Project Kuryr. Antoni Segura Puimedon (apuimedo) Gal Sagie (gsagie)

Similar documents
Project Kuryr. Here comes advanced services for containers networking. Antoni Segura

Secure Kubernetes Container Workloads

Kuryr & Fuxi. OpenStack networking and storage for Docker Swarm containers. Hongbin Lu Antoni Segura Puimedon

Container Networking and Openstack. Fernando Sanchez Fawad Khaliq March, 2016

Fully Scalable Networking with MidoNet

OpenStack and OVN What s New with OVS 2.7 OpenStack Summit -- Boston 2017

2016 Mesosphere, Inc. All Rights Reserved.

Project Calico v3.1. Overview. Architecture and Key Components

Neutron: peeking behind the curtains

Simplify Container Networking With ican. Huawei Cloud Network Lab

Securing Microservice Interactions in Openstack and Kubernetes

COMMUNITY-GENERATED ROADMAP

OpenStack Mitaka Release Overview

Launching StarlingX. The Journey to Drive Compute to the Edge Pilot Project Supported by the OpenStack

Dockercon 2017 Networking Workshop

5th SDN Workshop ICCLab & SWITCH

Virtual Infrastructure: VMs and Containers

Neutron networking with RHEL OpenStack Platform. Nir Yechiel Senior Technical Product Manager, OpenStack Red Hat

Introduction to Neutron. Network as a Service

"Charting the Course... H8Q14S HPE Helion OpenStack. Course Summary

Managing Demand Spikes in a highly flexible and agile deployment

Project Calico v3.2. Overview. Architecture and Key Components. Project Calico provides network security for containers and virtual machine workloads.

Kubernetes networking in the telco space

Upcoming Services in OpenStack Rohit Agarwalla, Technical DEVNET-1102

OpenDaylight OpenStack Integration.

Rajeev Grover. Maruti Kamat. Vivek Narasimhan

FloatingIP Enhancement For Public Cloud Infrastructure

Docker Networking In OpenStack What you need to know now. Fawad Khaliq

Overview of Container Management

Note: Isolation guarantees among subnets depend on your firewall policies.

Networking Approaches in. a Container World. Flavio Castelli Engineering Manager

Building Kubernetes cloud: real world deployment examples, challenges and approaches. Alena Prokharchyk, Rancher Labs

FROM MONOLITH TO DOCKER DISTRIBUTED APPLICATIONS

Case Study on Enterprise Private Cloud

Datacenter Network Solutions Group

Dataplane Networking journey in Containers

Docker Networking Deep Dive online meetup

Huawei CloudFabric and OpenStack Cloud Platform Intergration Solution

SUPERFLUIDITY a super-fluid, cloud-native, converged edge system

Dan Williams Networking Services, Red Hat

OpenStack Magnum Hands-on. By Saulius Alisauskas and Bryan Havenstein

Layer-4 to Layer-7 Services

Virtualization Design

Application Centric Microservices Ken Owens, CTO Cisco Intercloud Services. Redhat Summit 2015

Welcome to Manila: An OpenStack File Share Service. May 14 th, 2014

K8s(Kubernetes) and SDN for Multi-access Edge Computing deployment

Nexus 1000V in Context of SDN. Martin Divis, CSE,

Kubernetes Container Networking with NSX-T Data Center Deep Dive

SUSE OpenStack Cloud

Delivering Red Hat OpenShift at Ease on Red Hat OpenStack and RHV

Kubernetes on Openstack

Simplify Networking for Containers 叶磊曹水 华为中央软件院云网络实验室

An Introduction to Kubernetes

How to build scalable, reliable and stable Kubernetes cluster atop OpenStack.

