mul을이용한 openflow 기반 sdn 컨트롤러응용개발openflow기반 sdn...
TRANSCRIPT
MuL을 이용한OpenFlow 기반
SDN 컨트롤러 응용 개발
KRNet 2013Sueng-Y. Park
Yonsei UniversityKulCloud Corp.
KR
NET
201
3K
RN
ET 2
013
목차
• Market Driver
• Brief Review on OpenFlow
• Architecture of MuL SDN Controller
• User Development Environment
• SDN Controller Hands-on
• Q&A
KR
NET
201
3K
RN
ET 2
013
Fast &
Interactive
24x7availability
FreeOr
Low price
• User requires faster QoE
• User demands vary frequently
• Opex/CapexMatters
• Highavailability
Market Driver: User Requirements
KR
NET
201
3K
RN
ET 2
013
Iaas, Paas, Saas Commercial Cloud Sampler
Amazon rackspace Google Microsoft Salesforce
Iaas
Paas
Saas
What’s Missing Here?
KR
NET
201
3K
RN
ET 2
013
Application ServiceDeployment
Cloud
h
Cloud or VM Image Launc
h
System Configuration
OS Install
Infrastructue as a Services(Iass)
Environment for building a native application
Software as a Service(SaaS)
Packaged software application
Framework as a Service(Faas)Environment for
building a model for an ERP system
Platform as a Service(Pass)
Environment for building a managed application with an IDE with a rich class library
that executes in a runtime container
Network !!
What’s Missing Here?
CapistranoControlTierFabriFunc
BCFGCfengineChefPuppetSmartFrog
Cloud;XenOpenVZVmware*AWS*(*Not open Source)
OS Install;KickstartJumpstartCobblerOpenQRM
Command andControl
Configuration
Bootstrapping
Prov
isio
ning
Act
ivity
KR
NET
201
3K
RN
ET 2
013
New Trends in NetworkNetwork in Cloud Way (borrow Network)
• Today’s example: cloud computing
6
I need more computing power to run my business
Option A: Buy hardware
Option B: Get some VMs from a
cloud provider
KR
NET
201
3K
RN
ET 2
013
Cloud Network?
7
Network Customer
Option A: Buy hardware
Option B: Get some sort of VPN
(It’s ok, but I loose features compared to Option A)
Option C: Any equivalent of “just get
some VMs from a cloud provider”?
KR
NET
201
3K
RN
ET 2
013
On-Demand Network Provisioning
8
Network Customer
Marketplace
X , maximum delay of Y ms.
I want a network with POPs @ sites A, B, C:• POP A requirements: …• POP B requirements: …• POP C requirements: …Interconnection between POPs at X Gbps, maximum delay of Y ms.
Ok, I’ll see what I can find!
KR
NET
201
3K
RN
ET 2
013
Cloud Network Service Provider
9
Marketplace
Infrastructure Owner Provides Network on
demand Infrastructure
Provider
Infrastructure Provider
Infrastructure Providers have previously published their offerings
at the market, with the usage conditions (Price, SLA)
KR
NET
201
3K
RN
ET 2
013
A possible option C (III)
10
Network Customer
Marketplace
Easy Construction of Infra
Customer borrows NW RSC for HIS network
KR
NET
201
3K
RN
ET 2
013
A possible option C (IV)
11
Network Service Provider
사용자의 다양한요구를 자동으로설정해 줄 수 있는장비가 필요
Customer A
VPN과 보안 서비스제공하기 위해 망을빌려 쓰고 싶다
Customer B
무선 전화망을구성하기 위해망을 빌려쓰고싶다
KR
NET
201
3K
RN
ET 2
013
Rackspace offered Infrastructure-As-A –Service. Previously it was mostly Software-As-A-Service platform
VMWareIPO 2007
IaaS Cloud2008
Openflow2008
SDN & Cloud Computing2012~
Nicira Buy-out 2012
OpenStackManagement2010
Integration of veriousvirtualization and management SW started under the framework of OpenStack
Cloud Computing and SDN expands to Home Network, Data Center, LTE and etc.
CommerciallyMeaningful CPU Virtualization
Extended Mobility(GTP, MME etc.)Extended AAAMore Access NetworksIntegrationSupport for specificapplications
VMware buys Nicira and announced the network is the crucial for cloud computing.
