SlideShare une entreprise Scribd logo

CloudStack Conference 2012: Open vSwitch & OpenFlow in XCP & XenServer

The Linux Foundation
The Linux Foundation

As more businesses explore the benefits of cloud computing, network managers will have to increasingly meet the challenges of redesigning their networks for the cloud. This talk will introduce the basic concepts of Open vSwitch & Openflow and show how these technologies can help satisfy these needs. We will also explain how Open vSwitch fits into XCP and XenServer and routing of dataflows. First part of talk discussing the networking challenges that cloud implementers face. - Networking challeges - Data isolation Introducing Open vSwitch - What it is, and its features - Why it is important in a virtualized environment Openflow - Basics of Openflow - How flows are routed in XenServer & XCP

1  sur  24
Télécharger pour lire hors ligne
CloudStack Collaboration Conference 2012 Under the Hood: Open vSwitch & OpenFlow in XCP & XenServer Dominic Curran Citrix XenServer Software Engineer Nov 2012 Slides available under CC BY-SA 3.0
2 Contents ● Linux Bridge ● What does Open vSwitch Provide ? ● Open vSwitch Project ● How Open vSwitch works ● How Openflow works Slides available under CC BY-SA 3.0
3 What's wrong with Linux Bridge ? ● Linux Bridge: ● Open vSwitch: – Nothing ! – Full L2-L4 matching capability – L2 switch. Fast & reliable – Decision in userspace – Simple forwarding – ACLs, QoS & Bonding – Mobility of state Userspace Module Userspace Module VM VM VM VM Bridge Kernel Module Bridge Kernel Module OVS Kernel Module OVS Kernel Module VM VM VM VM packet packet Slides available under CC BY-SA 3.0
4 What does Open vSwitch Provide ? ● Provide greater visibility into the XenServer networking layer ● Provide distributed fine grained networking configuration and control policies ● Allows XenServer to be part of switching fabric ● Makes Network Admins happy. ● A Little History: – Research project from Standford University – Bay Area startup – Nicira – Partnered with Nicira 2009 Slides available under CC BY-SA 3.0
5 Open vSwitch Project ● http://openvswitch.org ● Developed under GPL & Apache 2 License ● Mailing Lists – Announcements: announce@openvswitch.org – User-level discussion: discuss@openvswitch.org – Dev (code review, etc): dev@openvswitch.org – Mail Archives available ● As of Linux 3.3 patches started to be accepted for Open vSwitch. Slides available under CC BY-SA 3.0
master git clone git://openvswitch.org/openvswitch branch-1.8 branch-1.7 branch-1.6 branch-1.5 branch-1.4.3 XS 6.1 branch-1.4.2 LTS branch-1.4.1 Open vSwitch Git Tree Source repository: branch-1.4 branch-1.3 Slides available under CC BY-SA 3.0 branch-1.2 XS 6.0.2 branch-1.1 XS 6.0 LTS $ vlan-maint ● (Open vSwitch 1.0) 6
7 Open vSwitch OpenSource Contributors $ git log | grep Author | cut -d “:” -f 2 | sort | uniq -c | sort | -nr In no particular order: ● Redhat ● IBM ● NEC ● HP ● Nicira ● Fujitsu ● Google ● Broadcom ● Cisco ● Intel ● Citrix Slides available under CC BY-SA 3.0
8 Main Components ● Open vSwitch – Open source: www.openvswitch.org – Kernel mode module for packet switching (openvswitch_mod.ko) – User space daemon for rules evaluation (ovsdb-server & ovs-switchd) – Configured via OpenFlow protocol: www.openflow.org XenServer XenServer XenServer XenServer ● OpenFlow Controller Host Host Host vSwitch HostvSwitch vSwitch vSwitch – Open vSwitch has a number of nice standalone features – BUT remote management is probably its most powerful – Nearly every aspect can be controlled remotely OpenFlow OpenFlow – Typically a deployment uses a centralized Controller Controller Controller – DVSC (Distributed Virtual Switch Controller) ● One DVS Controller can manage multiple XenServer pools XenServer XenServer ● Can be hosted in the same pool as it is managing Host Host vSwitch ● Provides Flexible way to group hosts for network management vSwitch Slides available under CC BY-SA 3.0
9 Architecture of Open vSwitch ● Each host runs a vSwitch userspace daemon plus kernel module – ovs-vswitchd & ovsdb-server – Drop-in replacement for the Linux bridge based stack. – Daemon evaluates flow rules to determine destination of each frame. – Pushes rules down into the kernel as necessary. ● In isolation the vSwitch acts much as the Linux bridge does: – Layer-2 MAC learning on physical and virtual interfaces. – From the XenServers toolstack level there is very little observable difference. – Under the hood the management tools, configuration of the stack etc are very different. ● Optionally may connect to central Controller for distributed coordination and control Slides available under CC BY-SA 3.0
1 0 Main Components on one XenServer Host JSON/RPC ovsdb-server ovs-vswitchd Packet Classifier FlowTable FlowTable FlowTable User Kernel Netlink openvswitch_mod.ko Management Protocol (Unix Socket) Hash lookup Table Slides available under CC BY-SA 3.0
1 1 ovsdb-server & ovs-vswitchd ● ovsdb-server – Database that holds switch-level configuration – Custom database with properties of: ● Value contraints ● Weak references ● Garbage collection – Log-based (helpful from debugging) – Speaks Management protocol to ovs-vswitchd & Controller ● ovs-vswitchd – Core component in the system – Supports multiple independent datapaths (bridges) – Communicates ● With controller using OpenFlow ● With ovsdb-server using management protocol ● With kernel module using netlink ● Packet classifier supports flow lookup with wildcard rules Slides available under CC BY-SA 3.0
