SlideShare une entreprise Scribd logo

Xen*, SDN, and Apache CloudStack

The Linux Foundation
The Linux Foundation

Apache CloudStack has already proven its abilities to scale to tens of thousands of physical XenServer nodes, but a number of traditional networking schemes don't work. VLANs max out at 4096, Layer3 isolation (aka Security Groups) helps scale to a degree, but you lose a lot of flexibility in the process. XCP and XS6.0 have the ability to make use of openvswitch to build software defined networks for increasing flexible networks with little or none of the legacy restrictions.

Technologie
1  sur  36
Télécharger pour lire hors ligne
Xen*, SDN and Apache Cloudstack Sebastien Goasguen, Apache CloudStack Citrix EMEA August 28th 2012 Xen Summit
Outline • A bit about CloudStack • A bit about SDN • A bit about OpenVswitch • Some bits about “SDN” in CloudStack • Slides are on slideshare for download: http://www.slideshare.net/sebastiengoasguen/c loudstack-and-sdn
Apache CloudStack • IaaS solution to build a • Java application private/public cloud • Ant build but moving to • Hypervisor agnostic: maven (via new – Xen, XS, XCP contributor) – KVM – VMware • Object store support • First Apache release 4.0 – Swift coming Sept 26th – Upcoming support from Caringo • EC2/S3 compatibility
Participating in CloudStack • Apache incubator project • http://www.cloudstack.org • #cloudstack on irc.freenode.net • @CloudStack on Twitter • http://cloudstack.org/discuss/mailing-lists.html Welcoming contributions and feedback, Join the fun !
A Very Flexible IaaS Platform Compute Hypervisor XenServer VMware Oracle VM KVM Bare metal Storage Block & Object Fiber Local Disk iSCSI NFS Swift Channel Primary Storage Secondary Storage Network Network & Network Services Network Load Isolation Firewall VPN Type balancer http://www.slideshare.net/cloudstack/cloudstack-architecture
NaaS ? • “Cloud Servers” – On-demand, Elastic, Measured server provisioning • Cloud Storage – Scalable/fault tolerant storage with object stores • Cloud Networks – How to do on-demand, elastic, measured networking provisioning ? – How to program the network ?
A very extensive API • CloudStack orchestrates your network: – Provisioning – Configuration – Updates • For multi-tenants isolation • Using hardware and software devices • At scale: O(10^4) Hyp, O(10^5) VMs…
Software Defined Networking • Enable innovation, experimentation, optimization and customization of networks • Move control of the network to software. i.e Programmable network • Virtualize the network • Vendor-agnostic, standard protocol for control: OpenFlow
OpenFlow • Leading SDN protocol • Decouples control and data plane by giving a controller the ability to install flow rules on switches. • Hardware or software • Google achieved 95% switches can use utilization of WAN OpenFlow backbone by using SDN • Spec driven by ONF
OpenFlow • OpenFlow rules can drop, rewrite, forward packets Rule Action Stats Packet + byte counters 1. Forward packet to port(s) 2. Encapsulate and forward to controller 3. Drop packet 4. Send to normal processing pipeline Switch MAC MAC Eth VLAN IP IP IP TCP TCP Port src dst type ID Src Dst Prot sport dport Diagram Src: http://www.openflow.org/wp/documents/ 10 September 2012 10
OF Controllers • Several controllers out there (NOX, POX,Trema…) • Floodlight from Big Switch. Apache license
OpenVSwitch • “Open vSwitch is a production quality, multilayer virtual switch licensed under the open source Apache 2.0 license. It is designed to enable the massive network automation through programmatic extension…”
