cdc2014 발표자료 (이병준) final
DESCRIPTION
The presentation of IRIS project current status. OpenIRIS is an Openflow-based Controller Platform, developed by SDN Technology Research Section, ETRI. This presentation is for IDG-CDC2014 workshop.TRANSCRIPT
Openflow Controller Platform for
Carrier-Grade NetworksIDG-CDC2014
Byungjoon LeeETRI SDN Technology Research Section
[email protected]/March/2014
2Byungjoon Lee ([email protected])
‘Carrier Grade’
Metro Ethernet Forum Definition– describes a set of functionalities and requirements that ar-
chitectures should support in order to fulfill the operational part of network operators• Scalability• Reliability• Quality of Service (QoS)• Service Management
In order to be applied to carrier grade net-works, Openflow must be able to meet these requirements– D. Staessens et al., “Software Defined Networking:
Meeting Carrier Grade Requirements”, Local & Metropol-itan Area Networks (LANMAN), 2011 18th IEEE Workshop on.
3Byungjoon Lee ([email protected])
Issues
Scalability– Problems
• Huge number of network elements, including SDN elements• Huge number of flows• Many network domains
– Question• can a controller provide sustainable scalability for all these prob-
lems?
Availability– Problems
• Service providers do not want their network to stop• Reliable failover solution is required
– Question• Is there any controller platform that guarantees non-stop opera-
tion of underlying networks?
4Byungjoon Lee ([email protected])
OF 1.3+: How to solve flow table scalability prob-lem
Example: load-balancing application from Broadcom
EnvironmentNo of tables
ConfigurationTotal number of flows re-
quired
Openflow 1.0 1• L4 source port, the load balancing factor• 1 flow entry for each micro flow to load balance the traffic• Load balancing algorithm on the controller
4K
Openflow 1.3 7
• 4 entries in the VLAN flow table to add 4 ingress ports in the VLAN of the ingress traffic
• 1 entry in the Termination MAC flow table that configures the ingress traffic with the router MAC and VLAN
• 1 ECMP group with 4 next hops (and the associated L2 inter-face, L3 unicast groups). This leverages ECMP capabilities of the hardware and the controller is offload with the task
• 1 L3 routing table flow entry to match the IP destination and use the ECMP group as the next hop for the matching traffic
7
Physi-cal port
Ingressportflowtable
VLANflowtable
TerminationMACflowtable
UnicastRouting
MulticastRouting
Bridging
ACLPolicyflowtable
Applyactions
Physi-cal port
5
Group - all
Multicast/broadcast Reduce flow-mod records
Group - indirect
Group – fast failoverGroup – select
ECMP Instead of reactive failover
Red
uce F
low
Tab
le S
ize W
ith
Gro
up
Ta-
ble
En
trie
s
6Byungjoon Lee ([email protected])
Question
Switches are now (almost) ready. How about controllers?– Can you scale them if you need more PACKET-IN throughput?– Can you replace the software images without impacting the
network?– Can you make the switches immune to controller failures?
