End to End SLA for Enterprise Multi-Tenant Applications

Similar documents
1 Copyright 2011, Oracle and/or its affiliates. All rights reserved.

Oracle Solaris Virtualization: From DevOps to Enterprise

VIRTUALIZING SERVER CONNECTIVITY IN THE CLOUD

Software-Defined Networking (SDN) Overview

High Availability for Enterprise Clouds: Oracle Solaris Cluster and OpenStack

Red Hat OpenStack Platform 10 Red Hat OpenDaylight Product Guide

Oracle Solaris 11: No-Compromise Virtualization

Consolidate and Prepare for Cloud Efficiencies Oracle Database 12c Oracle Multitenant Option

Create a DBaaS Catalog in an Hour with a PaaS-Ready Infrastructure

Copyright 2011, Oracle and/or its affiliates. All rights reserved.

Pavel Anni Oracle Solaris 11 Feature Map. Slide 2

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. reserved. Insert Information Protection Policy Classification from Slide 8

Windows Server System Center Azure Pack

Windows Server 2016 Software-Defined Networking Oliver Ryf

Virtual Security Gateway Overview

DEPLOYING NFV: BEST PRACTICES

Cisco HyperFlex Systems

Introduction. Delivering Management as Agile as the Cloud: Enabling New Architectures with CA Technologies Virtual Network Assurance Solution

Flexible Laufzeitumgebungen für Software - Einfach aufgebaut

The Next Opportunity in the Data Centre

Get Your Datacenter SDN Ready. Ahmad Chehime Cisco ACI Strategic Product Sales Specialist SPSS Emerging Region

Trends and challenges Managing the performance of a large-scale network was challenging enough when the infrastructure was fairly static. Now, with Ci

Cisco Application Centric Infrastructure (ACI) - Endpoint Groups (EPG) Usage and Design

Data Path acceleration techniques in a NFV world

NEC Virtualized Evolved Packet Core vepc

Brocade and VMware Strategic Partners. Kyle Creason Brocade Systems Engineer

The Software Driven Datacenter

Survey of ETSI NFV standardization documents BY ABHISHEK GUPTA FRIDAY GROUP MEETING FEBRUARY 26, 2016

SFC in the DOCSIS Network James Kim Cable Television Laboratories, Inc.

Virtual Networks: Host Perspective

TEN ESSENTIAL NETWORK VIRTUALIZATION DEFINITIONS

Deploy Microsoft SQL Server 2014 on a Cisco Application Centric Infrastructure Policy Framework

Enabling Efficient and Scalable Zero-Trust Security

Network Function Virtualization Using Data Plane Developer s Kit

Road to Private Cloud mit OpenStack Projekterfahrungen

Exploring Cloud Security, Operational Visibility & Elastic Datacenters. Kiran Mohandas Consulting Engineer

Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers

Unify Virtual and Physical Networking with Cisco Virtual Interface Card

All Roads Lead to Convergence

Oracle Exadata Statement of Direction NOVEMBER 2017

WIND RIVER TITANIUM CLOUD FOR TELECOMMUNICATIONS

Contrail Networking: Evolve your cloud with Containers

Communication System Design Projects

Service Function Chaining (SFC)

The Top Five Reasons to Deploy Software-Defined Networks and Network Functions Virtualization

HY436: Network Virtualization

PLEXXI HCN FOR VMWARE ENVIRONMENTS

Cisco Application Centric Infrastructure and Microsoft SCVMM and Azure Pack

Running RHV integrated with Cisco ACI. JuanLage Principal Engineer - Cisco May 2018

Open Security Controller Project Use Cases

Networking in Virtual Infrastructure and Future Internet. NCHC Jen-Wei Hu

CloudEngine 1800V Virtual Switch

Challenges for the success of SDN and NFV (from a standardization perspective)

Cisco Virtual Networking Solution for OpenStack

Title DC Automation: It s a MARVEL!

vnetwork Future Direction Howie Xu, VMware R&D November 4, 2008

Data Center and Cloud Automation

NETWORK OVERLAYS: AN INTRODUCTION

Nexus 1000V in Context of SDN. Martin Divis, CSE,

How DPI enables effective deployment of CloudNFV. David Le Goff / Director, Strategic & Product Marketing March 2014

Cavium FastLinQ 25GbE Intelligent Ethernet Adapters vs. Mellanox Adapters

BROCADE CLOUD-OPTIMIZED NETWORKING: THE BLUEPRINT FOR THE SOFTWARE-DEFINED NETWORK

NFV Infrastructure for Media Data Center Applications

1V0-642.exam.30q.

