Download pptx

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
Document related concepts

CAN bus wikipedia , lookup

Deep packet inspection wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Internet protocol suite wikipedia , lookup

Network tap wikipedia , lookup

Computer network wikipedia , lookup

Serial digital interface wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Asynchronous Transfer Mode wikipedia , lookup

IEEE 802.1aq wikipedia , lookup

Wake-on-LAN wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

Airborne Networking wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

IEEE 1355 wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Routing in delay-tolerant networking wikipedia , lookup

UniPro protocol stack wikipedia , lookup

Multiprotocol Label Switching wikipedia , lookup

Transcript 
Cloud Computing inside
Virtualized Datacenters
V. Arun
College of Computer Science
University of Massachusetts Amherst
1
Data center networks
 10’s to 100’s of thousands of hosts, often closely coupled, in
close proximity:
• e-business (e.g. Amazon)
• content-servers (e.g.,YouTube, Akamai, Apple, Microsoft)
• search engines, data mining (e.g., Google)

challenges:
 multiple applications, each
serving massive numbers of
clients
 managing/balancing load,
avoiding processing,
networking, data bottlenecks
Inside a 40-ft Microsoft container,
Chicago data center
Link Layer
UNIVERSITY OF MASSACHUSETTS AMHERST • School of Computer Science
5-2
Data center networks
load balancer: application-layer routing
 receives external client requests
 directs workload within data center
 returns results to external client (hiding
data center internals from client)
Internet
Border router
Load
balancer
Access router
Tier-1 switches
B
A
Load
balancer
Tier-2 switches
C
TOR switches
Server racks
1
2
3
4
5
6
7
8
UNIVERSITY OF MASSACHUSETTS AMHERST • School of Computer Science
Link Layer
5-3
Data center networks

rich interconnection among switches, racks:
 increased throughput between racks (multiple routing
paths possible)
 increased reliability via redundancy
Tier-1 switches
Tier-2 switches
TOR switches
Server racks
1
2
3
4
5
6
7
8
UNIVERSITY OF MASSACHUSETTS AMHERST • School of Computer Science
Key broad questions
 How are massive numbers of commodity machines
networked inside a data center?
 Virtualization: How to effectively manage physical
machine resources across client virtual machines?
 How to reduce major capital and operational costs:
• Server equipment
• Power and cooling
• Power and cooling
This lab: mainly gain some insights into the second question.
UNIVERSITY OF MASSACHUSETTS AMHERST • School of Computer Science
5
Common cloud computing models
 Service models:
• IaaS: Infrastructure as a Service (e.g., Amazon EC2, Microsoft
Azure, Google Compute Engine)
• PaaS: Platform as a Service (e.g., Google AppEngine)
• SaaS: Software as a Service (Office360, Amazon DynamoDB)
 Management:
• Public clouds: Utility model, shared hardware, no control of
hardware, self-managed (AWS, Azure, GCE)
• Private clouds: More isolated (secure?), federal compliance,
customizable hardware, customizable hardware sharing
UNIVERSITY OF MASSACHUSETTS AMHERST • School of Computer Science
6
OpenStack: A cloud OS for private clouds
OpenStack is a cloud operating system that controls large pools of compute,
storage, and networking resources throughout a datacenter, all managed
through a dashboard that gives administrators control while empowering their
users to provision resources through a web interface.
UNIVERSITY OF MASSACHUSETTS AMHERST • School of Computer Science
7
OpenStack UI
UNIVERSITY OF MASSACHUSETTS AMHERST • School of Computer Science
8
Where Contrail fits in
 OpenContrail plugs into OpenStack’s networking
component (Neutron)
UNIVERSITY OF MASSACHUSETTS AMHERST • School of Computer Science
9
Contrail system overview
UNIVERSITY OF MASSACHUSETTS AMHERST • School of Computer Science
10
Contrail nodes
 Configuration nodes: persistent configuration state
 Control nodes: keeps ephemeral network state and and
effects logically centralized control plane
 Analytics nodes: Statistics from network elements
 Compute nodes: General-purpose virtualized servers
 Gateway nodes: Physical routers connecting tenant to
external networks
 Service nodes: Forwarding plane services (deep packet
inspection, intrusion detection, WAN bandwidth
optimizers, etc.) or “NFVs”
UNIVERSITY OF MASSACHUSETTS AMHERST • School of Computer Science
11
Internal structure of compute node
UNIVERSITY OF MASSACHUSETTS AMHERST • School of Computer Science
12
vRouter functions
 vRouter agent
•
•
•
•
Exchanging control state
Receiving low-level config state
Reporting analytics, installing forwarding state
Proxying DHCP, ARP, DNS, etc.
 vRouter forwarding plane
• Encapsulating to-overlay packets and decapsulating fromoverlay packets
• Assigning packets to routing instance based on VNI
• Implementing forwarding policy rules
UNIVERSITY OF MASSACHUSETTS AMHERST • School of Computer Science
13
vRouter forwarding plane internals
UNIVERSITY OF MASSACHUSETTS AMHERST • School of Computer Science
14
Control nodes




Receive config state from configuration nodes (IF-MAP)
Exchange routes with each other using IBGP
Exchange routes with vRouters (XMPP)
Exchange routes with external gateways using BGP
UNIVERSITY OF MASSACHUSETTS AMHERST • School of Computer Science
15
Control node internals
Network control protocol is BGP (not OpenFlow but analogous)
UNIVERSITY OF MASSACHUSETTS AMHERST • School of Computer Science
16
Configuration node functions




REST API for north-bound interface to OpenStack
Cassandra key-value store for persistent config storage
Schema transformer (high-level to low-level)
ZooKeeper for transactions to assign unique IDs
UNIVERSITY OF MASSACHUSETTS AMHERST • School of Computer Science
17
Configuration node
UNIVERSITY OF MASSACHUSETTS AMHERST • School of Computer Science
18
Multi-tenancy
UNIVERSITY OF MASSACHUSETTS AMHERST • School of Computer Science
19
Service chaining
UNIVERSITY OF MASSACHUSETTS AMHERST • School of Computer Science
20
This lab
 Familiarization with OpenStack and OpenContrail UIs
 Create simple virtual networks with virtual servers and
virtual routers
 Create simple multi-tenant networks
 Understand MPLS based tunneling mechanism for
setting up flow rules
 Understand virtualization, isolation, load balancing
 Use tools like glance to load VM images
UNIVERSITY OF MASSACHUSETTS AMHERST • School of Computer Science
21
VIRTUAL CIRCUITS AND
MPLS TUNNELING
Network Layer 4-22
Connection, connection-less service



datagram network (Internet) provides networklayer connectionless service
virtual-circuit network (ATM) provides networklayer connection service
analogous to TCP/UDP connecton-oriented /
connectionless transport-layer services, but:
 service: host-to-host
 no choice: network provides one or the other
 implementation: primarily in network core
Network Layer 4-23
Virtual circuits (e.g., ATM)
source-to-dest path behaves like telephone circuit
 performance-wise
 network actions along source-to-dest path



call setup, teardown for each call before data can flow
every router on source-dest path maintains “state” for
each passing connection
link, router resources (bandwidth, buffers) may be
allocated to VC (dedicated resources = predictable service)
Network Layer 4-24
Virtual circuit implementation
VC consists of:
1. path from source to destination
2. VC numbers, one number for each link along path
3. entries in forwarding tables in routers along path


packet belonging to VC carries VC number
(rather than dest address)
VC number typically changed on each link.

new VC number comes from forwarding table
Network Layer 4-25
Virtual circuit forwarding table
22
12
1
1
2
3
1
…
3
VC number
interface
number
forwarding table in
northwest router:
Incoming interface
2
32
Incoming VC #
12
63
7
97
…
Outgoing interface
Outgoing VC #
3
1
2
3
22
18
17
87
…
…
VC routers maintain connection state information!
Network Layer 4-26
Virtual circuit signaling



used to setup, maintain teardown VC
used in ATM, frame-relay, X.25
not used in today’s Internet
application
6. receive data application
5.
data
flow
begins
transport How does this compare to datagram transport
4. call connected
3. accept call
network
network
networks
like the Internet?
1.
initiate
call
2.
incoming
call
data link
data link
physical
physical
Network Layer 4-27
Datagram networks (e.g., Internet)


no call setup at network layer
routers: no state about end-to-end connections
 no network-level concept of “connection”