OpenVSwitch • Default bridge in XenServer and XCP • Supported in Xen but not integrated in toolstack • Enables: – VLAN tagging – Rate limiting – GRE tunnels – OpenFlow controller – … • High Performance ( http://networkheresy.com/category/o pen-vswitch )
e.g OVS rate limiting • Can enforce QoS with rate limiting controls • ovs-vsctl set Interface tap0 ingress_policing_rate=1000 • ovs-vsctl set Interface tap0 ingress_policing_burst=100
e.g OVS VLAN tagging • ovs-vsctl add-br br0 • ovs-vsctl add-port br0 eth0 • ovs-vsctl add-port br0 tap0 tag=1 • ovs-vsctl add-port br0 tap1 tag=2 • Complement on host2…
e.g OVS and GRE tunnels • No Cookbook on OVS page • ovs-vsctl add-port br1 gre1 -- set interface gre1 type=gre options:remote_ip=192.168.1.152
OVS and Openflow • Point OVS switches to an OF controller: $ovs_vsctl set-controller br0 tcp 192.168.1.33:6633 • Install rules on switch – Proactively (before any packet flows) – Reactively (unknown packets forwarded to controller, who pushes flow mod on switch, then operates at line rate) • Can do SDN with OpenFLOW but also with straight up OVS and managing mappings/rules in CloudStack db.
OpenNebula • Supports VLAN tagging and rate limiting through “hooks” that call ovs_vsctl • Scripts executed on an hypervisor before a VM is launched • Potentially also executed after VM shutdown for cleanup • Also supports OpenFlow
CloudStack Nicira Support • https://cwiki.apache.or g/confluence/display/CL OUDSTACK/Feature+Nic ira+NVP+integration • By Hugo Trippaers, Schuberg Philis
API key to customization of the network • You dream it, CloudStack orchestrates it 
Terminology Zone: Availability zone, aka Regions. Could be worldwide. Different data centers Pods: Racks or aisles in a data center Clusters: Group of machines with a common type of Hypervisor Host: A Single server Primary Storage: Shared storage across a cluster Secondary Storage: Shared storage in a single Zone
Physical Network Operations Users Admin and Cloud API CloudStack Mgmt Server Cluster Router MySQL Load Balancer Availability Zone L3 Core Switch Access Layer Switches Secondary Servers … … … … … Storage Pod 1 Pod 2 Pod 3 Pod N Slide from Chiradeep Vittal, http://www.slideshare.net/cloudstack/cloudstack-networking
Layer-2 Guest Virtual Network 1 VLAN per guest network CS Virtual Router provides Network Services External Devices provide Network Services Network Hardware exposing API can be controlled Guest Virtual Network 10.1.1.1/8 Guest Virtual Network 10.1.1.1/8 VLAN 100 VLAN 100 Public Public Network/Intern Network/Intern et Guest et Guest Public IP Private IP 10.1.1.1 10.1.1.1 VM 1 10.1.1.111 VM 1 Gateway 65.37.141.11 Juniper Public IP 1 SRX address 65.37.141.11 CS Firewall 10.1.1.1 Guest Guest Virtual 10.1.1.3 VM 2 10.1.1.3 VM 2 Router Public IP Private IP DHCP, DNS 65.37.141. NetScaler 10.1.1.112 NAT Guest 112 Load Guest Load Balancing 10.1.1.4 VM 3 Blancer VM 3 10.1.1.4 VPN Guest Guest 10.1.1.5 VM 4 10.1.1.5 VM 4 CS DHCP, Virtual Router DNS Slide from Chiradeep Vittal, http://www.slideshare.net/cloudstack/cloudstack-networking
Opportunity for Xen • Opportunity to create highly specialized networking services appliances using – OpenMirage VMs – HalVM • See talks in Monday’s session
Networking challenges in a private Cloud • Multi-tenants on hypervisors => isolation between guest networks • VLANs in the datacenter is hard and limit at 4096 VLANs. • Hardware switches may not do it very well or have a lower limit
Networking trend • Move to software switches • Move to L3 isolation • Use tunnels between OVS (GRE tech preview) • Program the network through API • Encapsulation virtualizes the network, between overlays on overlays on overlays.. • L3 on L2 on GRE on L3 on L2… • Then you bring the WAN and you have: • L3 on L2 on GRE on L3 on L2 on GRE on L3 on L2 ….Euhhhh !!!
Back of the enveloppe • ~10,000 hypervisors in your data center • ~100,000 VMs – x10 or x100 if you use HalVM or Openmirage.org  • (10,000*9,999)/2 tunnels for a full mesh – 50x10^6 tunnels to keep track of ?
Slide from Chiradeep Vittal Layer 3 cloud networking Web DB Web VM VM VM Web DB Security Security Group Group Web Web DB VM VM VM … … … Web Web VM VM Ingress Rule: Allow VMs in Web Security Group access to VMs in DB Security Group on Port 3306
L3 isolation with distributed firewalls Tenant 10.1.0.2 Public Public IP address 1 VM 1 Internet 65.37.141.11 65.37.141.24 65.37.141.36 10.1.0.1 Pod 1 L2 Tenant 10.1.0.3 65.37.141.80 Switch 2 VM 1 Tenant 10.1.0.4 1 VM 2 L3 Core Pod 2 L2 Switch 10.1.8.1 … 10.1.16.1 Load Pod 3 L2 Balancer Switch … Slide from Chiradeep Vittal
L3 isolation with distributed firewalls Tenant 10.1.0.2 Public Public IP address 1 VM 1 Internet 65.37.141.11 65.37.141.24 65.37.141.36 10.1.0.1 Pod 1 L2 Tenant 10.1.0.3 65.37.141.80 Switch 2 VM 1 Tenant 10.1.0.4 1 VM 2 L3 Core Pod 2 L2 Switch 10.1.8.1 … 10.1.16.1 Load Pod 3 L2 Balancer Switch … Tenant 1 VM 3 10.1.16.47 Tenant 10.1.16.85 1 VM 4 Slide from Chiradeep Vittal
L3 isolation with distributed firewalls Tenant 10.1.0.2 Public Public IP address 1 VM 1 Internet 65.37.141.11 65.37.141.24 65.37.141.36 10.1.0.1 Pod 1 L2 Tenant 10.1.0.3 65.37.141.80 Switch 2 VM 1 Tenant 10.1.0.4 1 VM 2 L3 Core Pod 2 L2 Switch 10.1.8.1 … Tenant 10.1.16.12 10.1.16.1 2 VM 2 Load Pod 3 L2 Balancer Switch Tenant 2 VM 3 10.1.16.21 … Tenant 1 VM 3 10.1.16.47 Tenant 10.1.16.85 1 VM 4 Slide from Chiradeep Vittal
A Million Firewalls? VM VM VM … … VM VM … … VM VM … VM VM VM VM VM VM VM VM VM VM VM … … VM VM … … VM VM … VM VM VM VM VM VM VM VM VM VM VM … … VM VM … … VM VM … VM VM VM VM VM VM VM VM VM VM VM … … VM VM … … VM VM … VM VM VM VM VM VM VM VM VM VM VM … … VM VM … … VM VM … VM VM VM VM VM VM VM VM VM … VM VM … VM VM … VM VM … … VM … VM VM VM VM VM VM VM VM VM VM … … VM VM … … VM VM … VM VM VM VM VM VM VM VM VM VM VM … … VM VM … … VM VM … VM VM VM VM VM VM VM VM Slide from Chiradeep Vittal
Problem: Manage the state of 100s of thousands of firewalls Solution: Well-known software scaling techniques • Message queues • Consistency tradeoffs • Idempotent configuration & retries CloudStack uses • special purpose queues • optimized for large security groups • eventual consistency for rule updates Slide from Chiradeep Vittal
Problem: Firewall (iptables) rules explosion on the host firewall Solution: Use ipsets: ipset –N web_sg iptreemap ipset –A web_sg 10.1.16.31 ipset –A web_sg 10.1.16.112 ipset –A web_sg 10.1.189.5 … ipset –A web_sg 10.21.9.77 -A FORWARD –p tcp –m tcp –dport 3060 –m set –match-set web_sg src -j ACCEPT Slide from Chiradeep Vittal
Conclusions • Programmable networking is here • Software switches are key enabler to network virtualization • Opens the door for scalable, on-demand, ephemeral networks • OVS is the default switch in Xen, and supported in XenServer and XenCP. • CloudStack implements highly scalable network structures and leverages OVS capabilities
Participating in CloudStack • Apache incubator project • http://www.cloudstack.org • #cloudstack on irc.freenode.net • @CloudStack on Twitter • http://cloudstack.org/discuss/mailing-lists.html Welcoming contributions and feedback, Join the fun !

Recommandé

CloudStack Networking
CloudStack NetworkingCloudStack Networking
CloudStack NetworkingCloudStack - Open Source Cloud Computing Project
 
ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleThe Linux Foundation
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...The Linux Foundation
 
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...The Linux Foundation
 
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...The Linux Foundation
 
XPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportThe Linux Foundation
 
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...The Linux Foundation
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxThe Linux Foundation
 

Recommandé

CloudStack Networking
CloudStack NetworkingCloudStack Networking
CloudStack NetworkingCloudStack - Open Source Cloud Computing Project
 
ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleThe Linux Foundation
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...The Linux Foundation
 
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...The Linux Foundation
 
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...The Linux Foundation
 
XPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportThe Linux Foundation
 
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...The Linux Foundation
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxThe Linux Foundation
 
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...The Linux Foundation
 
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderXPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderThe Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...The Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...The Linux Foundation
 
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixXPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixThe Linux Foundation
 
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdXPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdThe Linux Foundation
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...The Linux Foundation
 
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DXPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DThe Linux Foundation
 
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsXPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsThe Linux Foundation
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...The Linux Foundation
 
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...The Linux Foundation
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...The Linux Foundation
 
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEXPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEThe Linux Foundation
 
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityXPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityThe Linux Foundation
 
XPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSE
XPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSEXPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSE
XPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSEThe Linux Foundation
 
XPDDS19: Application Agnostic High Availability Solution On Hypervisor Level ...
XPDDS19: Application Agnostic High Availability Solution On Hypervisor Level ...XPDDS19: Application Agnostic High Availability Solution On Hypervisor Level ...
XPDDS19: Application Agnostic High Availability Solution On Hypervisor Level ...The Linux Foundation
 
XPDSS19: Live-Updating Xen - Amit Shah & David Woodhouse, Amazon
XPDSS19: Live-Updating Xen - Amit Shah & David Woodhouse, AmazonXPDSS19: Live-Updating Xen - Amit Shah & David Woodhouse, Amazon
XPDSS19: Live-Updating Xen - Amit Shah & David Woodhouse, AmazonThe Linux Foundation
 
XPDDS19: Xen API Archaeology: Creating a Full-Featured VMI Debugger for the...
XPDDS19: Xen API Archaeology: Creating a Full-Featured VMI Debugger for the...XPDDS19: Xen API Archaeology: Creating a Full-Featured VMI Debugger for the...
XPDDS19: Xen API Archaeology: Creating a Full-Featured VMI Debugger for the...The Linux Foundation
 
XPDDS19: Secure Unikraft Applications with Solo5 - Haibo Xu, ARM
XPDDS19: Secure Unikraft Applications with Solo5 - Haibo Xu, ARMXPDDS19: Secure Unikraft Applications with Solo5 - Haibo Xu, ARM
XPDDS19: Secure Unikraft Applications with Solo5 - Haibo Xu, ARMThe Linux Foundation
 
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...The Linux Foundation
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 

Contenu connexe

Plus de The Linux Foundation

XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...The Linux Foundation
 
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderXPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderThe Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...The Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...The Linux Foundation
 
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixXPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixThe Linux Foundation
 
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdXPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdThe Linux Foundation
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...The Linux Foundation
 
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DXPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DThe Linux Foundation
 
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsXPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsThe Linux Foundation
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...The Linux Foundation
 
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...The Linux Foundation
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...The Linux Foundation
 
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEXPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEThe Linux Foundation
 
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityXPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityThe Linux Foundation
 
XPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSE
XPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSEXPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSE
XPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSEThe Linux Foundation
 
XPDDS19: Application Agnostic High Availability Solution On Hypervisor Level ...
XPDDS19: Application Agnostic High Availability Solution On Hypervisor Level ...XPDDS19: Application Agnostic High Availability Solution On Hypervisor Level ...
XPDDS19: Application Agnostic High Availability Solution On Hypervisor Level ...The Linux Foundation
 
XPDSS19: Live-Updating Xen - Amit Shah & David Woodhouse, Amazon
XPDSS19: Live-Updating Xen - Amit Shah & David Woodhouse, AmazonXPDSS19: Live-Updating Xen - Amit Shah & David Woodhouse, Amazon
XPDSS19: Live-Updating Xen - Amit Shah & David Woodhouse, AmazonThe Linux Foundation
 
XPDDS19: Xen API Archaeology: Creating a Full-Featured VMI Debugger for the...
XPDDS19: Xen API Archaeology: Creating a Full-Featured VMI Debugger for the...XPDDS19: Xen API Archaeology: Creating a Full-Featured VMI Debugger for the...
XPDDS19: Xen API Archaeology: Creating a Full-Featured VMI Debugger for the...The Linux Foundation
 
XPDDS19: Secure Unikraft Applications with Solo5 - Haibo Xu, ARM
XPDDS19: Secure Unikraft Applications with Solo5 - Haibo Xu, ARMXPDDS19: Secure Unikraft Applications with Solo5 - Haibo Xu, ARM
XPDDS19: Secure Unikraft Applications with Solo5 - Haibo Xu, ARMThe Linux Foundation
 
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...The Linux Foundation
 

Plus de The Linux Foundation (20)

XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
 
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderXPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
 
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixXPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
 
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdXPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
 
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DXPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
 
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsXPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
 
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
 
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEXPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
 
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityXPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
 
XPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSE
XPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSEXPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSE
XPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSE
 
XPDDS19: Application Agnostic High Availability Solution On Hypervisor Level ...
XPDDS19: Application Agnostic High Availability Solution On Hypervisor Level ...XPDDS19: Application Agnostic High Availability Solution On Hypervisor Level ...
XPDDS19: Application Agnostic High Availability Solution On Hypervisor Level ...
 
XPDSS19: Live-Updating Xen - Amit Shah & David Woodhouse, Amazon
XPDSS19: Live-Updating Xen - Amit Shah & David Woodhouse, AmazonXPDSS19: Live-Updating Xen - Amit Shah & David Woodhouse, Amazon
XPDSS19: Live-Updating Xen - Amit Shah & David Woodhouse, Amazon
 
XPDDS19: Xen API Archaeology: Creating a Full-Featured VMI Debugger for the...
XPDDS19: Xen API Archaeology: Creating a Full-Featured VMI Debugger for the...XPDDS19: Xen API Archaeology: Creating a Full-Featured VMI Debugger for the...
XPDDS19: Xen API Archaeology: Creating a Full-Featured VMI Debugger for the...
 
XPDDS19: Secure Unikraft Applications with Solo5 - Haibo Xu, ARM
XPDDS19: Secure Unikraft Applications with Solo5 - Haibo Xu, ARMXPDDS19: Secure Unikraft Applications with Solo5 - Haibo Xu, ARM
XPDDS19: Secure Unikraft Applications with Solo5 - Haibo Xu, ARM
 
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...
 

Dernier

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 

Dernier (20)

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 

Xen*, SDN, and Apache CloudStack

  • 1. Xen*, SDN and Apache Cloudstack Sebastien Goasguen, Apache CloudStack Citrix EMEA August 28th 2012 Xen Summit
  • 2. Outline • A bit about CloudStack • A bit about SDN • A bit about OpenVswitch • Some bits about “SDN” in CloudStack • Slides are on slideshare for download: http://www.slideshare.net/sebastiengoasguen/c loudstack-and-sdn
  • 3. Apache CloudStack • IaaS solution to build a • Java application private/public cloud • Ant build but moving to • Hypervisor agnostic: maven (via new – Xen, XS, XCP contributor) – KVM – VMware • Object store support • First Apache release 4.0 – Swift coming Sept 26th – Upcoming support from Caringo • EC2/S3 compatibility
  • 4. Participating in CloudStack • Apache incubator project • http://www.cloudstack.org • #cloudstack on irc.freenode.net • @CloudStack on Twitter • http://cloudstack.org/discuss/mailing-lists.html Welcoming contributions and feedback, Join the fun !
  • 5. A Very Flexible IaaS Platform Compute Hypervisor XenServer VMware Oracle VM KVM Bare metal Storage Block & Object Fiber Local Disk iSCSI NFS Swift Channel Primary Storage Secondary Storage Network Network & Network Services Network Load Isolation Firewall VPN Type balancer http://www.slideshare.net/cloudstack/cloudstack-architecture
  • 6. NaaS ? • “Cloud Servers” – On-demand, Elastic, Measured server provisioning • Cloud Storage – Scalable/fault tolerant storage with object stores • Cloud Networks – How to do on-demand, elastic, measured networking provisioning ? – How to program the network ?
  • 7. A very extensive API • CloudStack orchestrates your network: – Provisioning – Configuration – Updates • For multi-tenants isolation • Using hardware and software devices • At scale: O(10^4) Hyp, O(10^5) VMs…
  • 8. Software Defined Networking • Enable innovation, experimentation, optimization and customization of networks • Move control of the network to software. i.e Programmable network • Virtualize the network • Vendor-agnostic, standard protocol for control: OpenFlow
  • 9. OpenFlow • Leading SDN protocol • Decouples control and data plane by giving a controller the ability to install flow rules on switches. • Hardware or software • Google achieved 95% switches can use utilization of WAN OpenFlow backbone by using SDN • Spec driven by ONF
  • 10. OpenFlow • OpenFlow rules can drop, rewrite, forward packets Rule Action Stats Packet + byte counters 1. Forward packet to port(s) 2. Encapsulate and forward to controller 3. Drop packet 4. Send to normal processing pipeline Switch MAC MAC Eth VLAN IP IP IP TCP TCP Port src dst type ID Src Dst Prot sport dport Diagram Src: http://www.openflow.org/wp/documents/ 10 September 2012 10
  • 11. OF Controllers • Several controllers out there (NOX, POX,Trema…) • Floodlight from Big Switch. Apache license
  • 12. OpenVSwitch • “Open vSwitch is a production quality, multilayer virtual switch licensed under the open source Apache 2.0 license. It is designed to enable the massive network automation through programmatic extension…”
  • 13. OpenVSwitch • Default bridge in XenServer and XCP • Supported in Xen but not integrated in toolstack • Enables: – VLAN tagging – Rate limiting – GRE tunnels – OpenFlow controller – … • High Performance ( http://networkheresy.com/category/o pen-vswitch )
  • 14. e.g OVS rate limiting • Can enforce QoS with rate limiting controls • ovs-vsctl set Interface tap0 ingress_policing_rate=1000 • ovs-vsctl set Interface tap0 ingress_policing_burst=100
  • 15. e.g OVS VLAN tagging • ovs-vsctl add-br br0 • ovs-vsctl add-port br0 eth0 • ovs-vsctl add-port br0 tap0 tag=1 • ovs-vsctl add-port br0 tap1 tag=2 • Complement on host2…
  • 16. e.g OVS and GRE tunnels • No Cookbook on OVS page • ovs-vsctl add-port br1 gre1 -- set interface gre1 type=gre options:remote_ip=192.168.1.152
  • 17. OVS and Openflow • Point OVS switches to an OF controller: $ovs_vsctl set-controller br0 tcp 192.168.1.33:6633 • Install rules on switch – Proactively (before any packet flows) – Reactively (unknown packets forwarded to controller, who pushes flow mod on switch, then operates at line rate) • Can do SDN with OpenFLOW but also with straight up OVS and managing mappings/rules in CloudStack db.
  • 18. OpenNebula • Supports VLAN tagging and rate limiting through “hooks” that call ovs_vsctl • Scripts executed on an hypervisor before a VM is launched • Potentially also executed after VM shutdown for cleanup • Also supports OpenFlow
  • 19. CloudStack Nicira Support • https://cwiki.apache.or g/confluence/display/CL OUDSTACK/Feature+Nic ira+NVP+integration • By Hugo Trippaers, Schuberg Philis
  • 20. API key to customization of the network • You dream it, CloudStack orchestrates it 
  • 21. Terminology Zone: Availability zone, aka Regions. Could be worldwide. Different data centers Pods: Racks or aisles in a data center Clusters: Group of machines with a common type of Hypervisor Host: A Single server Primary Storage: Shared storage across a cluster Secondary Storage: Shared storage in a single Zone
  • 22. Physical Network Operations Users Admin and Cloud API CloudStack Mgmt Server Cluster Router MySQL Load Balancer Availability Zone L3 Core Switch Access Layer Switches Secondary Servers … … … … … Storage Pod 1 Pod 2 Pod 3 Pod N Slide from Chiradeep Vittal, http://www.slideshare.net/cloudstack/cloudstack-networking
  • 23. Layer-2 Guest Virtual Network 1 VLAN per guest network CS Virtual Router provides Network Services External Devices provide Network Services Network Hardware exposing API can be controlled Guest Virtual Network 10.1.1.1/8 Guest Virtual Network 10.1.1.1/8 VLAN 100 VLAN 100 Public Public Network/Intern Network/Intern et Guest et Guest Public IP Private IP 10.1.1.1 10.1.1.1 VM 1 10.1.1.111 VM 1 Gateway 65.37.141.11 Juniper Public IP 1 SRX address 65.37.141.11 CS Firewall 10.1.1.1 Guest Guest Virtual 10.1.1.3 VM 2 10.1.1.3 VM 2 Router Public IP Private IP DHCP, DNS 65.37.141. NetScaler 10.1.1.112 NAT Guest 112 Load Guest Load Balancing 10.1.1.4 VM 3 Blancer VM 3 10.1.1.4 VPN Guest Guest 10.1.1.5 VM 4 10.1.1.5 VM 4 CS DHCP, Virtual Router DNS Slide from Chiradeep Vittal, http://www.slideshare.net/cloudstack/cloudstack-networking
  • 24. Opportunity for Xen • Opportunity to create highly specialized networking services appliances using – OpenMirage VMs – HalVM • See talks in Monday’s session
  • 25. Networking challenges in a private Cloud • Multi-tenants on hypervisors => isolation between guest networks • VLANs in the datacenter is hard and limit at 4096 VLANs. • Hardware switches may not do it very well or have a lower limit
  • 26. Networking trend • Move to software switches • Move to L3 isolation • Use tunnels between OVS (GRE tech preview) • Program the network through API • Encapsulation virtualizes the network, between overlays on overlays on overlays.. • L3 on L2 on GRE on L3 on L2… • Then you bring the WAN and you have: • L3 on L2 on GRE on L3 on L2 on GRE on L3 on L2 ….Euhhhh !!!
  • 27. Back of the enveloppe • ~10,000 hypervisors in your data center • ~100,000 VMs – x10 or x100 if you use HalVM or Openmirage.org  • (10,000*9,999)/2 tunnels for a full mesh – 50x10^6 tunnels to keep track of ?
  • 28. Slide from Chiradeep Vittal Layer 3 cloud networking Web DB Web VM VM VM Web DB Security Security Group Group Web Web DB VM VM VM … … … Web Web VM VM Ingress Rule: Allow VMs in Web Security Group access to VMs in DB Security Group on Port 3306
  • 29. L3 isolation with distributed firewalls Tenant 10.1.0.2 Public Public IP address 1 VM 1 Internet 65.37.141.11 65.37.141.24 65.37.141.36 10.1.0.1 Pod 1 L2 Tenant 10.1.0.3 65.37.141.80 Switch 2 VM 1 Tenant 10.1.0.4 1 VM 2 L3 Core Pod 2 L2 Switch 10.1.8.1 … 10.1.16.1 Load Pod 3 L2 Balancer Switch … Slide from Chiradeep Vittal
  • 30. L3 isolation with distributed firewalls Tenant 10.1.0.2 Public Public IP address 1 VM 1 Internet 65.37.141.11 65.37.141.24 65.37.141.36 10.1.0.1 Pod 1 L2 Tenant 10.1.0.3 65.37.141.80 Switch 2 VM 1 Tenant 10.1.0.4 1 VM 2 L3 Core Pod 2 L2 Switch 10.1.8.1 … 10.1.16.1 Load Pod 3 L2 Balancer Switch … Tenant 1 VM 3 10.1.16.47 Tenant 10.1.16.85 1 VM 4 Slide from Chiradeep Vittal
  • 31. L3 isolation with distributed firewalls Tenant 10.1.0.2 Public Public IP address 1 VM 1 Internet 65.37.141.11 65.37.141.24 65.37.141.36 10.1.0.1 Pod 1 L2 Tenant 10.1.0.3 65.37.141.80 Switch 2 VM 1 Tenant 10.1.0.4 1 VM 2 L3 Core Pod 2 L2 Switch 10.1.8.1 … Tenant 10.1.16.12 10.1.16.1 2 VM 2 Load Pod 3 L2 Balancer Switch Tenant 2 VM 3 10.1.16.21 … Tenant 1 VM 3 10.1.16.47 Tenant 10.1.16.85 1 VM 4 Slide from Chiradeep Vittal
  • 32. A Million Firewalls? VM VM VM … … VM VM … … VM VM … VM VM VM VM VM VM VM VM VM VM VM … … VM VM … … VM VM … VM VM VM VM VM VM VM VM VM VM VM … … VM VM … … VM VM … VM VM VM VM VM VM VM VM VM VM VM … … VM VM … … VM VM … VM VM VM VM VM VM VM VM VM VM VM … … VM VM … … VM VM … VM VM VM VM VM VM VM VM VM … VM VM … VM VM … VM VM … … VM … VM VM VM VM VM VM VM VM VM VM … … VM VM … … VM VM … VM VM VM VM VM VM VM VM VM VM VM … … VM VM … … VM VM … VM VM VM VM VM VM VM VM Slide from Chiradeep Vittal
  • 33. Problem: Manage the state of 100s of thousands of firewalls Solution: Well-known software scaling techniques • Message queues • Consistency tradeoffs • Idempotent configuration & retries CloudStack uses • special purpose queues • optimized for large security groups • eventual consistency for rule updates Slide from Chiradeep Vittal
  • 34. Problem: Firewall (iptables) rules explosion on the host firewall Solution: Use ipsets: ipset –N web_sg iptreemap ipset –A web_sg 10.1.16.31 ipset –A web_sg 10.1.16.112 ipset –A web_sg 10.1.189.5 … ipset –A web_sg 10.21.9.77 -A FORWARD –p tcp –m tcp –dport 3060 –m set –match-set web_sg src -j ACCEPT Slide from Chiradeep Vittal
  • 35. Conclusions • Programmable networking is here • Software switches are key enabler to network virtualization • Opens the door for scalable, on-demand, ephemeral networks • OVS is the default switch in Xen, and supported in XenServer and XenCP. • CloudStack implements highly scalable network structures and leverages OVS capabilities
  • 36. Participating in CloudStack • Apache incubator project • http://www.cloudstack.org • #cloudstack on irc.freenode.net • @CloudStack on Twitter • http://cloudstack.org/discuss/mailing-lists.html Welcoming contributions and feedback, Join the fun !