Monitoring Security Policies for Container and OpenStack Clouds
11
OpenStack Summit | Barcelona, Spain Monitoring Security Policies for Container and OpenStack Clouds
-
Upload
plumgrid -
Category
Technology
-
view
78 -
download
0
Transcript of Monitoring Security Policies for Container and OpenStack Clouds
OpenStack Summit | Barcelona, Spain
Monitoring Security Policies for Container and OpenStack Clouds
Copyright © PLUMgrid, Inc. 2011-20162
IntroductionSpeaker
Solutions Architect, PLUMgrid
ArifJamal
Part of the OpenStack community for 3+ years, and over the years have worked with various enterprises, telcos and service providers to develop their OpenStack based cloud infrastructures and SDN strategy & architecture. A self-motivated and passionate professional having 7+ years of experience in data center technologies, telecommunications, virtualization and software defined networking.
Copyright © PLUMgrid, Inc. 2011-20163
Cloud Infrastructure Trends
2003 2010 2017
• Routers, switches, compute• Usual hardware suspects
• Static architecture• Private/Hybrid• Reduced cost of Infra• Self hosted and controlled env
• OS & Containers• Flexible, scalable, elastic• Dynamic, agile, self-service• Cloud-Native app Dev
Copyright © PLUMgrid, Inc. 2011-20164
Virtual & Physical Network InfrastructureMicro-segmentation, VNFs, Security Policies for OpenStack and Containers
4
Physical Network Infrastructure
• QoS, Bandwidth & Latency • Multicast• Capacity• Connectivity
Virtual Network Infrastructure
• Rich set of Network Functions• Isolation & Micro-segmentation• Policy-based security/filtering• Advanced Analytics• Portable across any platform
Virtual Domain C
Overlay Network Abstraction
Copyright © PLUMgrid, Inc. 2011-2016
“Overlay-based” Networking Model
• Multi-tenancy achieved by “overlaying” MAC-in-IP ‘Tunnels’ onto the physical switch fabric (underlay, transport network)
• Encapsulation header (VXLAN, NVGRE, STT) convey tenant network ID to enable full isolation and overlapping IP Address spaces support
• Software layers to implement routing / switching operations within and across tenant networks
Copyright © PLUMgrid, Inc. 2011-2016
• Text heavy, rows of data• Individual components• Weak virtual & physical view• Not intuitive• Limited accuracy • Not real-time data
Traditional tools won’t cut it
Copyright © PLUMgrid, Inc. 2011-20167
PLUMgrid CloudApexTM
Zero Day Operations
Bridges gap in expertise in Enterprises for private cloud
environments
Problem Isolation
Effectively pinpoints issues across virtual/physical
infrastructure
Configurable and Extensible
From PLUMgrid, to cloud and 3rd party components
Cloud Visualization platform displaying real-time status of virtual and physical resources in an private data center environment
Copyright © PLUMgrid, Inc. 2011-20168
PLUMgrid CloudApex™ Highlights
DEMO
9
Copyright © PLUMgrid, Inc. 2011-2016
Demo: PLUMgrid CloudApex
10
OverviewVisualization of SDN Layer in an Private Cloud Deployment
Use CaseEnable Operational Teams supporting Private/Public Cloud environments
What to expectDynamic rendering of virt/phys resourcesDynamic rendering of heatmap functionality
Environment
Visit Us @Booth B37
THANK YOU!
www.plumgrid.com
