版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领
文档简介
SoftwareDefinedNetworkinginApacheCloudStackChiradeepVittalCloudStackCommitter@chiradeepAgendaIntroductiontoCloudStackandIAASWhatisSDNWhySDNandIAAS?CloudStack’sNetworkModelExtensibleNetworkinginCloudStackSDNintegrationsinCloudStackCloudStack’snativeSDNapproachFutureHistoryIncubatingintheApacheSoftwareFoundationsinceApril2012OpenSourcesinceMay2010Inproductionsince2009Tonsofdeployments,includinglarge-scalecommercialonesApacheCloudStackBuildyourcloudthewaytheworld’smostsuccessfulcloudsarebuiltHowdidAmazonbuilditscloud?CommodityServersCommodityStorageNetworkingOpenSourceXenHypervisorAmazonOrchestrationSoftwareAWSAPI(EC2,S3,…)AmazoneCommercePlatformHowcanYOUbuildacloud?ServersStorageNetworkingOpenSourceXenHypervisorAmazonOrchestrationSoftwareAWSAPI(EC2,S3,…)AmazoneCommercePlatformHypervisor(Xen/KVM/VMW/)CloudStackOrchestrationSoftwareOptionalPortalCloudStackorAWSAPISDNDefinitionSeparationofControlPlanefromthehardwareperformingtheforwardingfunctionControlplaneislogicallycentralizedSDNAdvantagesCentralizedcontrolmakesiteasiertoconfigure,troubleshootandmaintainEliminates‘box’modeofconfigurationEnablescontrolatahighlevelRelatedtoSDNAPIlayeroveracollectionof‘boxes’APIlayercommunicateswithboxesusingbox-levelAPIs/ssh/telnetOpenFlowStandardprotocolforthecentralizedcontrolplanetotalktotheforwardingelements.Tunnels/overlaysSDNisvaluableforvirtualtopologiesInitialtargetofSDNimplementationCentralizedcontrolplaneMySQL/NoSQLControllerClusterAPIBoxesOpenflow/ssh/netconf/otherDefiningCloudComputing(IAAS)AgilityRe-provisioncomplexinfrastructuretopologiesinminutes,notdaysAPIAutomatecomplexinfrastructuretasksVirtualizationEnablesworkloadmobilityandloadsharingMulti-tenancyShareresourcesandcostsDefiningCloudComputing(IAAS)ScalabilityAbilitytoconsumeresourceslimitedbybudget,notbyinfrastructureElasticityScaleupanddownondemandReduceneedtoengineerforpeakloadSelf-serviceNoITassistanceCloudNetworkingRequirementsAgileComplexnetworkingtopologiescreatedbynon-networkengineersAPILanguagetotalkwiththenetworkinfrastructurelayer(notCLI)VirtualizationHypervisor-levelswitchesworktogetherwithphysicalinfrastructureCloudNetworkingRequirementsScalabilityUsuallymeansL3inthephysicalinfrastructureElasticityReleaseresourceswhennotinuseIntroducenewresourcesondemandSelf-serviceNovicesdeploying,maintaining,troubleshootingvirtualnetworksIAAS+SDN–madeforeachotherSDNenablesagilityAPItocontrollerenableseasychangestonetworksSDNworkswithvirtualization/vSwitchesTypicalofmostSDNcontrollersSDNcontrollersaredesignedforlargescaleSDNenablesvirtualnetworkingTheillusionofisolatednetworksontopofsharedphysicalinfrastructureSDNissuesDiscoveryofvirtualaddress->physicaladdressmappingVxLAN=multicastGRE=programmedbycontrolplaneL3isolation=nomapping,nodiscoverySDNissuesStatemaintenanceLargenumberofendpoints+flowsHigharrivalrateofnewflowsNeedsfastandscalablestorageandprocessingDifferentiatorbetweenvendorsSDNissuesL4-L7ServiceinsertionandorchestrationHowdoendpointsgetservicessuchasFirewallLoadbalancersIDS/IPSServicelevelsandperformanceServiceChainingNetworkVirtualizationinIAASTenant1VM1Tenant1VM2Tenant1VM3Tenant1VM4Tenant1VirtualNetwork10.1.1.0/24Gatewayaddress10.1.1.110.1.1.210.1.1.310.1.1.410.1.1.5InternetNetworkVirtualizationinIAASTenant1VM1Tenant1VM2Tenant1VM3Tenant1VM4PublicNetworkTenant1VirtualNetwork10.1.1.0/24Gatewayaddress10.1.1.1NATDHCP
FWPublicIPaddress65.37.141.1165.37.141.3610.1.1.210.1.1.310.1.1.410.1.1.5Tenant1EdgeServicesAppliance(s)InternetNetworkVirtualizationinIAASTenant1VM1Tenant1VM2Tenant1VM3Tenant1VM4PublicNetworkTenant1VirtualNetwork10.1.1.0/24Gatewayaddress10.1.1.1NATDHCP
FWPublicIPaddress65.37.141.1165.37.141.3610.1.1.210.1.1.310.1.1.410.1.1.5Tenant1EdgeServicesAppliance(s)InternetTenant1EdgeServicesAppliance(s)LoadBalancingVPNNetworkVirtualizationinIAASInternetTenant1VM1Tenant1VM2Tenant1VM3Tenant1VM4PublicNetworkTenant1VirtualNetwork10.1.1.0/24Gatewayaddress10.1.1.1NATDHCP
FWPublicIPaddress65.37.141.1165.37.141.3610.1.1.210.1.1.310.1.1.410.1.1.5Tenant1EdgeServicesAppliance(s)Tenant2VM2Tenant2VM3Tenant2VM1Tenant2VirtualNetwork10.1.1.0/24Gatewayaddress10.1.1.1VPNNATDHCP10.1.1.210.1.1.310.1.1.4Tenant2EdgeServicesAppliancePublicIPaddress65.37.141.2465.37.141.80Tenant1EdgeServicesAppliance(s)LoadBalancingTenant1VM1Tenant1VM2Tenant1VM3Tenant1VM4PublicNetworkTenant1VirtualNetwork10.1.1.0/24Gatewayaddress10.1.1.1NATDHCP
FWPublicIPaddress65.37.141.1165.37.141.3610.1.1.210.1.1.310.1.1.410.1.1.5Tenant1EdgeServicesAppliance(s)Tenant2VM2Tenant2VM3Tenant2VM1Tenant2VirtualNetwork10.1.1.0/24Gatewayaddress10.1.1.1VPNNATDHCP10.1.1.210.1.1.310.1.1.4Tenant2EdgeServicesAppliancePublicIPaddress65.37.141.2465.37.141.80Tenant1EdgeServicesAppliance(s)LoadBalancingCloudStackNetworkModelMapvirtualnetworkstophysicalinfrastructureDefineandprovisionnetworkservicesinvirtualnetworksManageelasticityandscaleofnetworkservicesCloudStackNetworkModel:
NetworkServicesNetworkServicesL2connectivityIPAMDNSRoutingACLFirewallNATVPNLBIDSIPSCloudStackNetworkModel:
NetworkServicesNetworkServicesL2connectivityIPAMDNSRoutingACLFirewallNATVPNLBIDSIPSServiceProvidersVirtualappliancesHardwarefirewallsLBappliancesSDNcontrollersIDS/IPSappliancesVRFHypervisorCloudStackNetworkModel:
NetworkServicesNetworkServicesL2connectivityIPAMDNSRoutingACLFirewallNATVPNLBIDSIPSNetworkIsolationNoisolationVLANisolationOverlaysL3isolationServiceProvidersVirtualappliancesHardwarefirewallsLBappliancesSDNcontrollersIDS/IPSappliancesVRFHypervisorServiceCatalogCloudusersarenotexposedtothenatureoftheserviceproviderCloudoperatordesignsaservicecatalogandoffersthemtoendusers.Gold={LB+FW,usingvirtualappliances}Platinum={LB+FW+VPN,usinghardwareappliances}Silver={FWusingvirtualappliances,10Mbps}ServiceCatalogexamples10.1.1.0/24VLAN10010.1.1.1DHCP,DNSNATLoadBalancingVPN10.1.1.2VM110.1.1.3VM210.1.1.4VM310.1.1.5VM4CSVirtualRouterL2networkwithsoftwareappliances65.37.141.11165.37.141.11210.1.1.0/24VLAN100DHCP,DNSCSVirtualRouter10.1.1.11265.37.141.11210.1.1.2VM110.1.1.3VM210.1.1.4VM310.1.1.5VM4NetscalerLoadBalancer10.1.1.165.37.141.111JuniperSRXFirewallL2networkwithhardwareappliancesNAT,VPNUpgradeMulti-tiervirtualnetworkingVirtualappliance/HardwareDevicesCustomerPremisesIPSecorSSLsite-to-siteVPNInternetNetworkServicesIPAMDNSLB[intra]S-2-SVPNStaticRoutesACLsNAT,PFFW[ingress&egress]Loadbalancer(virtualorHW)MPLSVLANWebVM1WebVM2WebVM3WebVM4Websubnet10.1.1.0/24VLAN101Appsubnet10.1.2.0/24AppVM1AppVM2VLAN353DBSubnet10.1.3.0/24DBVM1VLAN2724OrchestrationOrchestration