1 2 openvswitch_mod.ko ● Fast path ● Kernel module handles packet switching ● Exact-match cache of flows – Lookup & forwarding ● Designed to be fast and simple – Knows nothing of Openflow ● Implements Tunnel encapsulation/decapsulation Slides available under CC BY-SA 3.0
1 3 How the Controller fits with the other Components Controller ssl Off-box # ovs-vsctl … xenbr1 xenbr1 xenbr2 xenbr2 JSON/RPC # ovs-appctl ... # ovs-ofctl ... ovsdb-server ovs-vswitchd Packet Classifier FlowTable FlowTable User Kernel Netlink openvswitch_mod.ko Management Protocol (6632/TCP) Hash lookup OpenFlow Channel (6633/TCP) Table Command Line (ovs-vsctl, ovs-appctl, ..) Slides available under CC BY-SA 3.0
1 4 XenServer Packet Flow – Packet Miss DVS Controller Accessible via Browser OFPT_PACKET_IN DomU ssl Dom0 xenbr1 xenbr1 xenbr2 xenbr2 JSON/RPC XAPI ovsdb-server ovs-vswitchd MISS #2 Toolstack Packet Classifier FlowTable FlowTable User Kernel Incoming openvswitch_mod.ko Packet MISS #1 eth1 Hash lookup Table Slides available under CC BY-SA 3.0
XenServer Host VM- Domain2 Flow Table Entries 10.80.228.31 1 5 xenbr0 xenbr0 (Charlie) ● VM Charlie sends a ping to Bob. Port 1 Port 2 # ovs-dpctl show xenbr0 system@xapi0: PIF lookups: hit:103033 missed:77944 lost:0 eth0 vif2.0 flows: 30 port 0: xenbr0 (internal) port 1: eth0 port 2: vif2.0 ● Then dump flows: 10.80.2.144 (Bob) # ovs-dpctl dump-flows xenbr0 | grep "10.80.2.144" in_port(2),eth(src=72:41:36:a2:8c:d9,dst=00:21:1b:f3:63:45),eth_type(0x0800),i Flow 1 pv4(src=10.80.228.31,dst=10.80.2.144,proto=1,tos=0,ttl=64,frag=no),icmp(type=8 ,code=0), packets:5013, bytes:491274, used:0.760s, actions:1 in_port(1),eth(src=00:21:1b:f3:63:45,dst=72:41:36:a2:8c:d9),eth_type(0x0800),i Flow 2 pv4(src=10.80.2.144,dst=10.80.228.31,proto=1,tos=0,ttl=62,frag=no),icmp(type=0 ,code=0), packets:5013, bytes:491274, used:0.760s, actions:2 ● L2-L4 Exact Match ● Total Number of packet matches of this type ● Total Number of bytes for this flow match ● Time flow was last updated ● Actions. In this case switch packet to Port 2. Slides available under CC BY-SA 3.0
1 6 What about SYN attacks ? ● SYN attack form of Denial-of-Service attacks Client SYN Server Attacker SYN Server SYN-ACK Wait.. SYN-ACK Wait.. And wait... And wait... ACK OK Timeout! TCP – Three Way Handshake Legitimate Client SYN ● For Open vSwitch this is particular problem ! ?? – Each SYN is a new flow, thus a user-kernel interaction ● Recent Open vSwitch introduced a 'Flow Governor' – Detects large quantities of short-lived flows – Stops flow setup in kernel module, thus missing a user to kernel interaction Slides available under CC BY-SA 3.0
1 7 Open vSwitch Features ● Supports OpenFlow 1.0 ● Bonding ● 802.1Q VLAN ● Tunneling – Supports GRE mode ● Ingress policing ● NetFlow v5 ● Port mirroring (SPAN and RSPAN) ● ACLs (through OpenFlow) ● Bridge compatibility ● Documented in ovs-vswitchd.conf man page: – http://openvswitch.org/cgi-bin/ovsman.cgi?page=vswitchd%2Fovs-vswitchd.conf.5 Slides available under CC BY-SA 3.0
1 8 What is OpenFlow ? ● OpenFlow allows the path of network packets to be setup by software. ● It is the enabler of 'Software Defined Networking'. ● Standard way to control flow-tables in commercial switches and routers. ● Gives Controller high level access to the datapath routing decisions of a switch. ● Currently, support is limited to 1.0 plus a number of extensions ● Now managed by Open Networking Foundation (ONF) Slides available under CC BY-SA 3.0
1 9 How does the Protocol work ? ● It uses a binary protocol for faster processing ● Header: 8-bit 8-bit 16-bit 32-bit version Type Length Transaction id ● Simple protocol for running on embedded CPUs in hardware switches ● vSwitch connects over SSL to port 6633 on the Controller. Slides available under CC BY-SA 3.0
2 0 OpenFlow Initial Setup Protocol Message Types vSwitch Controller ● Controller-to-Switch OFPT_HELLO - Version ● Asynchronous OFPT_HELLO of vSwitch - Version of ● Symmetric Controller OFPT_ECHO_REQUES T EPLY OFPT_ECHO_R Connection Established S OFPT_FEATURE - Datapath id - Capabilities OFPT_FEATURES_RE PLY - Actions - Ports - Name - HW Address - Port number Slides available under CC BY-SA 3.0
2 1 OpenFlow Protocol vSwitch Controller OFPFC_ADD Change entry OFPFC_MODIFY in FlowTable E OFPFC_DELET Reason to send: OFPT_PACKET_IN - Packet miss - In Port OR - Reason - Explicit rule - Buffer id - Data EQUEST REPLY with: OFPT_STATS_R - Switch description OFPT_STATS_REPLY - Flow statistics - Table statistics - Queue statistics - Port statistics _REQUEST OFPT_BARRIER Synchronize OFPT_BARRIER_REP LY Slides available under CC BY-SA 3.0
2 2 What happens if Controller connections is lost ? vSwitch OFPT_ECHO_REQUES T Controller ? ECHO_REQUEST timeout ??? ● Immediately enter one of two modes: – Fail secure mode – Fail standalone mode Slides available under CC BY-SA 3.0
2 3 WireShark Plugin for OpenFlow Protocol ● http://www.openflow.org/wk/index.php/OpenFlow_Wireshark_Dissector ● Command Line Alternative: # ovs-ofctl snoop <bridge> Slides available under CC BY-SA 3.0
2 4 Questions ? ● My Email: dominic.curran@citrix.com This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