5 Things You Need for a True VMware Private Cloud

Copyright 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 12

Building NFV Solutions with OpenStack and Cisco ACI

Next Gen Virtual Switch. CloudNetEngine Founder & CTO Jun Xiao

Host Dataplane Acceleration: SmartNIC Deployment Models

OpenStack Networking: Where to Next?

COMPUTE CLOUD SERVICE. Moving to SPARC in the Oracle Cloud

Use Case Brief BUILDING A PRIVATE CLOUD PROVIDING PUBLIC CLOUD FUNCTIONALITY WITHIN THE SAFETY OF YOUR ORGANIZATION

Pasiruoškite ateičiai: modernus duomenų centras. Laurynas Dovydaitis Microsoft Azure MVP

SDN Controller/ Orchestration/ FastDataStacks. Joel Halpern (Ericsson) Frank Brockners (Cisco)

Performance Considerations of Network Functions Virtualization using Containers

VXLAN Overview: Cisco Nexus 9000 Series Switches

Weiterentwicklung von OpenStack Netzen 25G/50G/100G, FW-Integration, umfassende Einbindung. Alexei Agueev, Systems Engineer

A Brief Guide to Virtual Switching Franck Baudin (Red Hat) Billy O Mahony (Intel)

Lecture 14 SDN and NFV. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it

Simplify Container Networking With ican. Huawei Cloud Network Lab

Storage Protocol Offload for Virtualized Environments Session 301-F

Segmentation. Threat Defense. Visibility

Cisco VTS. Enabling the Software Defined Data Center. Jim Triestman CSE Datacenter USSP Cisco Virtual Topology System

IT Infrastructure. Transforming Networks to Meet the New Reality. Phil O Reilly, CTO Federal AFCEA-GMU C4I Symposium May 20, 2015

Red Hat OpenStack Platform 10

EdgeConnectSP The Premier SD-WAN Solution

Building Security Services on top of SDN

Orchestrating the Cloud Infrastructure using Cisco Intelligent Automation for Cloud

Micro Focus Network Operations Management Suite Supports SDN and Network Virtualization Engineering and Operations

Expert Insights: Expanding the Data Center with FCoE

Container Adoption for NFV Challenges & Opportunities. Sriram Natarajan, T-Labs Silicon Valley Innovation Center

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Oracle Exadata: Strategy and Roadmap

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

Communication System Design Projects. Communication System Design:

Ethernet Fabrics- the logical step to Software Defined Networking (SDN) Frank Koelmel, Brocade

2018 Cisco and/or its affiliates. All rights reserved.

Project Calico v3.2. Overview. Architecture and Key Components. Project Calico provides network security for containers and virtual machine workloads.

2013 Cisco and/or its affiliates. All rights reserved. 1

Quantum, network services for Openstack. Salvatore Orlando Openstack Quantum core developer

Transcription:

End to End SLA for Enterprise Multi-Tenant Applications Girish Moodalbail, Principal Engineer, Oracle Inc. Venugopal Iyer, Principal Engineer, Oracle Inc.

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle s products remains at the sole discretion of Oracle. 3

Agenda Introduction Application centric networking Multi-tenant application End-to-End SLA enforcement using Oracle Solaris and OpenDaylight 4

Oracle Solaris and OpenDaylight We are part of the Oracle Solaris Networking team Oracle Database 12c is the latest generation of database from Oracle. It introduces a new multi-tenant architecture We are working on providing end-to-end service for Oracle Database 12c tenants leveraging OpenDaylight for scalability and Flow management and Oracle Solaris Network Virtualization features on the edge Oracle is a silver member of ODL Oracle Solaris plans to support ODL in a future release on both x86 and SPARC platforms 5

Core Tenet of Cloud/Data Center - It s All About Applications Running Applications is the main purpose of the Cloud/Data Center Application developers are increasingly deciding the value of a Platform/Cloud Cloud needs to be Application centric and provide services oriented towards Application monitoring Application performance Application security/isolation Application availability Typically an application represents set of flows that must be treated end-to-end Point of origin to Point of termination Across virtual and physical switches 6

