midonet: network virtualization & policies
TRANSCRIPT
![Page 1: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/1.jpg)
![Page 2: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/2.jpg)
![Page 3: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/3.jpg)
MidoNet:
Network Virtualization & Policies Open Networking Summit
Hot Startups Session
March 4th, 2014
Presenter: Daniel Conde, Director of Products
3/10/2014 © 2014 Midokura 1
![Page 4: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/4.jpg)
How we are different
• Overlay Networks
– OpenFlow did not scale. We can do better
– Working with virtual and physical networks
• Networks will be consumed by application
owners
– Policy becomes the most important thing
3/10/2014 © 2014 Midokura 2
![Page 5: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/5.jpg)
About the company
• Pioneer in network virtualization – provides
software for networking using overlay approach
• Staff from Amazon, Cisco, Google and VMware
3/10/2014 © 2014 Midokura 3
![Page 6: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/6.jpg)
About the company
• Received $17mm in Series-A in April 2013
• Named by CRN as among among the 10 coolest virtualization startups in the world and in the top 10 networking stories of 2013
Tech Alliance Partners
3/10/2014 © 2014 Midokura 4
![Page 7: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/7.jpg)
About the company
• Adopted by service providers as well as enterprise customers
• Significant contributor to the OpenStack Networking (Neutron)
• SDN vendor to be certified for Red Hat Enterprise Linux OpenStack platform
• Member of the OpenDayLight Project
• Technical partnerships with network switch vendors, software companies and solution providers
3/10/2014 © 2014 Midokura 5
![Page 8: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/8.jpg)
451 Research
• “Midokura’s distributed architecture is elegant and appears to be making strides in early adopter markets for SDN and virtual networking”
3/10/2014 © 2014 Midokura 6
![Page 9: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/9.jpg)
About me
• Midokura – network virtualization
• Google gGRC at Reciprocity Labs – compliance system
• VMware – compute virtualization
• Rendition Networks (now HP) – Network Configuration
• NetIQ - Systems Management
• Microsoft – Windows OS, UI
• DEC – Multiprocessor UNIX (TCP, file systems)
• Xerox – Distributed Systems, dev environments
3/10/2014 © 2014 Midokura 7
![Page 10: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/10.jpg)
MidoNet Customer Adoption
• Large scale cloud service providers:
– OpenFlow did not scale
– Overcome VLAN limits and get > 4096 tenants
– Reduce OpEx for network management
– Reduce CapEx for network device
– OpenStack based
– Tenants configure and use application template
3/10/2014 © 2014 Midokura 8
![Page 11: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/11.jpg)
What problems did they have
• Need way to access physical network
resources
• Need info on troubleshooting from the
physical network
• Need physical network to protect their SLA
3/10/2014 © 2014 Midokura 9
![Page 12: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/12.jpg)
History: Evolution of SDN
• Control & data separation – Tempest in 1998
– Logically centralized control system
• Languages for SDN – Frenetic in 2011
– Goal is to raise the level of abstraction
3/10/2014 © 2014 Midokura 10
![Page 13: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/13.jpg)
How to get across chasm
• Pushing off – Pain points to address,
such as Cloud providers hitting limits on VLANs (4096 max), agility, isolate network configs to TOR and below, self-provision
• Pulling yourself – Application driven Policy &
abstractions, Physical & Virtual control
3/10/2014 © 2014 Midokura 11
![Page 14: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/14.jpg)
General Trend
1. Virtualize resources – be logical, not
physical
2. Automate control of network
3. Abstractions drive clients of networks
• Need more progress adopt these great ideas
3/10/2014 © 2014 Midokura 12
![Page 15: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/15.jpg)
“Virtualized” net: Hop by hop device
emulation
3/10/2014 © 2014 Midokura 13
router
switch
router
![Page 16: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/16.jpg)
Network Simulation & overlays
3/10/2014 © 2014 Midokura 14
Simple IP Underlay
Simulation
![Page 17: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/17.jpg)
MidoNet solution
3/10/2014 © 2014 Midokura 15
![Page 18: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/18.jpg)
FUTURE APPROACHES
Physical and Virtual Network management and Application Centric
Policy networking
3/10/2014 © 2014 Midokura 16
![Page 19: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/19.jpg)
Problem
Tenant 1 Tenant 2 Tenant-N
3/10/2014 © 2014 Midokura 17
Infrastructure-spanning Network
![Page 20: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/20.jpg)
Realities
• Need to address existing
hardware and tools
• Value is in providing
agility and flexibility of a
overlay (virt) network,
and using the
capabilities of the
underlay (phys) network
3/10/2014 © 2014 Midokura 18
![Page 21: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/21.jpg)
Can the overlay ignore the underlay?