describestheautomatedarrangement,coordination,andmanagementofcomplexcomputersystems,middlewareandservicesWikipediaCloudStackArchitectureOrchestrationCorePluginFrameworkHypervisorPluginsHypervisorPluginsNetworkPluginsNetworkPluginsAllocatorPluginsAllocatorPluginsStoragePluginsCloudStackArchitectureOrchestrationCorePluginFrameworkHypervisorPluginsHypervisorPluginsNetworkPluginsNetworkPluginsAllocatorPluginsAllocatorPluginsXenServerVMWareKVMOracleVMRandomUser-concentratedIntelTXTAffinityNiciraNetscalerBrocadeMidoNetCloudStackOrchestrationOrchestrationCorePluginFrameworkHypervisorPluginsHypervisorPluginsNetworkPluginsNetworkPluginsAllocatorPluginsStoragePluginsAPIAPIAPIStorageResourcePhysicalResourcesStorageResourceNetworkResourceNetworkResourceHypervisorResourceHypervisorResourceAllocatorPluginsAllocatorPlugins123456789OrchestrationstepscanbeexecutedinparallelorinsequenceCloudStackandSDNOrchestrationcorePluginFrameworkHypervisorPluginsHypervisorPluginsNetworkPluginsNetworkPluginsAllocatorPluginsStoragePluginsAPIAPIAPIStorageResourcePhysicalResourcesStorageResourceNetworkResourceSDNcontrollerHypervisorResourceHypervisorResourceAllocatorPluginsAllocatorPlugins123456789NetworkpluginisthegluethatunderstandstheSDNcontroller’sAPICloudStackSDNIntegrationNiciraNVPL2(STT)isolationin4.0SourceNAT/LogicalRouterin4.2BigSwitchVLANisolationin4.1VNSin4.2MidokuraL2-L4networkvirtualizationComingin4.2CloudStackNativeTechpreview(since4.0)RequiresXenServerOrchestrationcorePluginFrameworkHypervisorPluginsHypervisorPluginsNetworkPluginsNetworkPluginsAllocatorPluginsStoragePluginsAPIAPIAPIStorageResourceStorageResourceNetworkResourceSDNcontrollerHypervisorResourceHypervisorResourceAllocatorPluginsAllocatorPluginsVM1VM3VRHost1Host3Host4VM2Host2Start3VMsAllocatehypervisorsVMOrchestra
温馨提示
- 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
- 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
- 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
- 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
- 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
- 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
- 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
最新文档
- 5《孔乙己》微课教学设计
- 7《我们有新玩法》(教学设计)-统编版道德与法治二年级下册
- 人教版语文六年级下册 第三单元:课文+习作+习作例文 课时教案+教学反思
- 2024年度河南省安全员之C证(专职安全员)题库检测试卷A卷附答案
- 2024年度贵州省安全员之C证(专职安全员)模拟考试试卷B卷含答案
- 北师大版生物八年级上册 第20章 第3节 性状遗传有一定的规律性(15)(教案)
- 云南省曲靖市重点名校2024年中考考前最后一卷数学试卷含解析
- 浙江省杭州市文澜中学2023-2024学年中考数学对点突破模拟试卷含解析
- 数控铣床加工中心加工技术(第二版)课件 8-2 典型案例2
- 我的梦想作文演讲稿中学生
- UNIT4Historyandtraditions词汇句型复习教学设计高中英语人教版
- 消毒消杀质检报告
- 钢平台铺板计算excel(可当计算书)
- 2021年科学中考真题分类汇编11:功和能(解析版)
- 《圆的周长》说课ppt
- 零星维修服务方案
- 悬挑式脚手架监理细则
- 古诗词诵读第1首 《无衣》【知识精讲+拓展延伸】 高二语文高效课堂 (统编版选择性必修上册)
- 海尔集团岗位管理手册
- 心梗三项在AMI诊断意义
- 国民收入分配统计
评论
0/150
提交评论