Existing Gaps between Applications and Networking Traditional Network Infrastructure challenges Little awareness of application flows Performance focused on Speeds and feeds instead of performance metrics like application flows completion times Network unpredictability (configuration errors, unplanned outages,..) Networks are over provisioned and often underutilized Applications are becoming multi-tenant Layer 2-4 support no longer is good enough Large number of different types of flows have to co-exist Flows with different characteristics have to be treated differently in the network Flow distribution and placement becomes important 7

Bridging Gaps between Applications and Networking Using Open Source SDN platform such as OpenDaylight its support for diverse SouthBound plugins Using OpenFlow and Service Function Chaining to program flows and services in the cloud Offloading services to the edge, when possible, to distribute processing Further offloading services on the edge to underlying NICs for better performance An enterprise can get the most value when SDN is Application Driven When clients of infrastructure are in control: Applications, Data Warehouses, Databases, and not when SDN is Network Infrastructure Driven or Platform-specific Hypervisor Driven 8

Hypervisor Overlay in the Cloud/Data Center Network virtualization build on top of overlays Needs just IP connectivity from the underlay Decouples virtual network from underlying network fabric Simple and rapid to deploy However physical network looses capability to provide differentiate services due to encapsulation Geneve might improve this situation Virtual and Physical networks are separate entities with different management software, provisioning policies, and SLA Oracle Database 12c application requires support from both underlay and overlay 9

Multi-Tenant Application 10

Evolution of Application Application [V]NIC IP address Application Ports [V]NIC IP address Application Port [V]NIC IP address IP-Based Application Port-Based Application Multi-Tenant (L4+) Application 11

Multi-tenant Aware Enterprise Applications Pros: An application instance shared among several tenants (economies of scale) Fewer application instances to be deployed and maintained (economies of simplicity) Highest consolidation density (economies of cost) Cons: Need to ensure isolation between the tenants (Security) Need to ensue one tenants activities does not affect other tenants (Noisy Neighbor) Failure of application means all the tenants are affected (Availability) Enforcement of SLA across various tenants becomes a challenge SDN is a very good fit for addressing these challenges for Cloud providers 12

Why Support Multi-tenant Application Flows? Better utilization of bandwidth and other resources All Traffic No per tenant stats or SLA lead to over-provisioned and hard-totroubleshoot Network No tenant flow awareness All Traffic High CPU% $$$$$$ Network Services like Firewall, etc All Traffic Tenant Flow Other Flow Per Tenant stats and SLA lead to easier-totroubleshoot and better-sized Network Tenant -aware network Tenant Flow Low CPU% Network Services like Firewall, etc Other Flow Tenant Flow Application Tenant Flow Profile SLA (Priority, Bandwidth, Latency) Networking Services (Firewall, etc) 13

Multi-tenant Aware Oracle DB 12c A multitenant container database (CDB) that includes zero, one, or many pluggable databases (PDBs) created for tenants Tenant A DB OS VM Many databases each in an OS and VM Tenant B DB OS VM Tenant C DB OS VM Tenant D DB OS VM Tenant A DB Single Multitenant Database Tenant B DB Single Physical Container Database OS VM Tenant C DB Tenant D DB 14

Enforcing End-to-End SLA for Multi-Tenant Aware Enterprise Applications 15

Multi-Tenant Aware Oracle DB 12c Identifying Tenant Flows In the two configurations below, it is easy to identify per-tenant DB flow and push the flow across the network Dedicated Listener per-tenant with unique VIP:PORT# Dedicated Listener per-tenant with same VIP but different PORT# IP1:port1 IP2:port2 IP4:port4 IP3:port3 IP5:port5 IP1:port1 IP1:port2 IP1:port4 IP1:port3 IP1:port5 16

Multi-Tenant Aware Oracle DB 12c Identifying Tenant Flows Shared Listener for all tenants with same VIP and same PORT# IP1:port1 Per-tenant DB flows can t be identified using L4 information since they are all same Network Isolation is done using connection string Necessitates the need for L5-L7 classification on the host either Using an efficient from of Deep packet inspection or Providing APIs for application or its framework to identify flows using L4 information 17

Multi-Tenant End to End Flows L3-L4 flow classification is sufficient if the application is not multi-tenant For a multi-tenant application, we provide a mechanism for L5-L7 classification on the host to identify tenant flows, either Using an efficient form of Deep packet inspection or Providing API for application or its framework to identify tenant flows and mapping them to L4 based flows Once we identify a tenant flow, we Translate the tenant flow to a L3-L4 flow and use OpenFlow rules to enforce SLA end to end Alternatively, we could tag the packet (in an overlay network) and use the tag to enforce SLA end to end using OpenFlow We rely on an external mechanism to configure policies for the application flows 18

