ApacheCon LiveBlog: Software Defined Networking (SDN) in CloudStack

This is a live blog from ApacheCon that I'm attending this week.  This session is with Chiradeep Vittal.

Usual Live Blog Disclaimer: This is more of a brain dump typing as fast as I can, please excuse typos, format, and coherent thought process in general.

• Introduction is about how does Amazon built a cloud (see his previous session for this part)
• SDN Definition - Separation of Control Plane from the hardware performing the forwarding hardware - Also centralized control
• Central control eases configuration, troubleshooting, maintain over time
• Eliminates the tedious "log into every box" idea of network maintenance, log into controller
• OpenFlow is that SDN? - NO, it is a protocol for the control plane to talk to the forwarding elements
• Control is on the "top" and forwarding is on the "bottom"
• flexibility example, different route based on direction. Box A and Box B, different flow from A to B and B to A if needed
• IaaS and SDN go hand in hand - Agility, API configuration, Scalability,  Elasticity (all the ity's!)
• SDN enables virtual networking - the illusion of isolated networks on a physical wire
• SDN does have issues - Discovery of virtual addresses -> physical address mapping for instance
• He is now going over a multi-tenant topology example:

• CloudStack model - map virtual networks to physical network - define and provision networks and manage elasticity and scale
• CloudStack Network Model is very robust (see pic, too much to type, things in box tend to be SDN functions)

• How de we put this together?
• CloudStack Service Catalog - Cloud users don't see the "guts" of the configuration, the cloud admin or operator designs the service catalog and presents this to the users
• example - Gold Network - LB + FW + VPN using virtual appliances
• Platinum - LB + FW + VPN but using hardware devices
• Now going over topology example of the Gold offering & Platinum (uses Juniper firewall and Netscaler to Load Balance:

• In both examples the users has no idea if they are on the Gold or Platinum network
• Multi-Tier virtual networking - can define application tiers and isolate based on need as well, who is connected where
• Orchestration - He went through the Multi-Tier example and demonstrated all the steps that would have to be down manually (too many to list) and this will all be done through orchestration
• CloudStack Orchestration Architecture (see picture) - plugin Framework allows this to happen

• SDN works with CloudStack through the plugin model, the SDN controller talks to the plugin, today there is integration with Nicira NVP, BigSwitch, Midokura, and CloudStack Native (requires XenServer)

• CloudStack Native Controller uses GRE and and talks to Open vSwitch on the XenServer
• All isolation happens through the concept of a tenant key over the GRE tunnels. Each tenant has a unique key
• What makes the CloudStack controller different? 
• It is purpose built for IaaS and is not a general purpose SDN solution
• Proactive model - Deny all flows except ones programmed by the end-user API - others send to central controller and may have problems at scale
• Use the CloudStack virtual router to provide L3-L7 services (mainly because most hardware doesn't understand GRE today)

Links to Everything CloudStack Collaboration Conference

Lions and Tigers and CloudStack Monkeys Oh My!

This weekend the first ever Apache CloudStack Collaboration Conference was held in Las Vegas!  A HUGE thanks to David Nalley, Karen Vuong & Joe Brockmeier for pulling off such an incredible event!  If you thought the cloud wasn't "real world", take a look below. The content was amazing!

This document is intended to be a living archive of the content from #ccc12.  This is by no means an inclusive list.  If you see a link that I haven't included, please leave me a comment and I will update this article as quickly as I can.  I believe the sessions were recorded and as soon as I get a link I will add it as well.  Thank you!

Keynote Presentations:

• "The Most Interesting Man in the Cloud" Peder Ulander opened the event. I will post his slides shortly.
• Aneel Lakhani from Gartner. Enterprise + Cloud + Open
• Jim Jagielski - Apache Code, Community, and Open Source
• Tom Raftery from GreenMonk - Can We Hack Open Source Cloud Platforms to Reduce Emissions?
• John Willis (@botchagalupe) from EnStratus - Analyzing a Complex Cloud Outage

Networking Session Presentations:

• Rohit Yadav - DevCloud & CloudMonkey - CloudStack Demos; Link to the code.
• Hugo Trippaers - CloudStack & Nicira NVP Integration
• Floyd Strimling - Monitoring CloudStack Deep Dive
• Michael Ducy - DudeOps - Why the Big Lebowski is About Building a Cloud
• Somik Behera - Networking Considerations for CloudStack
• Dan Bode - Integrating CloudStack with Puppet & code link
• Jason Hancock - Running Puppet on CloudStack Instances & YouTube Video
• Ed Laczynski - Solving the Cloud Puzzle - The Complete Stack Explored
• Chiradeep Vittal - The Evolution of CloudStack Architecture
• Andrew Bayer - CloudStack and jclouds
• John Griffith & Dave Cahill - CloudStack and Cloud Storage
• Roeland Kuipers - Mission Critical Cloud Computing
• Uri Cohen - Building a Carrier Grade PaaS with CloudStack
• Geoff Higginbottom - Introduction to CloudStack Networking
• Chip Childers - 6 Months In: What I've Learned about Apache Projects
• Diane Mueller - Adventures in Deploying a Private PaaS on CloudStack
• Andy Gross - Riak Cloud Storage
• John Kinsella - CloudStack Secured
• Prasanna Santhanam - Continuous Test Infrastructure
• Dominic Curran - Under the Hood: Open vSwitch & OpenFlow in XCP & XenServer
• Jessica Tomechak - Open Writing! Collaborative Authoring for CloudStack Documentation
• Rajesh Ramchandani - High Value Cloud Service
• Kelcey Damage & Clayton Weise - CloudStack in Production - Considerations & Design
• Duncan Johnston-Watt - Quality Control in a Cloudy World
• Chiradeep Vittal - Apache CloudStack: A Not So Cloudy Future
• Alex Huang - Apache CloudStack Evolution Proposal
• Funs Kessen - Storage in a Mission Critical Cloud(stack)
• Marcus Sorensen - Implementing CloudStack's VPC Feature
• Marcus Sorensen - Using CloudStack with Clustered LVM
• Donal Lafferty - Supporting Hyper-V 3.0 on Apache CloudStack
• Ben Cherian - Making a Case for Distributed Overlay-Based Network Virtualization
• UPDATED: Mice Xia - Integrate 3rd Party Security with CloudStack

Announcements:

• CloudCat - Manage & Report on CloudStack - Site & Code Links
• Basho Riak CS supports Multi-DataCenter Replication

My apologies ahead of time for any typos and/or botched names. It is very late on a Sunday but felt it was important to get this out as quickly as possible.  Just about everyone listed here is on Twitter so feel free to look them up!  Thank you again for everyone who attended the conference!!

Cloudcast (.NET) - Episode 34 - New Networks for the Cloud

Brian and I had the awesome privilege of speaking with Ivan Pepelnjak on Friday about how we see networks in Cloud Computing evolving in the next few years.  We rolled up our sleeves and talked about OpenFlow and SDN (Software-Defined Networking) and many other great topics.  It was great fun and I learned a lot from Ivan.  If you go to the show notes page you will see a BUNCH of helpful links so rather than recreate them all here, go over there and take a look!

Also, here are some other links I used to prepare for the show.  As always, feedback welcome!

• What is OpenFlow and why is it needed?
• On data center scale, OpenFlow, and SDN
• Will SDN/OpenFlow be used in the Enterprise?