• Can I truly deploy an underlay net, leave it
alone and contain all the changes and
management in the overlay?
• Is a simple IP bus enough?
3/10/2014 © 2014 Midokura 19
![Page 22: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/22.jpg)
EXAMPLE 1: VXLAN TUNNEL
ENDPOINT
Virtualized and physical networks co-existing happily together
3/10/2014 © 2014 Midokura 20
![Page 23: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/23.jpg)
VTEP
3/10/2014 © 2014 Midokura 21
10.0.1.
3
NAT
Midonet
Host
VM
119.15.112.13
7 172.16.77.48
10.0.1.5
Cumulus
Linux
Switch
Management Net
“Across the
Atlantic”
OSGi
Console
Configuration
Requests
![Page 24: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/24.jpg)
EXAMPLE 2: POLICY AND NETWORKS
AWS has shown that infrastructure will be consumed by application
owners and designers. They think in terms of policy, not IP addresses
and ACLs
3/10/2014 © 2014 Midokura 22
![Page 25: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/25.jpg)
Policy the old way
switch(config)# mac access-list acl-mac-01
switch(config-mac-acl)#
switch(config-mac-acl)# permit
00c0.4f00.0000 0000.00ff.ffff any
3/10/2014 © 2014 Midokura 23
![Page 26: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/26.jpg)
Group Policy - Basics
3/10/2014 © 2014 Midokura 24
Connectivity
Group
Of App Servers
App Policies
![Page 27: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/27.jpg)
Application Policy Model
3/10/2014 © 2014 Midokura 25
Group
Of DB
Servers
Group
Of App
Servers
Group of
Load
Balancers
Policy
![Page 28: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/28.jpg)
Group Policies for 3-tier app
3/10/2014 © 2014 Midokura 26
![Page 29: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/29.jpg)
What the SDN controller does
• Controller is sending policy info instead of
network flow info
• Policy abstractions are templates that are
applied to the applications that are named
as a group
3/10/2014 © 2014 Midokura 27
![Page 30: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/30.jpg)
Networks for large scale clouds
• Tenants: understand policies
• Infrastructure: understand policies and
translate it to physical network
• Network Virtualization: Maps the virtual to
physical
3/10/2014 © 2014 Midokura 28
![Page 31: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/31.jpg)
Benefits of this approach
• Agility & OpEx savings
• Scalable for large scale clouds
• Policy templates means easy configuration
for
– Performance
– Information assurance & compliance
3/10/2014 © 2014 Midokura 29
![Page 32: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/32.jpg)
How we are different
• Overlay Networks
– OpenFlow did not scale. We can do better
– Working with virtual and physical networks
• Networks will be consumed by application
owners
– Policy becomes the most important thing
3/10/2014 © 2014 Midokura 30
![Page 33: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/33.jpg)
Contacting me
• Email: [email protected]
• Web: www.midokura.com
• Twitter: @danielconde or @midokura
• LinkedIn: /in/danielconde
3/10/2014 © 2014 Midokura 31
![Page 34: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/34.jpg)
THANK YOU
Questions?
3/10/2014 © 2014 Midokura 32
![Page 35: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/35.jpg)
Example 2: Group Policy
• How do I shield the application owner from
understanding IP Addresses, ACLs, VLAN,
load balancing,
• All they care about is that some abstraction
of policy is applied to a group of endpoints
(typically a set of virtual machines)
3/10/2014 © 2014 Midokura 33
![Page 36: MidoNet: Network Virtualization & Policies](https://reader031.vdocument.in/reader031/viewer/2022032217/55a9b1b21a28ab3d4f8b4596/html5/thumbnails/36.jpg)
Investors
• Innovation Network Corporation of Japan
(INCJ), NTT Investment Partners, L.P. and
NEC Group’s Venture Fund: Innovative
Ventures Fund Investment L.P., Sunbridge
Partners
3/10/2014 © 2014 Midokura 34