版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领
文档简介
SoftwareDefinedNetworkinginApacheCloudStackChiradeepVittalCloudStackCommitter@chiradeepAgendaIntroductiontoCloudStackandIAASWhatisSDNWhySDNandIAAS?CloudStack’sNetworkModelExtensibleNetworkinginCloudStackSDNintegrationsinCloudStackCloudStack’snativeSDNapproachFutureHistoryIncubatingintheApacheSoftwareFoundationsinceApril2012OpenSourcesinceMay2010Inproductionsince2009Tonsofdeployments,includinglarge-scalecommercialonesApacheCloudStackBuildyourcloudthewaytheworld’smostsuccessfulcloudsarebuiltHowdidAmazonbuilditscloud?CommodityServersCommodityStorageNetworkingOpenSourceXenHypervisorAmazonOrchestrationSoftwareAWSAPI(EC2,S3,…)AmazoneCommercePlatformHowcanYOUbuildacloud?ServersStorageNetworkingOpenSourceXenHypervisorAmazonOrchestrationSoftwareAWSAPI(EC2,S3,…)AmazoneCommercePlatformHypervisor(Xen/KVM/VMW/)CloudStackOrchestrationSoftwareOptionalPortalCloudStackorAWSAPISDNDefinitionSeparationofControlPlanefromthehardwareperformingtheforwardingfunctionControlplaneislogicallycentralizedSDNAdvantagesCentralizedcontrolmakesiteasiertoconfigure,troubleshootandmaintainEliminates‘box’modeofconfigurationEnablescontrolatahighlevelRelatedtoSDNAPIlayeroveracollectionof‘boxes’APIlayercommunicateswithboxesusingbox-levelAPIs/ssh/telnetOpenFlowStandardprotocolforthecentralizedcontrolplanetotalktotheforwardingelements.Tunnels/overlaysSDNisvaluableforvirtualtopologiesInitialtargetofSDNimplementationCentralizedcontrolplaneMySQL/NoSQLControllerClusterAPIBoxesOpenflow/ssh/netconf/otherDefiningCloudComputing(IAAS)AgilityRe-provisioncomplexinfrastructuretopologiesinminutes,notdaysAPIAutomatecomplexinfrastructuretasksVirtualizationEnablesworkloadmobilityandloadsharingMulti-tenancyShareresourcesandcostsDefiningCloudComputing(IAAS)ScalabilityAbilitytoconsumeresourceslimitedbybudget,notbyinfrastructureElasticityScaleupanddownondemandReduceneedtoengineerforpeakloadSelf-serviceNoITassistanceCloudNetworkingRequirementsAgileComplexnetworkingtopologiescreatedbynon-networkengineersAPILanguagetotalkwiththenetworkinfrastructurelayer(notCLI)VirtualizationHypervisor-levelswitchesworktogetherwithphysicalinfrastructureCloudNetworkingRequirementsScalabilityUsuallymeansL3inthephysicalinfrastructureElasticityReleaseresourceswhennotinuseIntroducenewresourcesondemandSelf-serviceNovicesdeploying,maintaining,troubleshootingvirtualnetworksIAAS+SDN–madeforeachotherSDNenablesagilityAPItocontrollerenableseasychangestonetworksSDNworkswithvirtualization/vSwitchesTypicalofmostSDNcontrollersSDNcontrollersaredesignedforlargescaleSDNenablesvirtualnetworkingTheillusionofisolatednetworksontopofsharedphysicalinfrastructureSDNissuesDiscoveryofvirtualaddress->physicaladdressmappingVxLAN=multicastGRE=programmedbycontrolplaneL3isolation=nomapping,nodiscoverySDNissuesStatemaintenanceLargenumberofendpoints+flowsHigharrivalrateofnewflowsNeedsfastandscalablestorageandprocessingDifferentiatorbetweenvendorsSDNissuesL4-L7ServiceinsertionandorchestrationHowdoendpointsgetservicessuchasFirewallLoadbalancersIDS/IPSServicelevelsandperformanceServiceChainingNetworkVirtualizationinIAASTenant1VM1Tenant1VM2Tenant1VM3Tenant1VM4Tenant1VirtualNetwork10.1.1.0/24Gatewayaddress10.1.1.110.1.1.210.1.1.310.1.1.410.1.1.5InternetNetworkVirtualizationinIAASTenant1VM1Tenant1VM2Tenant1VM3Tenant1VM4PublicNetworkTenant1VirtualNetwork10.1.1.0/24Gatewayaddress10.1.1.1NATDHCP
FWPublicIPaddress65.37.141.1165.37.141.3610.1.1.210.1.1.310.1.1.410.1.1.5Tenant1EdgeServicesAppliance(s)InternetNetworkVirtualizationinIAASTenant1VM1Tenant1VM2Tenant1VM3Tenant1VM4PublicNetworkTenant1VirtualNetwork10.1.1.0/24Gatewayaddress10.1.1.1NATDHCP
FWPublicIPaddress65.37.141.1165.37.141.3610.1.1.210.1.1.310.1.1.410.1.1.5Tenant1EdgeServicesAppliance(s)InternetTenant1EdgeServicesAppliance(s)LoadBalancingVPNNetworkVirtualizationinIAASInternetTenant1VM1Tenant1VM2Tenant1VM3Tenant1VM4PublicNetworkTenant1VirtualNetwork10.1.1.0/24Gatewayaddress10.1.1.1NATDHCP
FWPublicIPaddress65.37.141.1165.37.141.3610.1.1.210.1.1.310.1.1.410.1.1.5Tenant1EdgeServicesAppliance(s)Tenant2VM2Tenant2VM3Tenant2VM1Tenant2VirtualNetwork10.1.1.0/24Gatewayaddress10.1.1.1VPNNATDHCP10.1.1.210.1.1.310.1.1.4Tenant2EdgeServicesAppliancePublicIPaddress65.37.141.2465.37.141.80Tenant1EdgeServicesAppliance(s)LoadBalancingTenant1VM1Tenant1VM2Tenant1VM3Tenant1VM4PublicNetworkTenant1VirtualNetwork10.1.1.0/24Gatewayaddress10.1.1.1NATDHCP
FWPublicIPaddress65.37.141.1165.37.141.3610.1.1.210.1.1.310.1.1.410.1.1.5Tenant1EdgeServicesAppliance(s)Tenant2VM2Tenant2VM3Tenant2VM1Tenant2VirtualNetwork10.1.1.0/24Gatewayaddress10.1.1.1VPNNATDHCP10.1.1.210.1.1.310.1.1.4Tenant2EdgeServicesAppliancePublicIPaddress65.37.141.2465.37.141.80Tenant1EdgeServicesAppliance(s)LoadBalancingCloudStackNetworkModelMapvirtualnetworkstophysicalinfrastructureDefineandprovisionnetworkservicesinvirtualnetworksManageelasticityandscaleofnetworkservicesCloudStackNetworkModel:
NetworkServicesNetworkServicesL2connectivityIPAMDNSRoutingACLFirewallNATVPNLBIDSIPSCloudStackNetworkModel:
NetworkServicesNetworkServicesL2connectivityIPAMDNSRoutingACLFirewallNATVPNLBIDSIPSServiceProvidersVirtualappliancesHardwarefirewallsLBappliancesSDNcontrollersIDS/IPSappliancesVRFHypervisorCloudStackNetworkModel:
NetworkServicesNetworkServicesL2connectivityIPAMDNSRoutingACLFirewallNATVPNLBIDSIPSNetworkIsolationNoisolationVLANisolationOverlaysL3isolationServiceProvidersVirtualappliancesHardwarefirewallsLBappliancesSDNcontrollersIDS/IPSappliancesVRFHypervisorServiceCatalogCloudusersarenotexposedtothenatureoftheserviceproviderCloudoperatordesignsaservicecatalogandoffersthemtoendusers.Gold={LB+FW,usingvirtualappliances}Platinum={LB+FW+VPN,usinghardwareappliances}Silver={FWusingvirtualappliances,10Mbps}ServiceCatalogexamples10.1.1.0/24VLAN10010.1.1.1DHCP,DNSNATLoadBalancingVPN10.1.1.2VM110.1.1.3VM210.1.1.4VM310.1.1.5VM4CSVirtualRouterL2networkwithsoftwareappliances65.37.141.11165.37.141.11210.1.1.0/24VLAN100DHCP,DNSCSVirtualRouter10.1.1.11265.37.141.11210.1.1.2VM110.1.1.3VM210.1.1.4VM310.1.1.5VM4NetscalerLoadBalancer10.1.1.165.37.141.111JuniperSRXFirewallL2networkwithhardwareappliancesNAT,VPNUpgradeMulti-tiervirtualnetworkingVirtualappliance/HardwareDevicesCustomerPremisesIPSecorSSLsite-to-siteVPNInternetNetworkServicesIPAMDNSLB[intra]S-2-SVPNStaticRoutesACLsNAT,PFFW[ingress&egress]Loadbalancer(virtualorHW)MPLSVLANWebVM1WebVM2WebVM3WebVM4Websubnet10.1.1.0/24VLAN101Appsubnet10.1.2.0/24AppVM1AppVM2VLAN353DBSubnet10.1.3.0/24DBVM1VLAN2724OrchestrationOrchestration
