
Lab Experiment #2 (Load Balancer for Scalable Handling of Traffic Flows) Steps Overview
28
4/8/2014
15
SDN/GENI Lab Experiment #1
• Use the OpenvSwitch commands to set the network policies
• Setup 3 queues (Q0, Q1 and Q2) on every switch and configure
network-edge bandwidth capacity using the ‘ovs-vsctl’ commands
– Q0 – default queue
– Q1 – queue 1 rate limiting bandwidth to 50 Mbps
– Q2 – queue 2 rate limiting bandwidth to 40 Mbps
29
SDN/GENI Lab Experiment #2
• Use a Load Balancing experiment topology with pools of end-hosts and load balancers – Test load balancing functionality with Ping requests from end-hosts
• Extend the ‘Load Balancing’ module in your Floodlight Controller – Scale the load balancer to handle more Ping requests by adding two new
hosts to the load balancer pool
– Examine the response patterns from end-host Ping responses
30
4/8/2014
16
In-class Exercise
• What emerging technologies can you think that SDN will enable in the next “Hype Cycle(s)”?
– Location-aware Apps
– Virtual Assistants; Virtual Worlds
– Social Analytics based Mobile Services
– Augmented Reality
– Desktop-as-a-Service
– Simulation-as-a-Service
– Remote Elder-care
– ….others
See US Ignite – http://us-ignite.org/next-gen-applications that is fostering creation of next-generation Internet applications that provide transformative public benefit
31
Discussion Topics
• Traditional Networking versus Software-Defined Networking
– Overlay Networking
– Network Function Virtualization
– OpenFlow Protocol for SDN
– SDN Programming for Applications
– SDN Experiments on Real Cloud Platforms
32
4/8/2014
17
Science DMZ Use Case with OpenFlow
Gatekeeper Proxy
Middleware
Extended VLAN Overlay
Science
Application
Science
Application
Software-Defined
Network
Remote
Collaborator
Instrument Site on
CampusScience
Application
Normal
Application
Campus
Network
Cam
pu
s A
cces
s
Netw
ork
Ca
mp
us
Acc
ess
Netw
ork
Public Cloud
Science
Application
Dir
ect
Con
nec
t
Netw
ork
Web Application
IP
Network
33
Science DMZ Flow Orchestration with OpenFlow
Extended VLAN Overlay
Imaging MicroscopeImage Processing
Cluster
Campus-A Edge Campus-B Edge
Gatekeeper Proxy Middleware
OpenFlow ControllerAuthenticated
Researcher
Performance
Engineer
1. Define application end-points
and monitoring objectives
Service Engine Measurement EngineRouting Engine
3. Install HTC flow 3. Install HTC flow
2. Provision policy-directed flow rules
Campus-A Firewall Campus-B FirewallIP
Network
Non-IP
Network
3. Install measurement flow
4. Non-Science DMZ flow
4. Authorized HTC flow4. Authorized measurement flow
Legend:
Data Flow
Control Flow
34
4/8/2014
18
Virtual Desktop Clouds (DaaS)
“Brain of the Cloud”
35
Example DaaS Use Cases
(a) Virtual classroom lab involving faculty and students
(b) Computationally intensive interactive applications for biomedical community (e.g., remote volume visualization)
(c) Simulation-as-a-Service requiring HPC resources for advanced manufacturing
(d) ElderCare-as-a-Service requiring proactive medical intervention for health care
(e) Virtual desktops for underserved communities
36
4/8/2014
19
VIMAN Lab’s “VDC-Analyst” Leveraging OpenFlow for Resource Placement of Virtual Desktop Cloud Applications
VD Provisioning and Placement
GENI Slice Testbed for VDC Hosting
• VDC-Analyst → GENI
• Design & Development →
Validation and design tuning
• Large-scale simulations →
Cloud deployment experiments
37
VDC-Analyst Features
‘Run Simulation’
(Offline)
‘Run Experiment’
(In GENI) Net-utility per
experiment run
Resource allocation of
thin-clients to data centers
38
4/8/2014
20
VDC-Analyst Use Cases
• Research
– Plug-in new provisioning and placement schemes
– Study cloud dynamics to see how they affect net-utility
• Education
– Explore server-side adaptation
• E.g., write a macro script to reduce user interaction round-trips for control actions during network health bottlenecks
– Explore client-side adaptation
• E.g., select thin-client encodings that delivers best QoE for different user groups – knowledge worker vs. designer/artist
– Explore network-side adaptation
• E.g., ??