Recommandé

Open vSwitch Introduction
Open vSwitch IntroductionOpen vSwitch Introduction
Open vSwitch IntroductionHungWei Chiu
 
Kubernetes networking
Kubernetes networkingKubernetes networking
Kubernetes networkingSim Janghoon
 
[OpenStack Days Korea 2016] Track1 - 카카오는 오픈스택 기반으로 어떻게 5000VM을 운영하고 있을까?
[OpenStack Days Korea 2016] Track1 - 카카오는 오픈스택 기반으로 어떻게 5000VM을 운영하고 있을까?[OpenStack Days Korea 2016] Track1 - 카카오는 오픈스택 기반으로 어떻게 5000VM을 운영하고 있을까?
[OpenStack Days Korea 2016] Track1 - 카카오는 오픈스택 기반으로 어떻게 5000VM을 운영하고 있을까?OpenStack Korea Community
 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Diverajdeep
 
Virtualized network with openvswitch
Virtualized network with openvswitchVirtualized network with openvswitch
Virtualized network with openvswitchSim Janghoon
 
Openstack Trunk Port
Openstack Trunk PortOpenstack Trunk Port
Openstack Trunk Portbenceromsics
 
OpenStack Tutorial
OpenStack TutorialOpenStack Tutorial
OpenStack TutorialBret Piatt
 
LinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking WalkthroughLinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking WalkthroughThomas Graf
 

Recommandé

Open vSwitch Introduction
Open vSwitch IntroductionOpen vSwitch Introduction
Open vSwitch IntroductionHungWei Chiu
 
Kubernetes networking
Kubernetes networkingKubernetes networking
Kubernetes networkingSim Janghoon
 
[OpenStack Days Korea 2016] Track1 - 카카오는 오픈스택 기반으로 어떻게 5000VM을 운영하고 있을까?
[OpenStack Days Korea 2016] Track1 - 카카오는 오픈스택 기반으로 어떻게 5000VM을 운영하고 있을까?[OpenStack Days Korea 2016] Track1 - 카카오는 오픈스택 기반으로 어떻게 5000VM을 운영하고 있을까?
[OpenStack Days Korea 2016] Track1 - 카카오는 오픈스택 기반으로 어떻게 5000VM을 운영하고 있을까?OpenStack Korea Community
 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Diverajdeep
 
Virtualized network with openvswitch
Virtualized network with openvswitchVirtualized network with openvswitch
Virtualized network with openvswitchSim Janghoon
 
Openstack Trunk Port
Openstack Trunk PortOpenstack Trunk Port
Openstack Trunk Portbenceromsics
 
OpenStack Tutorial
OpenStack TutorialOpenStack Tutorial
OpenStack TutorialBret Piatt
 
LinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking WalkthroughLinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking WalkthroughThomas Graf
 
Meetup 23 - 02 - OVN - The future of networking in OpenStack
Meetup 23 - 02 - OVN - The future of networking in OpenStackMeetup 23 - 02 - OVN - The future of networking in OpenStack
Meetup 23 - 02 - OVN - The future of networking in OpenStackVietnam Open Infrastructure User Group
 
Getting Started Monitoring with Prometheus and Grafana
Getting Started Monitoring with Prometheus and GrafanaGetting Started Monitoring with Prometheus and Grafana
Getting Started Monitoring with Prometheus and GrafanaSyah Dwi Prihatmoko
 
Introduction to CloudStack: How to Deploy and Manage Infrastructure-as-a-Serv...
Introduction to CloudStack: How to Deploy and Manage Infrastructure-as-a-Serv...Introduction to CloudStack: How to Deploy and Manage Infrastructure-as-a-Serv...
Introduction to CloudStack: How to Deploy and Manage Infrastructure-as-a-Serv...CloudStack - Open Source Cloud Computing Project
 
Openv switchの使い方とか
Openv switchの使い方とかOpenv switchの使い方とか
Openv switchの使い方とかkotto_hihihi
 
OpenStackユーザ会資料 - Masakari
OpenStackユーザ会資料 - MasakariOpenStackユーザ会資料 - Masakari
OpenStackユーザ会資料 - Masakarimasahito12
 
10分でわかる Cilium と XDP / BPF
10分でわかる Cilium と XDP / BPF10分でわかる Cilium と XDP / BPF
10分でわかる Cilium と XDP / BPFShuji Yamada
 
OVN 設定サンプル | OVN config example 2015/12/27
OVN 設定サンプル | OVN config example 2015/12/27OVN 設定サンプル | OVN config example 2015/12/27
OVN 設定サンプル | OVN config example 2015/12/27Kentaro Ebisawa
 
OpenShift Container Platform 4.12 Release Notes
OpenShift Container Platform 4.12 Release NotesOpenShift Container Platform 4.12 Release Notes
OpenShift Container Platform 4.12 Release NotesGerryJamisola1
 
OpenStack Architecture
OpenStack ArchitectureOpenStack Architecture
OpenStack ArchitectureMirantis
 
Demystifying openvswitch
Demystifying openvswitchDemystifying openvswitch
Demystifying openvswitchPrasad Mukhedkar
 
OVN - Basics and deep dive
OVN - Basics and deep diveOVN - Basics and deep dive
OVN - Basics and deep diveTrinath Somanchi
 
知っているようで知らないNeutron -仮想ルータの冗長と分散- - OpenStack最新情報セミナー 2016年3月
知っているようで知らないNeutron -仮想ルータの冗長と分散- - OpenStack最新情報セミナー 2016年3月 知っているようで知らないNeutron -仮想ルータの冗長と分散- - OpenStack最新情報セミナー 2016年3月
知っているようで知らないNeutron -仮想ルータの冗長と分散- - OpenStack最新情報セミナー 2016年3月 VirtualTech Japan Inc.
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes IntroductionMartin Danielsson
 
[OpenStack] 공개 소프트웨어 오픈스택 입문 & 파헤치기
[OpenStack] 공개 소프트웨어 오픈스택 입문 & 파헤치기[OpenStack] 공개 소프트웨어 오픈스택 입문 & 파헤치기
[OpenStack] 공개 소프트웨어 오픈스택 입문 & 파헤치기Ian Choi
 
Keystone at openstack multi sites
Keystone at openstack multi sitesKeystone at openstack multi sites
Keystone at openstack multi sitesVietnam Open Infrastructure User Group
 
Monitoring MySQL with Prometheus, Grafana and Percona Dashboards
Monitoring MySQL with Prometheus, Grafana and Percona DashboardsMonitoring MySQL with Prometheus, Grafana and Percona Dashboards
Monitoring MySQL with Prometheus, Grafana and Percona DashboardsJulien Pivotto
 
MeetUp Monitoring with Prometheus and Grafana (September 2018)
MeetUp Monitoring with Prometheus and Grafana (September 2018)MeetUp Monitoring with Prometheus and Grafana (September 2018)
MeetUp Monitoring with Prometheus and Grafana (September 2018)Lucas Jellema
 
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/NeutronOverview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/Neutronvivekkonnect
 
Getting started with Octopus Deploy
Getting started with Octopus DeployGetting started with Octopus Deploy
Getting started with Octopus DeployKaroline Klever
 
The Basic Introduction of Open vSwitch
The Basic Introduction of Open vSwitchThe Basic Introduction of Open vSwitch
The Basic Introduction of Open vSwitchTe-Yen Liu
 
Understanding Open vSwitch
Understanding Open vSwitch Understanding Open vSwitch
Understanding Open vSwitch YongKi Kim
 
Oscon 2012 : From Datacenter to the Cloud - Featuring Xen and XCP
Oscon 2012 : From Datacenter to the Cloud - Featuring Xen and XCPOscon 2012 : From Datacenter to the Cloud - Featuring Xen and XCP
Oscon 2012 : From Datacenter to the Cloud - Featuring Xen and XCPThe Linux Foundation
 

