![Page 1: Networking challenge in Container based NFV and our solution · each node has a subnet IP pool, different node has different pool. when each pod create, POD's IP is allocated Dynamicly](https://reader033.vdocuments.mx/reader033/viewer/2022042023/5e7b2af7f1390d222b31ea92/html5/thumbnails/1.jpg)
Networking challenge in Container based NFV and our solution
cong jin, zte
2018-10-12
![Page 2: Networking challenge in Container based NFV and our solution · each node has a subnet IP pool, different node has different pool. when each pod create, POD's IP is allocated Dynamicly](https://reader033.vdocuments.mx/reader033/viewer/2022042023/5e7b2af7f1390d222b31ea92/html5/thumbnails/2.jpg)
Agenda
Why container and Kubernetes
what Challenges for NFV service
Knitter solution
![Page 3: Networking challenge in Container based NFV and our solution · each node has a subnet IP pool, different node has different pool. when each pod create, POD's IP is allocated Dynamicly](https://reader033.vdocuments.mx/reader033/viewer/2022042023/5e7b2af7f1390d222b31ea92/html5/thumbnails/3.jpg)
From Monolith to Microservice Architecture
![Page 4: Networking challenge in Container based NFV and our solution · each node has a subnet IP pool, different node has different pool. when each pod create, POD's IP is allocated Dynamicly](https://reader033.vdocuments.mx/reader033/viewer/2022042023/5e7b2af7f1390d222b31ea92/html5/thumbnails/4.jpg)
Container vs VM
Lighter:Smaller Image and memory consumeFaster:Quick deployment and StartupAgiler:Easy Ship, install and migration
![Page 5: Networking challenge in Container based NFV and our solution · each node has a subnet IP pool, different node has different pool. when each pod create, POD's IP is allocated Dynamicly](https://reader033.vdocuments.mx/reader033/viewer/2022042023/5e7b2af7f1390d222b31ea92/html5/thumbnails/5.jpg)
why Kubernetes?
source: https://thenewstack.io/data-says-kubernetes-deployment-patterns/
![Page 6: Networking challenge in Container based NFV and our solution · each node has a subnet IP pool, different node has different pool. when each pod create, POD's IP is allocated Dynamicly](https://reader033.vdocuments.mx/reader033/viewer/2022042023/5e7b2af7f1390d222b31ea92/html5/thumbnails/6.jpg)
What Kubernetes offer?
service deploy and discovery
container scheduling base resource
Automated scaling and Failure self-heal
stateful service
container storage, PV/PVC
. . . . . . . . . . . . . . . .
![Page 7: Networking challenge in Container based NFV and our solution · each node has a subnet IP pool, different node has different pool. when each pod create, POD's IP is allocated Dynamicly](https://reader033.vdocuments.mx/reader033/viewer/2022042023/5e7b2af7f1390d222b31ea92/html5/thumbnails/7.jpg)
Agenda
Why container and Kubernetes
what Challenges for NFV service
Knitter solution
![Page 8: Networking challenge in Container based NFV and our solution · each node has a subnet IP pool, different node has different pool. when each pod create, POD's IP is allocated Dynamicly](https://reader033.vdocuments.mx/reader033/viewer/2022042023/5e7b2af7f1390d222b31ea92/html5/thumbnails/8.jpg)
Challenges : Network Isolation/SLA
Tenant A Tenant B
PODPOD
tenantA –network1
POD POD
tenantA –network2
tenantB –network1
tenantB –network2
K8S network : Single network plane.
Chanllenge scenarios: NFV service needs multiple
network
multiple tenant
Multiple Physical Networks: Isolation QoS
![Page 9: Networking challenge in Container based NFV and our solution · each node has a subnet IP pool, different node has different pool. when each pod create, POD's IP is allocated Dynamicly](https://reader033.vdocuments.mx/reader033/viewer/2022042023/5e7b2af7f1390d222b31ea92/html5/thumbnails/9.jpg)
Challenges: Service Registration and Discovery
K8S service mechanism :
kubeproxy can only balance the
data flow of eth0.
Kubeproxy route to backend POD
by using iptables.
Chanllenge Scenarios:
kubeproxy relay on kernel Iptables,NFV service need more High
performance mechanism.
![Page 10: Networking challenge in Container based NFV and our solution · each node has a subnet IP pool, different node has different pool. when each pod create, POD's IP is allocated Dynamicly](https://reader033.vdocuments.mx/reader033/viewer/2022042023/5e7b2af7f1390d222b31ea92/html5/thumbnails/10.jpg)
Challenges : enhanced datapath
docker 0
Container 1 Container n Container 1 Container n…
vs
native K8S
DVS (DPDK)
ServerServer
OVS/flannel SRIOV
K8S+flannel mechanism :
use docker0 to transfer data.
Chanllenge Scenarios:
enhanced container datapath:
DVS
SRIOV
DPDK
dpdk
enhance datapath for K8S
![Page 11: Networking challenge in Container based NFV and our solution · each node has a subnet IP pool, different node has different pool. when each pod create, POD's IP is allocated Dynamicly](https://reader033.vdocuments.mx/reader033/viewer/2022042023/5e7b2af7f1390d222b31ea92/html5/thumbnails/11.jpg)
Challenges: fixed Container IP
K8S+flannel mechanism :
each node has a subnet IP pool,different node has different pool.
when each pod create, POD's IP
is allocated Dynamicly from node
IP pools.
Chanllenge Scenarios:
stateful service (stateful POD)
need stable pod name,storage,IP
address. when stateful POD
recreated in another node, it hard to
keep IP unchanged.
![Page 12: Networking challenge in Container based NFV and our solution · each node has a subnet IP pool, different node has different pool. when each pod create, POD's IP is allocated Dynamicly](https://reader033.vdocuments.mx/reader033/viewer/2022042023/5e7b2af7f1390d222b31ea92/html5/thumbnails/12.jpg)
Agenda
Why container and Kubernetes
what Challenges for NFV service
Knitter solution
![Page 13: Networking challenge in Container based NFV and our solution · each node has a subnet IP pool, different node has different pool. when each pod create, POD's IP is allocated Dynamicly](https://reader033.vdocuments.mx/reader033/viewer/2022042023/5e7b2af7f1390d222b31ea92/html5/thumbnails/13.jpg)
multi-Network Solution
Server/VM
POD2POD1
Server/VM
POD4POD3
Knitter
PaaS Controller
PaaS over IaaS(underlay):based on Neutron Network of OpenStack PaaS over Baremetal:based on knitter solution
![Page 14: Networking challenge in Container based NFV and our solution · each node has a subnet IP pool, different node has different pool. when each pod create, POD's IP is allocated Dynamicly](https://reader033.vdocuments.mx/reader033/viewer/2022042023/5e7b2af7f1390d222b31ea92/html5/thumbnails/14.jpg)
Layered network structure
Docker/Pod
Service
Docker/Pod
Service
Iass network
PaaS aplication network
physical network
application network
Iaas network
physcal network
![Page 15: Networking challenge in Container based NFV and our solution · each node has a subnet IP pool, different node has different pool. when each pod create, POD's IP is allocated Dynamicly](https://reader033.vdocuments.mx/reader033/viewer/2022042023/5e7b2af7f1390d222b31ea92/html5/thumbnails/15.jpg)
Serivce Solution
default network use native K8S kube-proxy service Mechanism.
addtional network use self-defined load balance Mechanism.
![Page 16: Networking challenge in Container based NFV and our solution · each node has a subnet IP pool, different node has different pool. when each pod create, POD's IP is allocated Dynamicly](https://reader033.vdocuments.mx/reader033/viewer/2022042023/5e7b2af7f1390d222b31ea92/html5/thumbnails/16.jpg)
Knitter network Component
DPDK lib
ETCDNetwork Master Network
CNI
TECS(OpenStack)
IPAMK8S master
kubelet
K8S node
K8S Pod
REST API
container
ovs/DVS
container
K8S Pod
Vmvare
Neutron /SDN-C/vDirector
3rd IAAS
overlay
underlay
VF2
SRIOV
VF1
CNRM
underlay network: ZTE OpenStack(TECS) 3rd IaaS
baremetal
POD network interface SRIOV OVS/DVS DPDK
![Page 17: Networking challenge in Container based NFV and our solution · each node has a subnet IP pool, different node has different pool. when each pod create, POD's IP is allocated Dynamicly](https://reader033.vdocuments.mx/reader033/viewer/2022042023/5e7b2af7f1390d222b31ea92/html5/thumbnails/17.jpg)
Q&A
![Page 18: Networking challenge in Container based NFV and our solution · each node has a subnet IP pool, different node has different pool. when each pod create, POD's IP is allocated Dynamicly](https://reader033.vdocuments.mx/reader033/viewer/2022042023/5e7b2af7f1390d222b31ea92/html5/thumbnails/18.jpg)