39
Problem Scope
• To use OpenFlow for dynamic resource placement of VD
applications via an URB
– Provisioning of non-IP VD application traffic flows between thin-
client sites and data centers
– Path selection and load-balancing of VD flows to improve
performance of interactive applications and video playback
– Leveraging in-band instrumentation and measurement to gather
performance intelligence on cross traffic impact affecting VD
– Automated management and centralized network control
40
4/8/2014
21
Marker Packet Header Format
41
OpenFlow
Switch
OpenFlow
Controller
Smart
Thin-client
Virtual
Desktop
Join OpenFlow network
Install flow rules for
marker packets
Send marker packet to
request virtual desktop
Recognize and punt
the marker packet
Parse marker packet and
install client/server flows
Access virtual
desktop applications
Flow Setup Sequence Diagram
1
2
3
4
5
6
42
4/8/2014
22
VDC-Analyst Experiment w/o Load-Balancing
43
VDC-Analyst Experiment w/ Load-Balancing
44
4/8/2014
23
OpenFlow Switch
Client In Port
Out Port
SUNNW PG48 50 51
SUNNW PG49 50 51
ATLANTA PG46 52 52
ATLANTA PG47 52 52
ATLANTA PG46 20 52
ATLANTA PG47 20 52
VDC-Analyst OpenFlow Demonstration
Route setup Step-1 Cross-traffic Impact
Step-2 Load-balancing Improvement Step-3
OpenFlow Switch
Client In Port
Out Port
ATLA PG46 20 52
ATLA PG47 20 52
OpenFlow Switch
Client In Port
Out Port
ATLANTA PG46 20 52
ATLANTA PG47 20 52
SUNNW PG48 50 52
SUNNW PG49 50 52
Video runs smooth, GUI applications are responsive
Video freezes, disconnects, GUI applications are not responsive
Video runs smooth, GUI applications are responsive
45
0.21
15.36
0
5
10
15
20
Application Cross-Traffic
VDC-Analyst OpenFlow Demonstration
Route setup Step-1 Cross-traffic Impact
Step-2 Load-balancing Improvement Step-3
Video runs smooth, GUI applications are responsive
Video freezes, disconnects, GUI applications are not responsive
Video runs smooth, GUI applications are responsive
Bandwidth Consumed (Mbytes/s)
4.45
14.8
0
5
10
15
20
Application Cross-Traffic
4.6
0 0
5
10
15
20
Application Cross-Traffic
46
4/8/2014
24
Simulation-as-a-Service
47
ElderCare-as-a-Service
48
4/8/2014
25
Further Reading
• GENI – http://www.geni.net
• Open Networking Foundation - https://www.opennetworking.org
• Select papers network and server adaptation for scientific
applications on virtual desktops:
– P. Calyam, S. Rajagopalan, S. Seetharam, A. Selvadhurai, K. Salah,
R. Ramnath, “VDC-Analyst: Design and Verification of Virtual
Desktop Cloud Resource Allocations”, Elsevier Computer Networks
Journal (COMNET), 2014.
– P. Calyam, S. Rajagopalan, A. Selvadhurai, S. Mohan, A.
Venkataraman, A. Berryman, R. Ramnath, “Leveraging OpenFlow
for Resource Placement of Virtual Desktop Cloud
Applications”, IFIP/IEEE International Symposium on Integrated
Network Management (IM), 2013.
49