Of course there are ‘elastic’ solutions for this problem, but they are stillnot good enough
ElastiCon: HotSDN 2013
7Byungjoon Lee ([email protected])
IRISA Spin-off project from Floodlight
Floodlight– Openflow-based SDN Controller from BigSwitch (Open Source)– Supports Openflow 1.0 (and soon will announce 1.3 support)– Adopted widely by research communities
IRIS (v2.0.0 release is coming)– Yet another Openflow-based SDN Controller from ETRI – With an IO engine implemented from scratch on top of Java NIO– Supports Openflow 1.0~1.3
• Floodlight/Loxigen-based Openflow API
– Provides an Open-source version: OpenIRIS (http://openiris.etri.re.kr) – Provides a northbound API which is fully compliant with that of Floodlight
(to support 3rd party applications from various research communities)– Focus on solving the scalability / availability issues of the
centralized control
8Byungjoon Lee ([email protected])
Goal
9Byungjoon Lee ([email protected])
Current Status
OpenIRIShttsp://github.com/bjlee72/IRIS
1.3.2-master-xen-final
master
loxigen
Link Discovery,Topology ManagerDevice Manager,Learning Switch,Firewall,State Manager,Storage Manager,
Link Discovery,Topology ManagerDevice Manager,Learning Switch,State Manager,Storage Manager,Firewall (Enhanced),Net Failover (New),Static Entry Pusher (OF1.3 support)
10Byungjoon Lee ([email protected])
OpenIRIS and IRIS
OpenIRIS IRIS
Floodlight/Loxi-gen
Performance-Optimized Floodlight/Loxi-gen
Not Supported
Not Supported
Not Supported
3Q
3Q
Portability
Byungjoon Lee ([email protected])
IRIS I/O Handling Architecture
11
OFController
queue Thread
queue Thread
queue Thread
queue Thread
process()
handleConnectedEvent()
handlePacketIn()
handleGeneric()
handleReadEvent()
Abstract methods
ClientChannelWatcher
msgs
Connection.read();(implemented on OpenflowJ-IRIS)
ClientChannelWatcher
ClientChannelWatcher
* The number of threads is configurable
OFProtocol
Byungjoon Lee ([email protected])
Single-box performance
12
IRIS 1.0.0
IRIS-Xen
IRIS-Loxi-1
11,000,000 flows/sec
10,500,000 flows/sec
2,500,000 flows / sec
Ubuntu 12.04 LTS 64bit (Kernel : 3.5.0-23-generic)CPU : Intel Xeon E5-2690 v2 3.00GHz (20 physical core)RAM : 64G
Testingenvironment
Benchmarking Cbench : 1 corecontroller: max 19 core
IRIS-Loxi-2 5,000,000 flows / sec (Loxigen + ByteBuffer support)
IRIS-Loxi-3 FUTURE PLAN (Hopefully) 10,000,000 flows / sec (IRIS-Loxi-2 + Further Optimization)
13Byungjoon Lee ([email protected])
Scalability and Availability support in IRIS
Assumptions– A (large) network is possibly split into multiple unit networks– A unit network is managed by a controller (cluster)
Design– Scalability & Availability for a (large) unit network is
provided by a controller cluster• A cluster consists of multiple controller instances• All controller instances are connected by a ‘middleware’
– Interoperability between unit networks is provided by a controller hierarchy
14Byungjoon Lee ([email protected])
Scalability and Availability support in IRIS (1)
Considerations– Addresses exposed to data
plane– Transparency– Horizontal scalability– High availability– State sharing
Functionalities– Load balancing among
physical controller in-stances
– Switch migration• For failed controller in-
stances• For newer controller in-
stances
– Security• Immune to attack such as
DDoS
OF
swit
chS
A C
on-
trolle
r
UnitOpenflowNetwork
IP #1
IP #2
IRISController(Cluster)
Openflow-basedmiddleware (IRIS-HiSA)* security, reliability, scalability
Haze
lcast
Controller instance
Controller instance
Controller instance
Controller instance
Controller instance
We believe OF-basedbrokering middleware
will be one of the promisingapplications of Openflow
15Byungjoon Lee ([email protected])
Scalability and Availability support in IRIS (2)
Controllers forms IS-A relationships via controller hierarchySub-controllers flood their topological information to super-controllers
UnitOpen-flow
Network
UnitOpen-flow
Network
UnitOpen-flow
Network
Controller-to-Super ControllerCommunication channels
Controller
Network Topol-ogy
Controllers are able to apply flow records reactively or proactively to the data plane elements at network bordersSub-controllers are able to ask queries to a super-controller about the destinations that it does not know
16Byungjoon Lee ([email protected])
Scalability and Availability support in IRIS (3)
Floodlight/IndigoA Network as a “Big Switch”:Recursive Abstraction of Large Networkinto a single switch with many ports
17