Multi-Tenant Flow using ODL and OpenFlow Other SB Interfaces SDN Application NorthBound REST APIs ODL Controller platform.. OpenFlow SB Interface Identify an application flow based on L5-L7 Translate that flow into multiple L3-L4 rule OpenFlows Install OpenFlow rules on the nodes in the network for that Application Install corresponding SLA (out-of-band) for that flow Zone VNI C Network Fabric Zone VNI C Zone VNI C Packet is processed in the network based on OpenFlow rules SLA is enforced on all the nodes for the flow virtual switch virtual switch SLA is enforced in the network using DSCP PNIC PNIC 19

Multi-Tenant Monitoring and Tracing Network services are per tenant Monitor each tenant statistics Co-relate networking application performance and network state Provide hooks to fault management framework Provide flow tracing 20

Service Function Chaining Application processing involves subjecting packets to several potential services Load balancer Firewall NFV functions We plan to rely on ODL framework to stitch services together for applications For multi-tenant applications, pushing SFC to the edge allows us to optimize service processing 21

SFC Classification on the Edge SFC classification based on L5-L7 is more practical on the edge SFC chains can be optimized by collapsing the functions (assuming all the services are on the same host) Further functions could be offloaded to the hardware, where supported, to improve performance Optimized edge services for enterprise applications can be chained with additional services, e.g. if Tenants are exceeding their SLA, then they could be diverted to additional services 22

Oracle Solaris and OpenDaylight 23

Oracle Solaris Security. Speed. Simplicity. Full VM lockdown with immutable file systems Automated compliance monitoring and reporting Services run with minimal necessary privileges Application driven SDN Highly integrated OpenStack Agile self-service environments Automatic cryptographic offload Zero overhead virtualization Highest performance with Software in Silicon Co-engineered with Oracle hardware and software stack Engineered for mission critical workloads 24

Cloud-scale networking with Oracle Solaris Network Virtualization Resource Control Performance Built-in Network Management Observability APIs OpenStack Neutron Virtual NICs (VNICs), VNIC migration, Virtual switching, Hardware-assisted virtualization, Automatic VNICs for zones, SR-IOV Integration, VLAN isolation, Antispoofing protection, Converged Storage/Networking with DCB, Edge Virtual Bridging, Elastic Virtual Switch, L2 HA (DLMP) Integrated QOS, Bandwidth limits, Mapping to CPUs or CPU pools for isolation Parallel stack, NUMA I/O Framework, SR-IOV Integration, Dynamic Polling, Buffer Management, Pre-mapped buffers, Kernel Socket API, 4x Lower latency vs KVM, Converged Ethernet, Large Receive Offload Routing, Firewall, Load Balancing, VRRP, Bridging IPMP re-architecture, Vanity naming, Automatic IP configuration, Centralized IP administration, Centralized data link administration, Consolidated data link properties, Integrated data store, GLDv3 unification for legacy drivers, Real-time data link, hardware, and flow statistics. History integrated with extended accounting. Capture local traffic through through virtual switch and IP loopback path. Committed GLDv3 APIs, pluggable TCP congestion algorithms, IP Filter Hooks, Kernel socket API, Socket level Flow APIs OpenStack Neutron integration with Elastic Virtual Switch 25

Oracle Solaris and ODL We plan to support Open vswitch on Solaris We have compiled and run ODL on Solaris leveldb from community does not work on Solaris. We have ported it to Solaris and are working with the community to make it available upstream Currently Node.js is not supported on SPARC Some of the issues we have come across Determining the license for all the components in ODL. We have received useful information from the community. Thanks! Testing frameworks in the community uses tools such as mininet that are not available on all the platforms. We'd encourage the community to think about how to generalize this, to the extent possible 26

Oracle Solaris and ODL Reach out to us about participating in the Platinum Customer Beta to get early access to Oracle Solaris support for ODL We'd also like to encourage the community to make sure ODL works crossplatform (x86, SPARC etc.) and testing (build and functionality) is designed with that in mind We plan to work with the community by providing build environments for Oracle Solaris 27

Thank You 28

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback