Appswitch questions the status quo of networking in container/ Docker/ Kubernetes world and provides an alternate to overlays network with better performance and less complexity.

1. AppSwitch: Container for
networking
28th July, 2018/ Docker + k8s Pune meetup
Ashish Puri/ Engineer @ AppOrbit

2. Agenda
- Recap of networking in docker/ kubernetes world
- How networking is broken in container world
- AppSwitch features/ working/ architecture
- AppSwitch demo

3. Packet Journey in kubernetes cluster

4. Packet Journey in kubernetes cluster
All problems in computer science can be solved with another layer, except
of course the problem of too many layers. – David Wheeler
- Many optimizations to improve the layers
- Complexity
- Can we remove the layers and associated complexity
instead?

5. Network Namespace is broken

6. What applications want wrt n/w?
Applications care about
- socket()
- bind()
- listen()
- connect() etc...

7. AppSwitch: Let’s give what applications care about

8. AppSwitch: Packet Journey in kubernetes cluster

9. AppSwitch: Promises
- Give apps sockets instead of devices
- NOT in data path (for TCP)
- Remove complexity (one daemonset [DS]/ container)
- Proxy less client side load balancer
- Application segmentation based on labels
- Service discovery/ registry
- Native or better performance

10. AppSwitch: Working
- Trap application’s system call (n/w related)
- listen()/ bind() to create a server endpoint and maintain service registry
- Virtualize ports/ IPs at system call layer
- listen()/ bind() to create virtual endpoints
- listen()/ bind(1.1.1.1:80) → listen()/ bind(10.0.0.15:40XYZ)
- Application/ server information is shared to other cluster nodes via gossip
protocol
- Connect() to connect to appropriate endpoint
- connect(1.1.1.1:80) → connect(10.0.0.15:40XYZ)
- Do NOT trap read/ write system call -- out of data path (for TCP)

11. AppSwitch: Working
- Give any name/ vIP to the app -- decouple app identity from the n/w’s
- Auto discovery of all servers as they bind()/ listen()
- Zones for segmentation
- Same application name (within same zone) will trigger client side load
balancing

12. AppSwitch: Architecture

13. AppSwitch: Demo
- Simple iperf server and client working
- With kubernetes: Make app (yaml) AX aware

14. References/ Links
- AppSwitch paper: http://hci.stanford.edu/cstr/reports/2017-01.pdf
- appswitch.io -- Click on documentation
- https://github.com/coreos/flannel/blob/master/Documentation/backends.md
- https://blog.laputa.io/kubernetes-flannel-networking-6a1cb1f8ec7c
- Jerome Petazzoni blog about appswitch --
http://appswitch.io/blog/appswitch_hyperlay_network_stack_future/
- https://networkop.co.uk/post/2018-05-29-appswitch-sdn/
- Dinesh Subhraveti: https://twitter.com/dsubhraveti
- http://apporbit.com -- https://www.linkedin.com/company/apporbit-inc-/

15. Questions?
Ashish Puri
ashish.puri@gmail.com
https://www.linkedin.com/in/ashish-puri-63a703/