Contenu connexe

Tendances

Getting Started Monitoring with Prometheus and Grafana
Getting Started Monitoring with Prometheus and GrafanaGetting Started Monitoring with Prometheus and Grafana
Getting Started Monitoring with Prometheus and GrafanaSyah Dwi Prihatmoko
 
Openv switchの使い方とか
Openv switchの使い方とかOpenv switchの使い方とか
Openv switchの使い方とかkotto_hihihi
 
OpenStackユーザ会資料 - Masakari
OpenStackユーザ会資料 - MasakariOpenStackユーザ会資料 - Masakari
OpenStackユーザ会資料 - Masakarimasahito12
 
10分でわかる Cilium と XDP / BPF
10分でわかる Cilium と XDP / BPF10分でわかる Cilium と XDP / BPF
10分でわかる Cilium と XDP / BPFShuji Yamada
 
OVN 設定サンプル | OVN config example 2015/12/27
OVN 設定サンプル | OVN config example 2015/12/27OVN 設定サンプル | OVN config example 2015/12/27
OVN 設定サンプル | OVN config example 2015/12/27Kentaro Ebisawa
 
OpenShift Container Platform 4.12 Release Notes
OpenShift Container Platform 4.12 Release NotesOpenShift Container Platform 4.12 Release Notes
OpenShift Container Platform 4.12 Release NotesGerryJamisola1
 
OpenStack Architecture
OpenStack ArchitectureOpenStack Architecture
OpenStack ArchitectureMirantis
 
OVN - Basics and deep dive
OVN - Basics and deep diveOVN - Basics and deep dive
OVN - Basics and deep diveTrinath Somanchi
 
知っているようで知らないNeutron -仮想ルータの冗長と分散- - OpenStack最新情報セミナー 2016年3月
知っているようで知らないNeutron -仮想ルータの冗長と分散- - OpenStack最新情報セミナー 2016年3月 知っているようで知らないNeutron -仮想ルータの冗長と分散- - OpenStack最新情報セミナー 2016年3月
知っているようで知らないNeutron -仮想ルータの冗長と分散- - OpenStack最新情報セミナー 2016年3月 VirtualTech Japan Inc.
 
[OpenStack] 공개 소프트웨어 오픈스택 입문 & 파헤치기
[OpenStack] 공개 소프트웨어 오픈스택 입문 & 파헤치기[OpenStack] 공개 소프트웨어 오픈스택 입문 & 파헤치기
[OpenStack] 공개 소프트웨어 오픈스택 입문 & 파헤치기Ian Choi
 
Monitoring MySQL with Prometheus, Grafana and Percona Dashboards
Monitoring MySQL with Prometheus, Grafana and Percona DashboardsMonitoring MySQL with Prometheus, Grafana and Percona Dashboards
Monitoring MySQL with Prometheus, Grafana and Percona DashboardsJulien Pivotto
 
MeetUp Monitoring with Prometheus and Grafana (September 2018)
MeetUp Monitoring with Prometheus and Grafana (September 2018)MeetUp Monitoring with Prometheus and Grafana (September 2018)
MeetUp Monitoring with Prometheus and Grafana (September 2018)Lucas Jellema
 
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/NeutronOverview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/Neutronvivekkonnect
 
Getting started with Octopus Deploy
Getting started with Octopus DeployGetting started with Octopus Deploy
Getting started with Octopus DeployKaroline Klever
 
The Basic Introduction of Open vSwitch
The Basic Introduction of Open vSwitchThe Basic Introduction of Open vSwitch
The Basic Introduction of Open vSwitchTe-Yen Liu
 

Tendances (20)

Meetup 23 - 02 - OVN - The future of networking in OpenStack
Meetup 23 - 02 - OVN - The future of networking in OpenStackMeetup 23 - 02 - OVN - The future of networking in OpenStack
Meetup 23 - 02 - OVN - The future of networking in OpenStack
 
Getting Started Monitoring with Prometheus and Grafana
Getting Started Monitoring with Prometheus and GrafanaGetting Started Monitoring with Prometheus and Grafana
Getting Started Monitoring with Prometheus and Grafana
 
Introduction to CloudStack: How to Deploy and Manage Infrastructure-as-a-Serv...
Introduction to CloudStack: How to Deploy and Manage Infrastructure-as-a-Serv...Introduction to CloudStack: How to Deploy and Manage Infrastructure-as-a-Serv...
Introduction to CloudStack: How to Deploy and Manage Infrastructure-as-a-Serv...
 
Openv switchの使い方とか
Openv switchの使い方とかOpenv switchの使い方とか
Openv switchの使い方とか
 
OpenStackユーザ会資料 - Masakari
OpenStackユーザ会資料 - MasakariOpenStackユーザ会資料 - Masakari
OpenStackユーザ会資料 - Masakari
 
10分でわかる Cilium と XDP / BPF
10分でわかる Cilium と XDP / BPF10分でわかる Cilium と XDP / BPF
10分でわかる Cilium と XDP / BPF
 
OVN 設定サンプル | OVN config example 2015/12/27
OVN 設定サンプル | OVN config example 2015/12/27OVN 設定サンプル | OVN config example 2015/12/27
OVN 設定サンプル | OVN config example 2015/12/27
 
OpenShift Container Platform 4.12 Release Notes
OpenShift Container Platform 4.12 Release NotesOpenShift Container Platform 4.12 Release Notes
OpenShift Container Platform 4.12 Release Notes
 
OpenStack Architecture
OpenStack ArchitectureOpenStack Architecture
OpenStack Architecture
 
Demystifying openvswitch
Demystifying openvswitchDemystifying openvswitch
Demystifying openvswitch
 
OVN - Basics and deep dive
OVN - Basics and deep diveOVN - Basics and deep dive
OVN - Basics and deep dive
 
知っているようで知らないNeutron -仮想ルータの冗長と分散- - OpenStack最新情報セミナー 2016年3月
知っているようで知らないNeutron -仮想ルータの冗長と分散- - OpenStack最新情報セミナー 2016年3月 知っているようで知らないNeutron -仮想ルータの冗長と分散- - OpenStack最新情報セミナー 2016年3月
知っているようで知らないNeutron -仮想ルータの冗長と分散- - OpenStack最新情報セミナー 2016年3月
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
 
[OpenStack] 공개 소프트웨어 오픈스택 입문 & 파헤치기
[OpenStack] 공개 소프트웨어 오픈스택 입문 & 파헤치기[OpenStack] 공개 소프트웨어 오픈스택 입문 & 파헤치기
[OpenStack] 공개 소프트웨어 오픈스택 입문 & 파헤치기
 
Keystone at openstack multi sites
Keystone at openstack multi sitesKeystone at openstack multi sites
Keystone at openstack multi sites
 
Monitoring MySQL with Prometheus, Grafana and Percona Dashboards
Monitoring MySQL with Prometheus, Grafana and Percona DashboardsMonitoring MySQL with Prometheus, Grafana and Percona Dashboards
Monitoring MySQL with Prometheus, Grafana and Percona Dashboards
 
MeetUp Monitoring with Prometheus and Grafana (September 2018)
MeetUp Monitoring with Prometheus and Grafana (September 2018)MeetUp Monitoring with Prometheus and Grafana (September 2018)
MeetUp Monitoring with Prometheus and Grafana (September 2018)
 
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/NeutronOverview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
 
Getting started with Octopus Deploy
Getting started with Octopus DeployGetting started with Octopus Deploy
Getting started with Octopus Deploy
 
The Basic Introduction of Open vSwitch
The Basic Introduction of Open vSwitchThe Basic Introduction of Open vSwitch
The Basic Introduction of Open vSwitch
 

En vedette

Understanding Open vSwitch
Understanding Open vSwitch Understanding Open vSwitch
Understanding Open vSwitch YongKi Kim
 
Oscon 2012 : From Datacenter to the Cloud - Featuring Xen and XCP
Oscon 2012 : From Datacenter to the Cloud - Featuring Xen and XCPOscon 2012 : From Datacenter to the Cloud - Featuring Xen and XCP
Oscon 2012 : From Datacenter to the Cloud - Featuring Xen and XCPThe Linux Foundation
 
Windsor: Domain 0 Disaggregation for XenServer and XCP
Windsor: Domain 0 Disaggregation for XenServer and XCP Windsor: Domain 0 Disaggregation for XenServer and XCP
Windsor: Domain 0 Disaggregation for XenServer and XCPThe Linux Foundation
 
Scale11x : Virtualization with Xen and XCP
Scale11x : Virtualization with Xen and XCP Scale11x : Virtualization with Xen and XCP
Scale11x : Virtualization with Xen and XCP The Linux Foundation
 
Open VSwitch .. Use it for your day to day needs
Open VSwitch .. Use it for your day to day needsOpen VSwitch .. Use it for your day to day needs
Open VSwitch .. Use it for your day to day needsrranjithrajaram
 
Mirage: extreme specialisation of virtual appliances
Mirage: extreme specialisation of virtual appliancesMirage: extreme specialisation of virtual appliances
Mirage: extreme specialisation of virtual appliancesThe Linux Foundation
 
Xen PV Performance Status and Optimization Opportunities
Xen PV Performance Status and Optimization OpportunitiesXen PV Performance Status and Optimization Opportunities
Xen PV Performance Status and Optimization OpportunitiesThe Linux Foundation
 
Tech Talk by Ben Pfaff: Open vSwitch - Part 2
Tech Talk by Ben Pfaff: Open vSwitch - Part 2Tech Talk by Ben Pfaff: Open vSwitch - Part 2
Tech Talk by Ben Pfaff: Open vSwitch - Part 2nvirters
 
Sdnds tw-meetup-2
Sdnds tw-meetup-2Sdnds tw-meetup-2
Sdnds tw-meetup-2Fei Ji Siao
 
Open vSwitch 패킷 처리 구조
Open vSwitch 패킷 처리 구조Open vSwitch 패킷 처리 구조
Open vSwitch 패킷 처리 구조Seung-Hoon Baek
 
LF Collaboration Summit: Xen Project 4 4 Features and Futures
LF Collaboration Summit: Xen Project 4 4 Features and FuturesLF Collaboration Summit: Xen Project 4 4 Features and Futures
LF Collaboration Summit: Xen Project 4 4 Features and FuturesThe Linux Foundation
 
Mysqlnd, an unknown powerful PHP extension
Mysqlnd, an unknown powerful PHP extensionMysqlnd, an unknown powerful PHP extension
Mysqlnd, an unknown powerful PHP extensionjulien pauli
 
Xenserver Networking
Xenserver NetworkingXenserver Networking
Xenserver NetworkingAsrar Kadri
 

En vedette (20)

Understanding Open vSwitch
Understanding Open vSwitch Understanding Open vSwitch
Understanding Open vSwitch
 
Oscon 2012 : From Datacenter to the Cloud - Featuring Xen and XCP
Oscon 2012 : From Datacenter to the Cloud - Featuring Xen and XCPOscon 2012 : From Datacenter to the Cloud - Featuring Xen and XCP
Oscon 2012 : From Datacenter to the Cloud - Featuring Xen and XCP
 
Windsor: Domain 0 Disaggregation for XenServer and XCP
Windsor: Domain 0 Disaggregation for XenServer and XCP Windsor: Domain 0 Disaggregation for XenServer and XCP
Windsor: Domain 0 Disaggregation for XenServer and XCP
 
Scale11x : Virtualization with Xen and XCP
Scale11x : Virtualization with Xen and XCP Scale11x : Virtualization with Xen and XCP
Scale11x : Virtualization with Xen and XCP
 
Open VSwitch .. Use it for your day to day needs
Open VSwitch .. Use it for your day to day needsOpen VSwitch .. Use it for your day to day needs
Open VSwitch .. Use it for your day to day needs
 
Xen @ Google, 2011
Xen @ Google, 2011Xen @ Google, 2011
Xen @ Google, 2011
 
Mirage: extreme specialisation of virtual appliances
Mirage: extreme specialisation of virtual appliancesMirage: extreme specialisation of virtual appliances
Mirage: extreme specialisation of virtual appliances
 
Xen PV Performance Status and Optimization Opportunities
Xen PV Performance Status and Optimization OpportunitiesXen PV Performance Status and Optimization Opportunities
Xen PV Performance Status and Optimization Opportunities
 
Openstack Xen and XCP
Openstack Xen and XCPOpenstack Xen and XCP
Openstack Xen and XCP
 
Art of Using Xen at Scale
Art of Using Xen at ScaleArt of Using Xen at Scale
Art of Using Xen at Scale
 
Tech Talk by Ben Pfaff: Open vSwitch - Part 2
Tech Talk by Ben Pfaff: Open vSwitch - Part 2Tech Talk by Ben Pfaff: Open vSwitch - Part 2
Tech Talk by Ben Pfaff: Open vSwitch - Part 2
 
Engaging the xen community
Engaging the xen communityEngaging the xen community
Engaging the xen community
 
Xen and Apache cloudstack
Xen and Apache cloudstack Xen and Apache cloudstack
Xen and Apache cloudstack
 
Sdnds tw-meetup-2
Sdnds tw-meetup-2Sdnds tw-meetup-2
Sdnds tw-meetup-2
 
Open vSwitch 패킷 처리 구조
Open vSwitch 패킷 처리 구조Open vSwitch 패킷 처리 구조
Open vSwitch 패킷 처리 구조
 