Using Network Virtualization in DevOps environments Yves Fauser, 22. March 2016 (Technical Product Manager VMware NSBU)

Build Cloud like Rackspace with OpenStack Ansible

ODL Summit Bangalore - Nov 2016 IPv6 Design in OpenDaylight

OPENSTACK Building Block for Cloud. Ng Hwee Ming Principal Technologist (Telco) APAC Office of Technology

VMware Integrated OpenStack with Kubernetes Getting Started Guide. VMware Integrated OpenStack 4.0

Cloud Native Networking

OpenStack Networking Services and Orchestration 2015 BROCADE COMMUNICATIONS SYSTEMS, INC. COMPANY PROPRIETARY INFORMATION

kayobe Documentation OpenStack Foundation

Contrail Networking: Evolve your cloud with Containers

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Integrated Management of OpenPOWER Converged Infrastructures. Revolutionizing the Datacenter

K8s(Kubernetes) and SDN for Multi-access Edge Computing deployment

Infoblox Kubernetes1.0.0 IPAM Plugin

Red Hat Containers Roadmap. Red Hat A panel of product directors

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Networking & Security for Mesos

Cloud Networking (VITMMA02) Network Virtualization: Overlay Networks OpenStack Neutron Networking

Getting Started with VMware Integrated OpenStack with Kubernetes. VMware Integrated OpenStack 5.1

Cloud & container monitoring , Lars Michelsen Check_MK Conference #4

Kubernetes - Networking. Konstantinos Tsakalozos

The speed of containers, the security of VMs. KataContainers.io

Life of a Packet. KubeCon Europe Michael Rubin TL/TLM in GKE/Kubernetes github.com/matchstick. logo. Google Cloud Platform

May Octavia. Project Update, OpenStack Summit Vancouver

Red Hat OpenShift Roadmap Q4 CY16 and H1 CY17 Releases. Lutz Lange Solution

VMware Integrated OpenStack with Kubernetes Getting Started Guide. VMware Integrated OpenStack 4.1

MESOS A State-Of-The-Art Container Orchestrator Mesosphere, Inc. All Rights Reserved. 1

Opendaylight: Enabling 5G through Cloud Native Telco Architecture Edgar Lombara Lumina Networks Inc.

Building Open Source-Based Cloud Solutions with OpenDaylight. Colin Dixon, Brocade/OpenDaylight Lisa Caywood, OpenDaylight

Quantum, network services for Openstack. Salvatore Orlando Openstack Quantum core developer

Multiple Networks and Isolation in Kubernetes. Haibin Michael Xie / Principal Architect Huawei

OpenStack Magnum Pike and the CERN cloud. Spyros

Reimagining OpenStack*

Openstack Networking Design

Microservice Bus Tutorial. Huabing Zhao, PTL of MSB Project, ZTE

Minimal OpenStack Starting Your OpenStack Journey

Airship A New Open Infrastructure Project for OpenStack

Human Centric. Innovation. OpenStack = Linux of the Cloud? Ingo Gering, Fujitsu Dirk Müller, SUSE

CONTAINERS AND MICROSERVICES WITH CONTRAIL

Linux Clusters Institute: OpenStack Neutron

Using PCE for path computation, PCEP for device config and BGP-LS for topology discovery vcpe

Docker Overlay Networks

Container Security and new container technologies. Dan

Table of Contents HOL NET

Conduire OpenStack Vers l Edge Computing Anthony Simonet Inria, École des Mines de Nantes, France

The speed of containers, the security of VMs

Exam Name: VMware Certified Associate Network Virtualization

Transcription:

Project Kuryr Antoni Segura Puimedon (apuimedo) Gal Sagie (gsagie)

What are the problems? Reinventing networking abstractions Changing and vendor specific solutions Flannel Weave SocketPlane Overlay2 for VM nested containers Performance, latency, SLA, management penalties

New Solutions For Containers Networking

Nested Containers Overlay2 Compute Node Compute Node VM VM Docker0 Docker0 Flannel Overlay BR-INT BR-TUN Neutron Overlay BR-INT BR-TUN

Kuryr Mission Neutron as the production ready networking abstraction containers need!