describestheautomatedarrangement,coordination,andmanagementofcomplexcomputersystems,middlewareandservicesWikipediaCloudStackArchitectureOrchestrationCorePluginFrameworkHypervisorPluginsHypervisorPluginsNetworkPluginsNetworkPluginsAllocatorPluginsAllocatorPluginsStoragePluginsCloudStackArchitectureOrchestrationCorePluginFrameworkHypervisorPluginsHypervisorPluginsNetworkPluginsNetworkPluginsAllocatorPluginsAllocatorPluginsXenServerVMWareKVMOracleVMRandomUser-concentratedIntelTXTAffinityNiciraNetscalerBrocadeMidoNetCloudStackOrchestrationOrchestrationCorePluginFrameworkHypervisorPluginsHypervisorPluginsNetworkPluginsNetworkPluginsAllocatorPluginsStoragePluginsAPIAPIAPIStorageResourcePhysicalResourcesStorageResourceNetworkResourceNetworkResourceHypervisorResourceHypervisorResourceAllocatorPluginsAllocatorPlugins123456789OrchestrationstepscanbeexecutedinparallelorinsequenceCloudStackandSDNOrchestrationcorePluginFrameworkHypervisorPluginsHypervisorPluginsNetworkPluginsNetworkPluginsAllocatorPluginsStoragePluginsAPIAPIAPIStorageResourcePhysicalResourcesStorageResourceNetworkResourceSDNcontrollerHypervisorResourceHypervisorResourceAllocatorPluginsAllocatorPlugins123456789NetworkpluginisthegluethatunderstandstheSDNcontroller’sAPICloudStackSDNIntegrationNiciraNVPL2(STT)isolationin4.0SourceNAT/LogicalRouterin4.2BigSwitchVLANisolationin4.1VNSin4.2MidokuraL2-L4networkvirtualizationComingin4.2CloudStackNativeTechpreview(since4.0)RequiresXenServerOrchestrationcorePluginFrameworkHypervisorPluginsHypervisorPluginsNetworkPluginsNetworkPluginsAllocatorPluginsStoragePluginsAPIAPIAPIStorageResourceStorageResourceNetworkResourceSDNcontrollerHypervisorResourceHypervisorResourceAllocatorPluginsAllocatorPluginsVM1VM3VRHost1Host3Host4VM2Host2Start3VMsAllocatehypervisorsVMOrchestra
温馨提示
- 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
- 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
- 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
- 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
- 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
- 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
- 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
最新文档
- 二零二五年度商铺租赁合同终止及市场租金指数挂钩协议
- 2025年度股东股份协议书:智慧城市建设项目股权分配及合作协议
- 自建房安全质量监督承包协议书(2025年度)
- 农村自建房建筑工程保险合同(2025年度)
- 二零二五年度教育机构学费返利合同
- 二零二五年度高端基金份额代持保密协议书
- 2025年度砖厂安全生产承包管理合同
- 二零二五年度汽修厂汽车维修技师职业健康检查合同
- 2025年度烟草店店铺转让与独家销售区域授权合同
- 2025年度水平定向钻施工与施工期环境保护合同
- 考察领导谈话怎么评价领导【六篇】
- 无侧限抗压强度试验记录
- 钳形电流表使用PPT
- 建筑工程分部分项工程划分表(新版)
- 福建省危险化学品企业安全标准化(三级)考核评分标准指导意见(试行)
- 上海市长宁区2022年高考英语一模试卷(含答案)
- 城镇详细设计控制性详细规划
- 智能垃圾桶系统的设计论文
- 质量管理体系过程识别矩阵图及与条款对照表
- 北碚区幼儿园
- 2021年度锚索张拉机具及锚杆拉力计技术规格书
评论
0/150
提交评论