LF Collaboration Summit: Xen Project 4 4 Features and Futures
LF Collaboration Summit: Xen Project 4 4 Features and FuturesLF Collaboration Summit: Xen Project 4 4 Features and Futures
LF Collaboration Summit: Xen Project 4 4 Features and Futures
 
Performance Tuning Xen
Performance Tuning XenPerformance Tuning Xen
Performance Tuning Xen
 
Understanding DPDK
Understanding DPDKUnderstanding DPDK
Understanding DPDK
 
Mysqlnd, an unknown powerful PHP extension
Mysqlnd, an unknown powerful PHP extensionMysqlnd, an unknown powerful PHP extension
Mysqlnd, an unknown powerful PHP extension
 
Xenserver Networking
Xenserver NetworkingXenserver Networking
Xenserver Networking
 

Similaire à CloudStack Conference 2012: Open vSwitch & OpenFlow in XCP & XenServer

Kafka 10000 feet view
Kafka 10000 feet viewKafka 10000 feet view
Kafka 10000 feet viewyounessx01
 
Multisite OpenStack for NFV: Bridging the Gap
Multisite OpenStack for NFV: Bridging the GapMultisite OpenStack for NFV: Bridging the Gap
Multisite OpenStack for NFV: Bridging the GapDimitri Mazmanov
 
Open stack networking_101_update_2014
Open stack networking_101_update_2014Open stack networking_101_update_2014
Open stack networking_101_update_2014yfauser
 
Learn OpenStack from trystack.cn ——Folsom in practice
Learn OpenStack from trystack.cn ——Folsom in practiceLearn OpenStack from trystack.cn ——Folsom in practice
Learn OpenStack from trystack.cn ——Folsom in practiceOpenCity Community
 
neutron_icehouse_update
neutron_icehouse_updateneutron_icehouse_update
neutron_icehouse_updateAkihiro Motoki
 
SDN in Apache CloudStack (ApacheCon NA 2013)
SDN in Apache CloudStack (ApacheCon NA 2013)SDN in Apache CloudStack (ApacheCon NA 2013)
SDN in Apache CloudStack (ApacheCon NA 2013)Chiradeep Vittal
 
OpenSAF Symposium_Architecture_and_Roadmap_Update9.19.11
OpenSAF Symposium_Architecture_and_Roadmap_Update9.19.11OpenSAF Symposium_Architecture_and_Roadmap_Update9.19.11
OpenSAF Symposium_Architecture_and_Roadmap_Update9.19.11OpenSAF Foundation
 
netapp c-mode terms
netapp c-mode termsnetapp c-mode terms
netapp c-mode termsAshwin Pawar
 
Open v switch20150410b
Open v switch20150410bOpen v switch20150410b
Open v switch20150410bRichard Kuo
 
Subversion Overview
Subversion OverviewSubversion Overview
Subversion Overviewpolarion
 
Mpls conference 2016-data center virtualisation-11-march
Mpls conference 2016-data center virtualisation-11-marchMpls conference 2016-data center virtualisation-11-march
Mpls conference 2016-data center virtualisation-11-marchAricent
 
Linux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack NetworkingLinux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack Networkingyfauser
 
What Multisite Means for Identity Management
What Multisite Means for Identity ManagementWhat Multisite Means for Identity Management
What Multisite Means for Identity ManagementOPNFV
 
A multi-tenant architecture for Apache Axis2
A multi-tenant architecture for Apache Axis2A multi-tenant architecture for Apache Axis2
A multi-tenant architecture for Apache Axis2Afkham Azeez
 
Windows offloaded data_transfer_steve_olsson
Windows offloaded data_transfer_steve_olssonWindows offloaded data_transfer_steve_olsson
Windows offloaded data_transfer_steve_olssonscsibeast
 

Similaire à CloudStack Conference 2012: Open vSwitch & OpenFlow in XCP & XenServer (20)

Kafka 10000 feet view
Kafka 10000 feet viewKafka 10000 feet view
Kafka 10000 feet view
 
Multisite OpenStack for NFV: Bridging the Gap
Multisite OpenStack for NFV: Bridging the GapMultisite OpenStack for NFV: Bridging the Gap
Multisite OpenStack for NFV: Bridging the Gap
 
Open stack networking_101_update_2014
Open stack networking_101_update_2014Open stack networking_101_update_2014
Open stack networking_101_update_2014
 
Learn OpenStack from trystack.cn ——Folsom in practice
Learn OpenStack from trystack.cn ——Folsom in practiceLearn OpenStack from trystack.cn ——Folsom in practice
Learn OpenStack from trystack.cn ——Folsom in practice
 
CloudStack and SDN
CloudStack and SDNCloudStack and SDN
CloudStack and SDN
 
Deep Dive Into Quantum
Deep Dive Into QuantumDeep Dive Into Quantum
Deep Dive Into Quantum
 
neutron_icehouse_update
neutron_icehouse_updateneutron_icehouse_update
neutron_icehouse_update
 
SDN in Apache CloudStack (ApacheCon NA 2013)
SDN in Apache CloudStack (ApacheCon NA 2013)SDN in Apache CloudStack (ApacheCon NA 2013)
SDN in Apache CloudStack (ApacheCon NA 2013)
 
[OSS Upstream Training] 5 open stack liberty_recap
[OSS Upstream Training] 5 open stack liberty_recap[OSS Upstream Training] 5 open stack liberty_recap
[OSS Upstream Training] 5 open stack liberty_recap
 
open stackliberty_recap_by_VietOpenStack
open stackliberty_recap_by_VietOpenStackopen stackliberty_recap_by_VietOpenStack
open stackliberty_recap_by_VietOpenStack
 
OpenSAF Symposium_Architecture_and_Roadmap_Update9.19.11
OpenSAF Symposium_Architecture_and_Roadmap_Update9.19.11OpenSAF Symposium_Architecture_and_Roadmap_Update9.19.11
OpenSAF Symposium_Architecture_and_Roadmap_Update9.19.11
 
netapp c-mode terms
netapp c-mode termsnetapp c-mode terms
netapp c-mode terms
 
Open v switch20150410b
Open v switch20150410bOpen v switch20150410b
Open v switch20150410b
 
Subversion
SubversionSubversion
Subversion
 
Subversion Overview
Subversion OverviewSubversion Overview
Subversion Overview
 
Mpls conference 2016-data center virtualisation-11-march
Mpls conference 2016-data center virtualisation-11-marchMpls conference 2016-data center virtualisation-11-march
Mpls conference 2016-data center virtualisation-11-march
 