Kuryr Solution Neutron as the production ready network abstraction containers need Map container networking abstractions to the Neutron API Allow consumers to choose vendor keeping one high quality API free of vendor lock-in Bring your container and VM networking together under one API Implement all the common code for Neutron vendors allowing them to get to container networking by just having a binding script

Kuryr Solution Implement a common base for Neutron vendors that support VM nested containers Avoid double encapsulation Manage each container port as a Neutron entity Planned support for OVN, MidoNet, Dragonflow and Calico Leverage Neutron advanced networking LBaaS, FWaaS, VPNaaS Security Groups / NAT

Kuryr In OpenStack Bare metal Compute Node Controller Node Kuryr Service Neutron agents (Optional) Neutron Server

Kuryr In OpenStack Nested deployment Compute Node VM Controller Node Kuryr Service Neutron agents (Optional) Neutron Server

Kuryr Project Overview Open source Part of OpenStack Neutron's big stadium Brings the Neutron networking model as a provider for the Docker CNM Aims to support different Container Orchestration Engines E.g. Kubernetes, Mesos, Docker Swarm Weekly IRC meetings Working together with OpenStack community Neutron, Magnum, Kolla

Kuryr Project Overview Multiple companies working on it

Kuryr Libnetwork Remote Driver Keeping up to date with the changing libnetwork remote driver API Maps Docker's CNM operations into a Neutron API usage Any Neutron plugin can use it (for example OVS)

Kuryr Generic VIF Binding

Kuryr Generic VIF Binding Layer Binds the container networking namespace to the networking infra Common part (container side) IPAM veth creation Executable based vendor-specific part Choice based on Neutron port type Free implementation language Root context

Deployment Package based Container based with Kolla Vendors must generate their downstream container with the necessary agents and plugin Quick and easy deployment (Ansible based)

VM Nested Containers Leverage the same Neutron solution for tenant containers networking Neutron features Easier management Same implementation Support containers networks and VM network isolation Neutron plugins already support this: OVN, Midonet, Dragonflow Magnum Backend Implementations interoperability

Mixed OpenStack Environments Nested Containers Compute Node VM VM Lightweight Tagging Layer OVS / Midonet / Calico / Dragonflow Neutron network 1 Neutron network 2 Neutron network 3

Neutron Side Port Forwarding Can be used to implement Docker port-mapping Save public IP space Adding Tags to Resources Pre allocation of ports/networks Mapping between Docker IDs to Neutron IDs VLAN Trunk API (Nested Ports) Formal Neutron API to define nested containers ports DNS Resolution for Port Names Leveraged for DNS service discovery

New Features for Containers Security Groups Subnet Pools NAT (SNAT / DNAT Floating IP) Port Security (ARP Spoofing) QoS Quota Management Neutron pluggable IPAM Provide well-integrated COE Load balancing through Neutron FWaaS for Containers Many more as Neutron progress

Kuryr Roadmap Plan Liberty Release Kuryr specs in Neutron/Magnum communities Neutron new features specs Docker Libnetwork remote driver Generic VIF binding layer Configuration and authentication in Neutron and Docker

Kuryr Roadmap Plan Mitaka Release Neutron IPAM for Docker Containerized Neutron plugins and solutions with Kolla Nested containers in VM s, Magnum Kuryr integration Functional testing Missing Neutron features Port forwarding port mapping for Docker Neutron tags to resources pre-allocating of network/ports/subnets DNS resolution for port names Docker DNS discovery VLAN trunk API - used for nested containers

Kuryr Roadmap Plan N Release Neutron advance services (LBaaS, FWaaS VPNaaS) Kubernetes services to use Neutron LBaaS Kubernetes networking model (K8s API)

Demo http://ves.cat/mghp

Join Us! Be the Kuryr! Project Launchpad https://launchpad.net/kuryr Project Git Repository https://github.com/openstack/kuryr Weekly IRC Meeting http://eavesdrop.openstack.org/#kuryr_project_meeting IRC #openstack-neutron @ Freenode

Join Us! Be the Kuryr! Mailing List openstack-dev@lists.openstack.org ([Neutron][Kuryr]) Trello Board https://trello.com/b/cbiaxrq2/project-kuryr Documentation http://docs.openstack.org/developer/kuryr Getting Started Blog posts http://galsagie.github.io/sdn/openstack/docker/kuryr/neutron/2015/08/24/kury r-part1/ http://galsagie.github.io/sdn/openstack/docker/kuryr/neutron/2015/10/10/kury r-ovn/

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback