SDN & Openflow

21
SDN AND OPENFLOW IMPLICATIONS AND PERSPECTIVES Oct 22, 2013 Vinay Bannai SDN Architect, PayPal (eBay Inc. company)

description

SDN and Openflow interactions and some use cases in the data centers.

Transcript of SDN & Openflow

Page 1: SDN & Openflow

SDN AND OPENFLOWIMPLICATIONS AND PERSPECTIVES

Oct 22, 2013

Vinay Bannai

SDN Architect, PayPal (eBay Inc. company)

Page 2: SDN & Openflow

SDN DEFINITION

ONF definition

Separation of Control Plane and Forwarding Plane

Logically centralized Control Plane

Abstractions and Programmatic Interface to the Applications

SDN at PayPal

SDN is part of our larger effort to implement SDDC (Software Defined Data Center) and is

a critical component

SDDC : Orchestration of compute, storage and network

Part of our new network architecture

Page 3: SDN & Openflow

SOFTWARE DEFINED DATA CENTER

Block StorageCompute

Networking

Proprietary Vendor Solution

Object Storage

Page 4: SDN & Openflow

WHY NEW NETWORK ARCHITECTURE IS NEEDED?

Stranded Compute Capacity

Compute virtualization has been the key driver

Use Compute capacity wherever available irrespective of network zones and boundaries

Multi Tenancy

Different Cloud Clients with varying service and security requirements

Tenant isolation

Rigid Network Topologies

Design networks according to application needs instead of other way around

Automate Everything

Cloud Orchestration

Page 5: SDN & Openflow

USE CASES DRIVING SDN AT PAYPAL

Production

LTS deployment

Flex-up

Flex-down

Multi-tenancy

Page 6: SDN & Openflow

LIVE TO SITE – HOW IT IS DONE

6

DesignCollaborate & Review Code CI&CD

Capacity Release

Live to Site

StorageNetworking

LB TicketsFW

TicketsMisc

Tickets

Page 7: SDN & Openflow

Code Build/Test Deploy

LTS – WHAT WE LIKE TO SEE

Page 8: SDN & Openflow

PaaSIaaSLive in

FunctionRoll code

Partial Automated F/W config

Automated Add to LB

Automated Allocate Cache

Application Demand *

0 hours 0 hoursDemand 15 min

Provisioning IaaS Server

Automated Light Server

Automated provision per application

FLEX UP AND FLEX DOWN BURSTING

8

PaaS IaaS

Delete VM’sLTM DisableApplication Demand *

3-24 hrs 0 hoursDemand 15 min

Allocate to cache

Validate Capacity (3-24 hrs)

Page 9: SDN & Openflow

MULTI-TENANCY

App Svr

OS

VM

App Svr

OS

VM

App Svr

OS

VM

App Svr

OS

VM

App Svr

OS

VM

App Svr

OS

VM

Tenant B

Physical Network

Tenant A Tenant C

App Svr

OS

VM

App Svr

OS

VM

Network Virtualization

Router

Page 10: SDN & Openflow

OpenFlow Control Layer

SDNApp

SDNApp

SDNApp

OPENFLOW BASICS

OpenFlow

Page 11: SDN & Openflow

OPENFLOW BASICS

Page 12: SDN & Openflow

SERVICE NEEDS OF A TENANT IN A DATA CENTER

Compute and Storage

Network separation/isolation

Overlay networks (VXLAN, NVGRE, STT etc)

Provider networks (VLANs)

Three tier architecture

Logical switches and routers for the VM’s

Perimeter Firewalls and Security Groups

Load Balancers

etc

Page 13: SDN & Openflow

DATACENTER ARCHITECTURE

Internet

Racks

Layer-3 switchAccess

Data Center

Layer-3 switchAggregation

Layer-3 routerCore

Bisection BW

Bisection BW

Bisection BW

Page 14: SDN & Openflow

Internet

OF switches

Layer-3 switchAccess

Data Center

Layer-3 switchAggregation

Layer-3 routerCore

Bisection BW

Bisection BW

Bisection BW

VM VMVMVMVMVM VM VM VM VM

DATACENTER ARCHITECTURE WITH OPENFLOW VSWITCHES

EdgeLayer

Page 15: SDN & Openflow

DATACENTER ARCHITECTURE WITH OPENFLOW VSWITCHES

Layer-3 switch

Access

Data Center

VM

VM

VM

VM

VM

Racks Racks Racks

VM

VM

VM

VM

VM

VM

VM

VM

VM

VM

Page 16: SDN & Openflow

VM

VM

VM

VM

VM

Multi-Tenancy withOverlay Network

SDN Controller

Service API

VM

VM

VM

VM

VM

VM

VM

VM

VM

VM

Page 17: SDN & Openflow

Firewall As A Service

VM

VM

VM

VM

VM

SDN Controller

VM

VM

VM

VM

VM

VM

VM

VM

VM

VM

Distributed Firewall & SG

Page 18: SDN & Openflow

IMPORTANT IMPLICATIONS

Challenges due to organization structure

System Admins (manage compute infrastructure)

Network Admins (manage network infrastructure)

OF enabled Software Switches now reside in a computer server

There are lots of them!!

Networking Device sitting in a device controlled by IT admins

Different approaches to SDN’s

Pure Software play

Pure Hardware play

Hybrid Play

Page 19: SDN & Openflow

VM

VM

VM

VM

VM

Data CenterPhysical Network

SDN Controller

Service API

VM

VM

VM

VM

VM

VM

VM

VM

VM

VM

Page 20: SDN & Openflow

Confidential and Proprietary20

• SDN is a component of our SDDC

• SDN is mostly pure software, but will move to Hybrid mode

• Enables agility, cuts cycle time

• OF soft switches reside in the hypervisors

• OF soft switches outnumber physical switches 50 to 1

• OF soft switches operate at the edge of the network

• Enable multi-tenancy with overlay and physical networks

• Enable distributed firewalls and security groups

SUMMARY

Page 21: SDN & Openflow

THANK YOU

Vinay Bannai, [email protected]