packets forwarded using destination host address
application
transport
network 1. send datagrams
data link
physical
application
transport
2. receive datagrams network
data link
physical
Network Layer 4-28
Datagram forwarding table
routing algorithm
local forwarding table
dest address output link
address-range 1
address-range 2
address-range 3
address-range 4
4 billion IP addresses, so
rather than list individual
destination address
list range of addresses
(aggregate table entries)
3
2
2
1
IP destination address in
arriving packet’s header
1
3 2
Network Layer 4-29
Longest prefix matching
longest prefix matching
when looking for forwarding table entry for given
destination address, use longest address prefix that
matches destination address.
Destination Address Range
Link interface
11001000 00010111 00010*** *********
0
11001000 00010111 00011000 *********
1
11001000 00010111 00011*** *********
2
otherwise
3
examples:
DA: 11001000 00010111 00010110 10100001
DA: 11001000 00010111 00011000 10101010
which interface?
which interface?
Network Layer 4-30
Multiprotocol label switching (MPLS)

initial goal: high-speed IP forwarding using fixed
length label (instead of IP address)
 fast lookup using fixed length identifier (rather than
longest prefix matching)
 borrowing ideas from Virtual Circuit (VC) approach
 but IP datagram still keeps IP address!
PPP or Ethernet
header
MPLS header
label
20
IP header
remainder of link-layer frame
Exp S TTL
3
1
5
Link Layer 5-31
MPLS capable routers


a.k.a. label-switched router
forward packets to outgoing interface based only on
label value (don’t inspect IP address)
 MPLS forwarding table distinct from IP forwarding tables

flexibility: MPLS forwarding decisions can differ from
those of IP
 use destination and source addresses to route flows to
same destination differently (traffic engineering)
 re-route flows quickly if link fails: pre-computed backup
paths (useful for VoIP)
Link Layer 5-32
MPLS versus IP paths
R6
D
R4
R3
R5
A
R2

IP routing: path to destination determined
by destination address alone
IP router
Link Layer 5-33
MPLS versus IP paths
entry router (R4) can use different MPLS
routes to A based, e.g., on source address
R6
D
R4
R3
R5
A
R2


IP routing: path to destination determined
by destination address alone
IP-only
router
MPLS routing: path to destination can be
based on source and dest. address
MPLS and
IP router
 fast reroute: precompute backup routes in
case of link failure
Link Layer 5-34
MPLS signaling

modify OSPF, IS-IS link-state flooding protocols to
carry info used by MPLS routing,
 e.g., link bandwidth, amount of “reserved” link bandwidth

entry MPLS router uses RSVP-TE signaling protocol to set
up MPLS forwarding at downstream routers
RSVP-TE
R6
D
R4
R5
modified
link state
flooding
A
Link Layer 5-35
MPLS forwarding tables
in
label
out
label dest
10
12
8
out
interface
A
D
A
0
0
1
in
label
out
label dest
out
interface
10
6
A
1
12
9
D
0
R6
0
0
D
1
1
R3
R4
R5
0
0
R2
in
label
8
out
label dest
6
A
out
interface
in
label
6
outR1
label dest
-
A
A
out
interface
0
0
Link Layer 5-36
Related documents
MPLS
MPLS
PRINCIPLES FOR ECONOMIC
PRINCIPLES FOR ECONOMIC
Ultra-Low Power Storage for Sensor Networks
Ultra-Low Power Storage for Sensor Networks
Multiprocessor Memory Allocation
Multiprocessor Memory Allocation
3rd Edition: Chapter 4
3rd Edition: Chapter 4
Slides
Slides
Multiprocessor Memory Allocation
Multiprocessor Memory Allocation
Multiprocessor Memory Allocation
Multiprocessor Memory Allocation
Multiprocessor Memory Allocation
Multiprocessor Memory Allocation
ppt used in lecture
ppt used in lecture
News from the Massachusetts Medical Society
News from the Massachusetts Medical Society
EC310 Hwk 11
EC310 Hwk 11
field 55: adult basic education
field 55: adult basic education
Finance Evolution
Finance Evolution
The Pinello Lab at Massachusetts General Hospital / Harvard
The Pinello Lab at Massachusetts General Hospital / Harvard
New England Regional Center of Excellence for Biodefense
New England Regional Center of Excellence for Biodefense
lihuan_3
lihuan_3
Digestive System - Mr. Coach Risinger 7Y Science
Digestive System - Mr. Coach Risinger 7Y Science
55 Amherst Road - Pelham Library
55 Amherst Road - Pelham Library
FORM B – BUILDING Assessor`s number
FORM B – BUILDING Assessor`s number
QoS in Converged Networks
QoS in Converged Networks
Next Generation Internet
Next Generation Internet