Linux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack NetworkingLinux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack Networking
 
What Multisite Means for Identity Management
What Multisite Means for Identity ManagementWhat Multisite Means for Identity Management
What Multisite Means for Identity Management
 
A multi-tenant architecture for Apache Axis2
A multi-tenant architecture for Apache Axis2A multi-tenant architecture for Apache Axis2
A multi-tenant architecture for Apache Axis2
 
Windows offloaded data_transfer_steve_olsson
Windows offloaded data_transfer_steve_olssonWindows offloaded data_transfer_steve_olsson
Windows offloaded data_transfer_steve_olsson
 

Plus de The Linux Foundation

ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleThe Linux Foundation
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...The Linux Foundation
 
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...The Linux Foundation
 
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...The Linux Foundation
 
XPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportThe Linux Foundation
 
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...The Linux Foundation
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxThe Linux Foundation
 
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...The Linux Foundation
 
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderXPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderThe Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...The Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...The Linux Foundation
 
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixXPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixThe Linux Foundation
 
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdXPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdThe Linux Foundation
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...The Linux Foundation
 
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DXPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DThe Linux Foundation
 
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsXPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsThe Linux Foundation
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...The Linux Foundation
 
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...The Linux Foundation
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...The Linux Foundation
 
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEXPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEThe Linux Foundation
 

Plus de The Linux Foundation (20)

ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made Simple
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
 
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
 
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
 
XPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather Report
 
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
 
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
 
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderXPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
 
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixXPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
 
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdXPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
 
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DXPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
 
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsXPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
 
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
 
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEXPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
 

CloudStack Conference 2012: Open vSwitch & OpenFlow in XCP & XenServer

  • 1. CloudStack Collaboration Conference 2012 Under the Hood: Open vSwitch & OpenFlow in XCP & XenServer Dominic Curran Citrix XenServer Software Engineer Nov 2012 Slides available under CC BY-SA 3.0
  • 2. 2 Contents ● Linux Bridge ● What does Open vSwitch Provide ? ● Open vSwitch Project ● How Open vSwitch works ● How Openflow works Slides available under CC BY-SA 3.0
  • 3. 3 What's wrong with Linux Bridge ? ● Linux Bridge: ● Open vSwitch: – Nothing ! – Full L2-L4 matching capability – L2 switch. Fast & reliable – Decision in userspace – Simple forwarding – ACLs, QoS & Bonding – Mobility of state Userspace Module Userspace Module VM VM VM VM Bridge Kernel Module Bridge Kernel Module OVS Kernel Module OVS Kernel Module VM VM VM VM packet packet Slides available under CC BY-SA 3.0
  • 4. 4 What does Open vSwitch Provide ? ● Provide greater visibility into the XenServer networking layer ● Provide distributed fine grained networking configuration and control policies ● Allows XenServer to be part of switching fabric ● Makes Network Admins happy. ● A Little History: – Research project from Standford University – Bay Area startup – Nicira – Partnered with Nicira 2009 Slides available under CC BY-SA 3.0
  • 5. 5 Open vSwitch Project ● http://openvswitch.org ● Developed under GPL & Apache 2 License ● Mailing Lists – Announcements: announce@openvswitch.org – User-level discussion: discuss@openvswitch.org – Dev (code review, etc): dev@openvswitch.org – Mail Archives available ● As of Linux 3.3 patches started to be accepted for Open vSwitch. Slides available under CC BY-SA 3.0
  • 6. master git clone git://openvswitch.org/openvswitch branch-1.8 branch-1.7 branch-1.6 branch-1.5 branch-1.4.3 XS 6.1 branch-1.4.2 LTS branch-1.4.1 Open vSwitch Git Tree Source repository: branch-1.4 branch-1.3 Slides available under CC BY-SA 3.0 branch-1.2 XS 6.0.2 branch-1.1 XS 6.0 LTS $ vlan-maint ● (Open vSwitch 1.0) 6
  • 7. 7 Open vSwitch OpenSource Contributors $ git log | grep Author | cut -d “:” -f 2 | sort | uniq -c | sort | -nr In no particular order: ● Redhat ● IBM ● NEC ● HP ● Nicira ● Fujitsu ● Google ● Broadcom ● Cisco ● Intel ● Citrix Slides available under CC BY-SA 3.0
  • 8. 8 Main Components ● Open vSwitch – Open source: www.openvswitch.org – Kernel mode module for packet switching (openvswitch_mod.ko) – User space daemon for rules evaluation (ovsdb-server & ovs-switchd) – Configured via OpenFlow protocol: www.openflow.org XenServer XenServer XenServer XenServer ● OpenFlow Controller Host Host Host vSwitch HostvSwitch vSwitch vSwitch – Open vSwitch has a number of nice standalone features – BUT remote management is probably its most powerful – Nearly every aspect can be controlled remotely OpenFlow OpenFlow – Typically a deployment uses a centralized Controller Controller Controller – DVSC (Distributed Virtual Switch Controller) ● One DVS Controller can manage multiple XenServer pools XenServer XenServer ● Can be hosted in the same pool as it is managing Host Host vSwitch ● Provides Flexible way to group hosts for network management vSwitch Slides available under CC BY-SA 3.0
  • 9. 9 Architecture of Open vSwitch ● Each host runs a vSwitch userspace daemon plus kernel module – ovs-vswitchd & ovsdb-server – Drop-in replacement for the Linux bridge based stack. – Daemon evaluates flow rules to determine destination of each frame. – Pushes rules down into the kernel as necessary. ● In isolation the vSwitch acts much as the Linux bridge does: – Layer-2 MAC learning on physical and virtual interfaces. – From the XenServers toolstack level there is very little observable difference. – Under the hood the management tools, configuration of the stack etc are very different. ● Optionally may connect to central Controller for distributed coordination and control Slides available under CC BY-SA 3.0
  • 10. 1 0 Main Components on one XenServer Host JSON/RPC ovsdb-server ovs-vswitchd Packet Classifier FlowTable FlowTable FlowTable User Kernel Netlink openvswitch_mod.ko Management Protocol (Unix Socket) Hash lookup Table Slides available under CC BY-SA 3.0
  • 11. 1 1 ovsdb-server & ovs-vswitchd ● ovsdb-server – Database that holds switch-level configuration – Custom database with properties of: ● Value contraints ● Weak references ● Garbage collection – Log-based (helpful from debugging) – Speaks Management protocol to ovs-vswitchd & Controller ● ovs-vswitchd – Core component in the system – Supports multiple independent datapaths (bridges) – Communicates ● With controller using OpenFlow ● With ovsdb-server using management protocol ● With kernel module using netlink ● Packet classifier supports flow lookup with wildcard rules Slides available under CC BY-SA 3.0
  • 12. 1 2 openvswitch_mod.ko ● Fast path ● Kernel module handles packet switching ● Exact-match cache of flows – Lookup & forwarding ● Designed to be fast and simple – Knows nothing of Openflow ● Implements Tunnel encapsulation/decapsulation Slides available under CC BY-SA 3.0
  • 13. 1 3 How the Controller fits with the other Components Controller ssl Off-box # ovs-vsctl … xenbr1 xenbr1 xenbr2 xenbr2 JSON/RPC # ovs-appctl ... # ovs-ofctl ... ovsdb-server ovs-vswitchd Packet Classifier FlowTable FlowTable User Kernel Netlink openvswitch_mod.ko Management Protocol (6632/TCP) Hash lookup OpenFlow Channel (6633/TCP) Table Command Line (ovs-vsctl, ovs-appctl, ..) Slides available under CC BY-SA 3.0
  • 14. 1 4 XenServer Packet Flow – Packet Miss DVS Controller Accessible via Browser OFPT_PACKET_IN DomU ssl Dom0 xenbr1 xenbr1 xenbr2 xenbr2 JSON/RPC XAPI ovsdb-server ovs-vswitchd MISS #2 Toolstack Packet Classifier FlowTable FlowTable User Kernel Incoming openvswitch_mod.ko Packet MISS #1 eth1 Hash lookup Table Slides available under CC BY-SA 3.0
  • 15. XenServer Host VM- Domain2 Flow Table Entries 10.80.228.31 1 5 xenbr0 xenbr0 (Charlie) ● VM Charlie sends a ping to Bob. Port 1 Port 2 # ovs-dpctl show xenbr0 system@xapi0: PIF lookups: hit:103033 missed:77944 lost:0 eth0 vif2.0 flows: 30 port 0: xenbr0 (internal) port 1: eth0 port 2: vif2.0 ● Then dump flows: 10.80.2.144 (Bob) # ovs-dpctl dump-flows xenbr0 | grep "10.80.2.144" in_port(2),eth(src=72:41:36:a2:8c:d9,dst=00:21:1b:f3:63:45),eth_type(0x0800),i Flow 1 pv4(src=10.80.228.31,dst=10.80.2.144,proto=1,tos=0,ttl=64,frag=no),icmp(type=8 ,code=0), packets:5013, bytes:491274, used:0.760s, actions:1 in_port(1),eth(src=00:21:1b:f3:63:45,dst=72:41:36:a2:8c:d9),eth_type(0x0800),i Flow 2 pv4(src=10.80.2.144,dst=10.80.228.31,proto=1,tos=0,ttl=62,frag=no),icmp(type=0 ,code=0), packets:5013, bytes:491274, used:0.760s, actions:2 ● L2-L4 Exact Match ● Total Number of packet matches of this type ● Total Number of bytes for this flow match ● Time flow was last updated ● Actions. In this case switch packet to Port 2. Slides available under CC BY-SA 3.0
  • 16. 1 6 What about SYN attacks ? ● SYN attack form of Denial-of-Service attacks Client SYN Server Attacker SYN Server SYN-ACK Wait.. SYN-ACK Wait.. And wait... And wait... ACK OK Timeout! TCP – Three Way Handshake Legitimate Client SYN ● For Open vSwitch this is particular problem ! ?? – Each SYN is a new flow, thus a user-kernel interaction ● Recent Open vSwitch introduced a 'Flow Governor' – Detects large quantities of short-lived flows – Stops flow setup in kernel module, thus missing a user to kernel interaction Slides available under CC BY-SA 3.0
  • 17. 1 7 Open vSwitch Features ● Supports OpenFlow 1.0 ● Bonding ● 802.1Q VLAN ● Tunneling – Supports GRE mode ● Ingress policing ● NetFlow v5 ● Port mirroring (SPAN and RSPAN) ● ACLs (through OpenFlow) ● Bridge compatibility ● Documented in ovs-vswitchd.conf man page: – http://openvswitch.org/cgi-bin/ovsman.cgi?page=vswitchd%2Fovs-vswitchd.conf.5 Slides available under CC BY-SA 3.0
  • 18. 1 8 What is OpenFlow ? ● OpenFlow allows the path of network packets to be setup by software. ● It is the enabler of 'Software Defined Networking'. ● Standard way to control flow-tables in commercial switches and routers. ● Gives Controller high level access to the datapath routing decisions of a switch. ● Currently, support is limited to 1.0 plus a number of extensions ● Now managed by Open Networking Foundation (ONF) Slides available under CC BY-SA 3.0
  • 19. 1 9 How does the Protocol work ? ● It uses a binary protocol for faster processing ● Header: 8-bit 8-bit 16-bit 32-bit version Type Length Transaction id ● Simple protocol for running on embedded CPUs in hardware switches ● vSwitch connects over SSL to port 6633 on the Controller. Slides available under CC BY-SA 3.0
  • 20. 2 0 OpenFlow Initial Setup Protocol Message Types vSwitch Controller ● Controller-to-Switch OFPT_HELLO - Version ● Asynchronous OFPT_HELLO of vSwitch - Version of ● Symmetric Controller OFPT_ECHO_REQUES T EPLY OFPT_ECHO_R Connection Established S OFPT_FEATURE - Datapath id - Capabilities OFPT_FEATURES_RE PLY - Actions - Ports - Name - HW Address - Port number Slides available under CC BY-SA 3.0
  • 21. 2 1 OpenFlow Protocol vSwitch Controller OFPFC_ADD Change entry OFPFC_MODIFY in FlowTable E OFPFC_DELET Reason to send: OFPT_PACKET_IN - Packet miss - In Port OR - Reason - Explicit rule - Buffer id - Data EQUEST REPLY with: OFPT_STATS_R - Switch description OFPT_STATS_REPLY - Flow statistics - Table statistics - Queue statistics - Port statistics _REQUEST OFPT_BARRIER Synchronize OFPT_BARRIER_REP LY Slides available under CC BY-SA 3.0
  • 22. 2 2 What happens if Controller connections is lost ? vSwitch OFPT_ECHO_REQUES T Controller ? ECHO_REQUEST timeout ??? ● Immediately enter one of two modes: – Fail secure mode – Fail standalone mode Slides available under CC BY-SA 3.0
  • 23. 2 3 WireShark Plugin for OpenFlow Protocol ● http://www.openflow.org/wk/index.php/OpenFlow_Wireshark_Dissector ● Command Line Alternative: # ovs-ofctl snoop <bridge> Slides available under CC BY-SA 3.0
  • 24. 2 4 Questions ? ● My Email: dominic.curran@citrix.com This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.