KR
NET
201
3K
RN
ET 2
013 Brief Review on OpenFlow
KR
NET
201
3K
RN
ET 2
013
Router, Early DaysPC구조와 비슷
14
Interface
R
R
R
R
R
R
R
R
Bottlenecks
ApplicationProcess Interface
Artworks from N. McKeown 06
KR
NET
201
3K
RN
ET 2
013
Router, Recent DaysPC with faster I/O
15Artworks from N. McKeown 06
RR
R
R
KR
NET
201
3K
RN
ET 2
013 수십 Tbps에
달하는I/O포트
CPU board는 1개
Modern Router
KR
NET
201
3K
RN
ET 2
013
CPU 성능 향상이 불필요했던 이유
17
Protocols BGP OSPF PIM RIP
Interconnection between line cards
Packet Forwarding Hardware
Data Plane
Control Plane,circa 1999-2013, same
Typical Router
• 제어평면(Control Plane)이 10년 이상 거의 Upgrade없음.
• 사용자 편익을 위한 Service 거의 없슴.
KR
NET
201
3K
RN
ET 2
013Services
Your Wish Lists Will Grow
KR
NET
201
3K
RN
ET 2
013
Expanded sensor combinations
More Services?
KR
NET
201
3K
RN
ET 2
013
라우터 구조의 개혁예전 상태
20
Protocols BGP OSPF PIM RIP
Interconnection between line cards
Packet Forwarding Hardware
Services AAA Web Mobility Sensor Developer Access
Walled Garden
Closed Router
• 신규 서비스는 데이터센터에 설치– 라우터 내부를 수정하는 것은 불가
– 원격지의 데이터센터에 신규 서비스 설치
KR
NET
201
3K
RN
ET 2
013
라우터 구조의 개혁
21
전송평면 - 각종 프로토콜 (표준) BGP OSPF TRILL STP
고성능 연결 장치
고속 반도체 전송장치
• 라우터의 전송평면과 제어평면을 분리하여 분리 개발이 가능하게 한다.
• 전송평면과 제어 평면을 상호 제어하는 표준을 제정한다.
KR
NET
201
3K
RN
ET 2
013
라우터 구조의 개혁
22
전송평면 - 각종 프로토콜 (표준)
BGP OSPF TRILL STP
고성능 연결 장치
고속 반도체 전송장치
프로토콜 운영 OS
물리적분리된제어평면
물리적분리된전송평면
KR
NET
201
3K
RN
ET 2
013
라우터 구조의 개혁
23
전송평면 - 각종 프로토콜 (표준)
BGP OSPF TRILL STP
고성능 연결 장치
고속 반도체 전송장치
프로토콜 운영 OS
오픈 플로우:개방되고 표준화된 통신 API
KR
NET
201
3K
RN
ET 2
013
SDN 으로 구성된 라우터
24
Protocols & Applications
RSVP OSPF ALTO Video
SDN aware Agent
Legacy Hardware
SDN Controller
응용SW는일반서버에서운용
SDN지원전송평면
Openflow
KR
NET
201
3K
RN
ET 2
013
Custom Hardware
Custom Hardware
Custom Hardware
Custom Hardware
프로토콜 운영 OS
오픈플로우로 소프트웨어 및하드웨어의 조합 가능
25
Custom Hardware
A교수의 BGP B회사의 OSPF C사의 STP
KR
NET
201
3K
RN
ET 2
013
SDN에 의한 서비스 제공의 장점
• 기존 Legacy 장비를 활용하고 SDN 장비를 추가하는 점진적 설치가 가능하다
• Operation의 자동화– 수천대의 장비를 일괄적으로 관리 할 수 있어 서비스 장애률을 줄일 수
있다.– Human Cost가 절약된다.
• Software를 이용해 인프라를 관리 하기 때문에 Opex가줄어든다.
• 사용자의 반응을 즉시적으로 확인하고 출시를 확대할지축소할 지의 여부를 단시간에 결정 가능– Software이기 때문에 배포 및 철회의 Cost가 줄어든다.
KR
NET
201
3K
RN
ET 2
013 Architecture of MuL
SDN Controller
KR
NET
201
3K
RN
ET 2
013
MuL Controller Architecture
28
KR
NET
201
3K
RN
ET 2
013
Controller Core
• App Handler: Respond to API calls• Switch Handler: Respond to switch events and switch info
requests• Performance optimized through Multi Thread and Cache Aware
Programming (Optimized to Intel x86 CPUs)29
KR
NET
201
3K
RN
ET 2
013
MuL Controller: APIs
• 2 Level APIs– Mid-Level C API: For performance– RESTful API: For usability
30
KR
NET
201
3K
RN
ET 2
013
Southbound Interface
• Responsible for Communication to Data Plane• Core’s request is passed through Load Balancer to Southbound
Translator, converted to respective Southbound protocol• Can manage different Southbound protocols such as Openflow
v1.0, Openflow v1.2, etc.31
KR
NET
201
3K
RN
ET 2
013
Controller: Performance
• Measured flow responses/sec using cbench
32
KR
NET
201
3K
RN
ET 2
013 User Development Environment
KR
NET
201
3K
RN
ET 2
013
Use Case of SDN Controller
34
Protocols & Applications
RSVP OSPF ALTO Video
SDN aware Agent
Legacy Hardware
SDN Controller
SDN Application running on Controller
Hardware with SDN
Openflow
KR
NET
201
3K
RN
ET 2
013
User Interface: NBAPI Provisioning• NBAPI (North Bound API) is API for Human (User).• NBAPI is for RESTful architecture.
- User can use any language to program SDN controller
VirtualNetwork
Kulcloud SDN Controller
User UI
Statistics Flow Managers
RESTful API
KR
NET
201
3K
RN
ET 2
013
Management by OpenStack + OpenFlow• Programmer can write the router/switch control
program as if he is writing a normal program.
Server Farm +OF Switch
Kulcloud SDN Controller
User Python Program
Statistics Flow ManagersREST API
VM
OpenStack
VM VM VMVM
서버 Farm
KR
NET
201
3K
RN
ET 2
013
Management by OpenStack + OpenFlow
Server Farm +OF Switch
Kulcloud SDN Controller + Orchestration
User Program
Statistics Flow ManagersREST API
VM
Router/Switch
VM VM VMVM
서버 Farm
IF OpenStackCPU_Load (my_id) > 90% doSDN_LoadBalance (controller_id, target)
데이터센터서버 통계 정보
KR
NET
201
3K
RN
ET 2
013
Management by OpenStack + OpenFlow
Server Farm +OF Switch
Kulcloud SDN Controller + Orchestration
User Program
Statistics Flow ManagersREST API
VM
Router/Switch
VM VM VMVM
서버 Farm
SDN_LoadBalance (controller_id, target) = Assign More Server + Network Setup + LB Config&Setup + Integrate with OpenStack
Vendor NBAPI for LB
KR
NET
201
3K
RN
ET 2
013
• Implemented by Java & HTML5 APIs• Provides Monitoring, SDN Controls as Vendor Extensions
Sample User Interface
Flow Manager API Statistics API
KR
NET
201
3K
RN
ET 2
013
• Implemented by Microsoft C# and supports 한글
• Integrated with OpenStack APIs and SDN APIs
Another Sample User Interface
KR
NET
201
3K
RN
ET 2
013 SDN Controller Hands-on
KR
NET
201
3K
RN
ET 2
013
42
Data request
Data request
Data request
SDN Controller 응용 사례
• SDN 기반의 Content Delivery 매니지먼트 시스템.
KR
NET
201
3K
RN
ET 2
013
Core TechnologyNetwork Virtualization and Path Control
• 다양한 네트워크 Topology를 즉시 구성하고 (Network Virtualization) 전송경로를 소프트웨어로 제어(Path Control) 할 수 있어야 한다.
PhysicalNetwork
VirtualNetwork
KR
NET
201
3K
RN
ET 2
013
Tutorial Topology
KR
NET
201
3K
RN
ET 2
013
Tutorial flow chart
KR
NET
201
3K
RN
ET 2
013
Application Initialization• REST Service URL define
– ROUTE_PATH_MGR_URL, FLOW_TABLE_MGR_URL• IP, ARP protocol ehternet type define
– IP(0x806), ARP(0x800)
if __name__ == '__main__':IP_ETH_TYPE = '0x806'
ARP_ETH_TYPE = '0x800'
Variable define for the IP protocol ethernet type define
Variable define for the ARP protocol ethernet type define
KR
NET
201
3K
RN
ET 2
013
Application Initialization• REST Service URL define
– ROUTE_PATH_MGR_URL, FLOW_TABLE_MGR_URL• IP, ARP protocol ehternet type define
– IP(0x806), ARP(0x800)
if __name__ == '__main__':ROUTE_PATH_MGR_URL = 'http://192.168.0.100:8181/1.0/route/path/%s/%s/%s/%s‘# /route/path/{src _dpid}/{src_port}/{dst_dpid}/{dst_port}
FLOW_TABLE_MGR_URL = 'http://192.168.0.100:8181/1.0/flowtable/%s/flow‘# /flowtable/{dpid}/flow
Define Path request URL variable between starting point(src_dpid, src_port) and end point(dst_dpid, dst_port). ‘192.168.0.100:8181’ is IP/Port address of NBAPI Server
Define Flow setup request URL variable in the openflow switch
KR
NET
201
3K
RN
ET 2
013
client = requests.session()
flow_id=[]
Application Initialization• REST Client Initialization• Arguments Initialization for the flow setup between end points
– source switch dpid/port, – destination switch dpid/port
Rest Client object initialization
Flow ID table initialization for the flow table Management. After flow setup NBAPI Server return the Flow ID.
KR
NET
201
3K
RN
ET 2
013
sourceSwitch = args.src_sw
sourcePort = args.src_port
Application Initialization• REST Client Initialization• Arguments Initialization for the flow setup between end points
– source switch dpid/port, – destination switch dpid/port
Define the DPID attached by the source client from the program initialization time arguments
Define the port number attached by the source client from the program initialization time arguments
KR
NET
201
3K
RN
ET 2
013
destSwitch = args.dst_sw
destPort = args.dst_port
Application Initialization• REST Client Initialization• Arguments Initialization for the flow setup between end points
– source switch dpid/port, – destination switch dpid/port
Define the DPID attached by the destination client from the program initialization time arguments
Define the port number attached by the destination client from the program initialization time arguments
KR
NET
201
3K
RN
ET 2
013
Retrieving route from src to dst• Retrieving route from source to destination using Routing rest
API(ROUTE_PATH_MGR_URL)• Response message structure
– List of the switches in route path
Argument ContentDpid DIPD number in this hopIngress_port Ingress port number in this switchEgress_port Egress port number in this switch
• Example– {[{"dpid": 1, ingress_port":
1, "outgress_port": 2 }, {"dpid": 2, ingress_port": 2, "outgress_port": 3 }, {"dpid": 3, ingress_port": 3, "outgress_port": 1 }]}
KR
NET
201
3K
RN
ET 2
013
Retrieving route from src to dstROUTE_PATH_MGR_URL=ROUTE_PATH_MGR_URL%(sourceSwitch, sourcePort, destSwitch, destPort))
routing_resp = client.get(ROUTE_PATH_MGR_URL)
parsedResult = json.loads(routing_resp.content['hops'])
REST API call for the Path starting point(src_dpid, src_port) and end point(dst_dpid, dst_port) using Routing Rest API as HTTP GET
Load the response message as JSON structure
ROUTE_PATH_MGR_URL define using the given argument from the program initialization arguments 'http://192.168.0.100:8181/1.0/route/path/2/1/3/1‘
KR
NET
201
3K
RN
ET 2
013
Flow table set up per pair of switches in route path
• Setting up the flow table per siwtches in the route path• POST message arguments
Argument Contentdst_mac Destination MAC addresssrc_mac Source MAC addressdst_nw Destination IP addresssrc_nw Source IP addressdst_port Destination Port Numbersrc_port Source Port Numberpriority Priorityeth_type Ethernet Protocol Typevlan Vlan numberin_port Ingress port in the switchactions Action list for the matched flow
KR
NET
201
3K
RN
ET 2
013
for i in range(len(parsedResult)):
sw_dpid = parsedResult[i]['dpid']
ingress_port = parsedResult[i]['ingress_port']
egress_port = parsedResult[i]['egress_port‘]
Flow table set up per pair of switches in route path
• Send one flow mod(IP flow + ARP flow) per pair of switches in route path using Flow Table Manager Rest API(FLOW_TABLE_MGR_URL + HTTP POST). This is for the ARP flow
For loop for each hop informations(dpid, ingress_port, egress_port)
Extract dpid
Extract inress port
Extract egress port
KR
NET
201
3K
RN
ET 2
013
body = {'src_ip':args.srcAddress,
‘dst_ip':args.dstAddress,
‘in_port':ingress_port,
'eth_type‘:ARP_ETH_TYPE,
Flow table set up per pair of switches in route path
• Define the HTTP message body with the end client information
Fill up the src_ip fields using The init time argumets
Flow setup for the ARP protocol
Fill up the src_ip fields using The init time argumets
Fill up the in_port fields using Path Mgr response message
ARP protocol
KR
NET
201
3K
RN
ET 2
013
'actions':['action':'OUTPUT_PORT', 'value':egress_port]}
headers = {'content-type':'application/json'} }
Flow table set up per pair of switches in route path
• Define the Action with value in the switch
HTTP header define as JSON
Action(OUTPUT_PORT) setup with theextracted egress port value
KR
NET
201
3K
RN
ET 2
013
Flow table set up per pair of switches in route path
FLOW_TABLE_MGR_URL = FLOW_TABLE_MGR_URL % sw_dpid
flow_setup_resp = client.post(FLOW_TABLE_MGR_URL , data=json.dumps(body), headers=headers)
REST API call for the flow set up usingFlow table mgmt Rest API as HTTP POST
• Repeat this flow set up for the each switches(DPID 1, 2, 3) and protocols(IP, ARP) in route path
Define FLOW_TABLE_MGR_URL using the given argument from the Path manager response message'http://192.168.0.100:8181/1.0/flowtable/2/flow‘
KR
NET
201
3K
RN
ET 2
013
Flow table set up per pair of switches in route path
Flow_setup_resp= json.loads(routing_resp.content)
flow_id.append(flow_setup_resp['flow_id'])
Load the response message as JSON structure
Add the flow_id in the flow_id tables for the flow management(DELETE, UPDATE…)
• Insert the flow ID to the flow_id table in the client application for the Flow UPDATE/DELETE
KR
NET
201
3K
RN
ET 2
013
Flow table set up per pair of switches in route path
body = {'src_ip':args.dstAddress, 'dst_ip':args.srcAddress,'in_port':egress_port, 'eth_type':IP_ETH_TYPE,
'actions':['action':'OUTPUT_PORT', 'value':inress_port]}
headers = {'content-type':'application/json'}
flow_setup_resp = client.post(FLOW_TABLE_MGR_URL % (controllerRestIp, sw_dpid), data=json.dumps(body), headers=headers)
# Response message of Flow Table Manager rest API {“flow_id”:”2”}flow_id.append(flow_setup_resp['flow_id'])
• Repeat for the IP flow
Flow setup for the IP protocol
IPprotocol
KR
NET
201
3K
RN
ET 2
013
Flow table set up per pair of switches in route path
body = {'src_ip':args.dstAddress,
'dst_ip':args.srcAddress,
'in_port':egress_port,
'eth_type':ARP_ETH_TYPE,
• Repeat for the bidirectional ARP flow
src/dst IP address and in/out portpairs are changed for the bidirectionalflow set up
ARPprotocol
KR
NET
201
3K
RN
ET 2
013
'actions':['action':'OUTPUT_PORT', 'value':egress_port]}
headers = {'content-type':'application/json'} }
Flow table set up per pair of switches in route path
• Define the Action with value in the switch
HTTP header define as JSON
Action(OUTPUT_PORT) setup with theextracted egress port value
KR
NET
201
3K
RN
ET 2
013
Flow table set up per pair of switches in route path
body = {'src_ip':args.dstAddress, 'dst_ip':args.srcAddress,'in_port':egress_port, 'eth_type':IP_ETH_TYPE,
'actions':['action':'OUTPUT_PORT', 'value':inress_port]}
headers = {'content-type':'application/json'}
flow_setup_resp = client.post(FLOW_TABLE_MGR_URL % (controllerRestIp, sw_dpid), data=json.dumps(body), headers=headers)
# Response message of Flow Table Manager rest API {“flow_id”:”2”}flow_id.append(flow_setup_resp['flow_id'])
• Repeat for the IP flow
Flow setup for the IP protocol
IPprotocol
KR
NET
201
3K
RN
ET 2
013
Flow table delete• Remove previously created flow from siwtches using Flow Table
Manager Rest API(FLOW_TABLE_MGR_URL + {flow_id} + HTTP DELETE)
for i in range(len(flow_id)):flow_del_resp = client.delete('http://192.168.0.100:8181/1.0/flowtable/1/flow/%s’ % flow_id[i]))
# Response message of Flow Table Manager rest API {“flow_id”:”1”}
if i is flow_del_resp['flow_id']:flow_id.delete(i)
Looping on the flow id table to delete every flows
REST API call for the flow delete using Flow table mgmt Rest API with flow id as HTTP DELETE
If REST API is success, delete the flow id entry