Upload
others
View
9
Download
0
Embed Size (px)
Citation preview
“Testbeds as a Service” Building Future Networks A view into a new GEANT Service
Jerry Sobieski (NORDUnet) GLIF Tech Atlanta, Mar 18, 2014
2 Connect | Communicate | Collaborate
! Network Innovation requires testing to prove out... ! Testing in live networks can have unintended
effects on non-combatants. Other users and network providers don’t like being crash test dummies.
! “Production” environments have the required scale but are highly risk averse.
From Innovation to Infrastructure
How do we evolve innovations from concept to production with minimal risk to infrastructure, services, and applications already in place providing on-going stable and reliable services?
3 Connect | Communicate | Collaborate
Networking R&D Laboratories
! The network research community needs “Laboratories” to test novel concepts ... ! Constructed from stable underlying infrastructure ! Allow high risk experiments to be carried out... ! Yet prevent unexpected or errant behaviour from
interfering with production services or other research activities
! Provide reliable and effective work environment for the researcher
! Enable a broad range of innovation – i.e. technology agnostic
! Agile: Ability to rapidly prototype new ideas or integrate new results
! Scalable: Ability to construct large scale test environments
! These laboratories must be able to duplicate real world scenarios such that research results are useful and valid
4 Connect | Communicate | Collaborate
GN3+SA2 Testbeds as a Service “TaaS”
! SA2 key service capabilities: ! Dynamic “Packet” Testbeds – dynamically allocated, virtual networks provisioned
over production transport and switching infrastructure with a pan-European footprint. – Under control of the researcher – Insulated to prevent collateral damage – Flexible user defined network resources, can morph as necessary – Extensible support for novel hardware
! “Dark Fiber” Testbeds –photonic testbeds over dark/dim fiber along long haul routes between a limited set of major EU metro areas. – Virtualization of these resources is hard...but we’ll see...
! “GOFF” – a prototype OF testbed originally fielded by GN3-JRA2 – Software emulated OpenFlow switching (OVS) – Bridge service as TaaS ramps up...
! SA2 is a GEANT Production Service ! The test beds it creates are expected to be reliable and consistently available. ! Which means the SA2 support processes must be stable and secure ! This integrated “multi-species” virtualization represents new technology and
continues to evolve in the community ... There continues to be many research efforts, and many emerging frameworks and service models...
5 Connect | Communicate | Collaborate
A Brief Dive into the Internals:
Data plane resource graph
L1
B
L2
C L3
A
p0 p1 src
dst if1
if2 dst src
dst
src if0
if1 if3 if2
class: EFTSlink class: EFTSlink
Class: EFTSlink
class: x86VM
class: etherSwitch
class: x86VM
A C
B
Ethernet Switch “B”
VLAN “L1”
Testbed “Alpha” Description
X86 Server “C” Virtual
Circuit “L3”
VLAN “L2” Virtual Machine
“A”
The TaaS Architecture treats all [testbed] networks as graphs Internally, TaaS represents all testbed
components as virtual “resources” with data flow ports. User specified Port adjacency relations define the testbed topology.
6 Connect | Communicate | Collaborate
TCA
TaaS Dynamic Testbed Provisioning - How it works
Researcher has a brilliant idea
Researcher logs in, builds a testbed description via a web GUI
Resource Manager allocates resources
Network testbed concept to test brilliant idea
Testbed Template doc “BrilliantIdea” network
Testbed is activated and user controls it via the TCA
L1
B L2
CL3
A
p0 p1
src dst p1
p2 Z A
src dst
if0 if2
Switch “B”
Virtual Circuit “L1”
VM “C” VC “L3”
VC “L2” Virtual
Machine “A”
RM
Resource A port p0, p1; Resource B port out1, out2; Adj B/out1==A/p0;
7 Connect | Communicate | Collaborate
Testbed X Control Agent Testbed z
Control Agent
TaaS Virtualization Layer Services
GEANT “Testbeds as a Service” Virtualization, Management, and Control Layers
Testbed X Control Agent
Testbed Y Control Agent
SA2 Core Resource Manager and Resource Control Methods
CPH BRA AMS GN3+SA2 Core Physical Infrastructure
OpenNSA/BoD
GN3 & NRENs
User Control Inteface
OpenStack NFS JunOS/HP
Routing/Switching Resources
Compute Resources Storage Resources Transport
Resources
8 Connect | Communicate | Collaborate
Resource Specific Testbed Control Primitives
! Each Resource Class defines methods (control primitives) that translate high level TaaS control semantics to resource specific command sequences. ! Each resource class must implement the gang of five..
