1. 1. What do we do at Axsh? Virtualization Cloud computing Distributed systems Free open source software
2. 2. Our two main FOSS projects Wakame-vdc http://wakame-vdc.org OpenVNet http://openvnet.org http://github.com/axsh
3. 3. What is Wakame-vdc? Instance Instance Instance WebAPI * Instance = Virtual Server User Http SSH
4. 4. What is OpenVNet A Network hypervisor A way to fully virtualize networks
5. 5. What is OpenVNet A Network hypervisor A way to fully virtualize networks
6. 6. What is virtualization Let's explain using virtual machines Hardware Operating system Hypervisor (VMWare, KVM, VirtualBox, etc.) VM OS (Linux) VM OS (Windows) VM OS (MacOS)
7. 7. What is virtualization Virtual machines become indipendent of hardware Hardware (Laptop PC) Operating system (Linux) Hypervisor (VirtualBox) VM OS VM OS VM OS Hardware (iMac) Operating system (MacOS) Hypervisor (VirtualBox)
8. 8. Network virtualization The concept is similar Networks become indipendent of hardware Hardware (hubs, routers, bridges, etc.) Hypervisor (OpenVNet) Virtual Network NIC 10.0.0.0/24 10.10.0.0/24 10.10.0.0/24 NIC NIC Virtual Network NIC NIC NIC Internet Virtual Network NIC NIC NIC 10.90.0.0/24 10.80.0.0/24 10.90.0.0/24
9. 9. Some use cases Cloud systems like Wakame-vdc or OpenStack can allow users to create their own custom network layout Separate cloud systems can be tied together into a single L2 Network Use your imagination
10. 10. How do we achieve this? Short answer: We use OpenFlow https://www.opennetworking.org/sdn-resources/openflow Long answer: Let's refresh how networks work in the first place.
11. 11. Layer 1: The Physical Layer Two NICs are connected by a cable They can now exchange ones and zeroes
12. 12. Layer 1: The Physical Layer Two NICs are connected by a cable They can now exchange ones and zeroes What if we want to connect more than two NICs?
13. 13. Layer 2: The Data Link Layer Each NIC has a unique MAC address Everyone broadcasts Ethernet frames The OS opens Ethernet frames sent to its NIC's MAC address
14. 14. Layer 2: The Data Link Layer What is we want to create large networks? We can't just keep broadcasting everywhere
15. 15. Layer 3: The Network Layer Connects multiple L2 networks using routers NICs are assigned IP addresses A broadcast (ARP) is made to match IP to MAC
16. 16. So how does OpenVNet virtualize this? All network devices have flow tables Network traffic: Comes in a certain port Is matched against those flow tables Is sent out a certain port OpenFlow is a protocol to tell network devices to change their flow tables
17. 17. OpenFlow Switch Network Switch OpenFlow Controller OpenFlow Implementation Flow tables Port Port Port Port SSL NIC NICNIC NIC Network traffic
18. 18. OpenVNet's OpenFlow Controller OpenVNet has an OpenFlow controller called VNA OpenVNet currently requires the use of Open vSwitch VNA VNA Open vSwitch Open vSwitch
19. 19. Tunneling protocols OpenVNet uses two tunneling protocols to implement virtual networks MAC2MAC: An original protocol that works on Layer 2 GRE A protocol that works on Layer 3
20. 20. Tunneling protocols VNA VNA Open vSwitch Open vSwitch VNA Open vSwitch
21. 21. Tunneling protocols VNA VNA Open vSwitch Open vSwitch VNA Open vSwitch MAC2MAC
22. 22. Tunneling protocols VNA VNA Open vSwitch Open vSwitch VNA Open vSwitch GRE
23. 23. OpenVNet under the hood NIC NIC NIC Vnmgr (virtual network manager) 0mq http Open vSwitch VNA NIC NIC NIC Open vSwitch VNA WebAPI MySQL Physical Network
24. 24. Demo time We will tie Wakame-vdc and Amazon EC2 together into one virtual network Wakame-vdc has OpenVNet support Amazon EC2 does not So... what do we do?
25. 25. Demo time We will tie Wakame-vdc and Amazon EC2 together into one virtual network Wakame-vdc has OpenVNet support Amazon EC2 does not So... what do we do? VNet Edge!
26. 26. VNet Edge Allows a virtual network and a physical (= non OpenVNet) network to join together into one L2 segment VNA VNA Open vSwitch Open vSwitch VNet Edge Non OpenVNet network
27. 27. VNet Edge is rather simple Open vSwitch/VNA checks if it has the destination for a packet in its virtual network If yes, send it there If no, send it out VNet Edge
28. 28. Demo time Without further ado...