– Reserve() – Activate() – Query() – Deactivate() – Release()
! Each resource class may define additional control primitives/semantics that may be specific to that class of resource only
! New resources classes may be introduced into the TaaS service by developing these control primitives
9 Connect | Communicate | Collaborate
Resource Roadmap
! Processing Resources ! Virtual Machine (v1.0) ! Virtual OpenFlow Fabric (v1.0) ! Bare Metal Nodes (v1.1) ! Virtual Switches ! Virtual Routers (v1.1)
! Transport Resources ! Virtual Circuits (v1.0) – Ethernet framed endpoints, VLAN
deliniated ! BE IP subnets(v1.1) ! Waves (v1.x) ! Photonic spectrum (v2.0)
! Other Resources ! IP Subnet – User access gateway ! Wifi / mobile
10 Connect | Communicate | Collaborate
SA2 Testbeds
Compute Resources Storage Resources
Geographically distributed physical resource pool
Network Transport Resource
(e.g NSI BoD service)
Testbed X Testbed Y
GN3+SA2 Intelligent Resource Mapping Layer
11 Connect | Communicate | Collaborate
Internet
SA2 Testbeds- External Access
Compute Resources
Storage Resources
Geographically distributed physical resource pool
Network Transport Resource
(e.g NSI BoD service)
Testbed X Testbed Y
Inter-testbed connectivity via externally exposed ports. External connectivity via NSI provisioned connections
GN3+SA2 Intelligent Resource Mapping Layer
12 Connect | Communicate | Collaborate
SA2 Multi-domain Testbeds (Phase 2)
Provider C Resources Provider A Resources
Provider B Resources
Globally interoperating virtualized services domains establish a globally distributed user controlled [SDN] VNE domain...
Promotes deterministic Operations Monitoring and Performance Verification
Testbed X Control Agent
13 Connect | Communicate | Collaborate
GN3 OpenFlow Facility
LON FRA
ZAG
VIE AMS
(Interim Bridge Service until TaaS is launched)
14 Connect | Communicate | Collaborate
TaaS Deployment Plan (as of Jan 2014)
CPH
LON
AMS
LJU
FRA
BRA
ZAG
VIE
1
2
3
4
PAR MIL GVA ATH PRA
GOFF=FRA, AMS, VIE, LON, ZAG
15 Connect | Communicate | Collaborate
TaaS initial multi-domain interconnection concept
vm vm V*
SA2 intra-service
Layer2 bridging/switching
GEANT SA3 BoD (inter-domain reach
using NSI provisioning for data transport
resources)
AMS
CPH LON
LJU
BRA
vm vm V* vm vm V*
vm vm V* vm vm V*
... ...
NSI
NSI
NSI
vm vm v
m vm
vm vm
vm vm
vm vm
... ...
Other NSI domains
NSI
vm vm v
m vm
vm vm
vm vm
vm vm
... ...
Other NSI domains
NSI Connection Services create multi-domain transparent data planes
16 Connect | Communicate | Collaborate
Inter-Domain & Multi-Domain
! Testbeds (virtual network environments/slices) must extend/scale globally - yet preserve security, insulation, control, privacy, etc
! GEANT SA2-T4 is exploring a strategy ! EU deployment within NRENs and Campus service
implementations ! Inter-domain interoperation with similar projects in other
international regions – US/NA (Internet2 AL2S, GENI ) – SA – APAC
! Common service model, common inter-domain architecture, consensus protocol(s), ...
17 Connect | Communicate | Collaborate
TaaS Features Roadmap
! TaaS v1.0 Full – April 2014 ! Resources: new VM flavors (e.g. “thin” VMs) ! Begin migrating GOFF users to TaaS ! NAS storage, 10Gbps VCs,...
! TaaS 1.1 Sep 2014 ! Virtual Router resources – specifics TBD
– Juniper?, OpenFlow, 10+ Gbps,... (TBD!) ! Interface with BoD (SA3) and NRENs for VCs ! Bare Metal servers (blade servers (?)) ! “Cloud”/Datacenter integration ! Initial multi-domain resource brokering
! TaaS 2.0 CY15-Q1 ! GN4 - 2015-2022 (!) – Project being defined now...
18 Connect | Communicate | Collaborate
SA2 TaaS Conspirators:
! GARR ! PSNC ! TERENA ! DANTE
! CESnet ! AMRES ! GRnet ! RedIRIS ! DFN ! RENETER ! HEAnet ! NIIFI ! NORDUnet
19 Connect | Communicate | Collaborate
SA2 Ring Leaders
! SA2 Activity Leader: Jerry Sobieski (NORDUnet) The [actual] important people:
! T1: Hardware and Systems Eng TL: Dom Tailor (DANTE) ! T2: Software Development TL: Blazej Pietrzak (PSNC) ! T3: Service Management TL: Peter Szegedi (TERENA) ! T4: Multi-Domain Interoperability TL: Fabio Farina (GARR)
Blazej Pietrzak Peter Szegedi Fabio Farina Dom Tailor
20 Connect | Communicate | Collaborate
Questions?