PowerPoint ******
advertisement
James Won-Ki Hong Department of Computer Science and Engineering POSTECH, Korea jwkhong@postech.ac.kr POSTECH CSED702Y: Software Defined Networking 1/62 Outline OpenFlow Switches OpenFlow Controllers NOX & POX Floodlight Ryu Open Daylight (ODL) Open Network Operating System (ONOS) Conclusions POSTECH CSED702Y: Software Defined Networking 2/62 Introduction to OpenFlow Switches Hardware-based OpenFlow Switches Commercial hardware switches with OpenFlow capability • Network abstraction is realized by firmware upgrading Show high processing speed Have space limitation on saving the flow table entries • Approximately store 1500 flow entries (due to expensive CAM) Not easy to upgrade • Most switches only support OpenFlow up to version 1.0 Software-based OpenFlow Switches OpenFlow enabled software switch (runs on x86 commodity computer) Performance is relatively low Store large amount of flow entries with bound (theoretically) Under active development, support most recent OpenFlow spec. Hybrid OpenFlow Switch A virtual switch with specialized hardware device Much faster than software-based switches POSTECH CSED702Y: Software Defined Networking 3/62 Hardware-basd OpenFlow Switches Juniper MX-series NEC IP8800 WiMax (NEC) HP Procurve 5400 Netgear 7324 PC Engines Pronto 3240/3290 Ciena Coredirector More coming soon ... POSTECH CSED702Y: Software Defined Networking 4/62 Software-based OpenFlow Switches (1/3) OpenvSwitch (OVS) Overview • A virtual switch or Virtual Ethernet Bridge (VEB) • User-space: configuration, control • Kernel-space: datapath (included in main Linux kernel from v3.3) Features • Support OpenFlow protocol • Support multiple tunneling protocols • VxLAN, Ethernet over GRE, IPsec, GRE over IPsec • Fine-grained QoS Main components • • • • • • • POSTECH ovs-vswitchd: a daemon that implements the switch ovsdb-server: lightweight database server that ovs-vswitch queries to ovs-vsctl: a utility for querying and updating the config. of ovs-vswitchd ovs-dpctl: a tool for configuring and monitoring the switch kernel module ovs-ofctl: a tool for monitoring and administering OpenFlow switches ovs-controller: a simple OpenFlow controller reference implementation openvswitch.ko: OpenvSwitch switching datapath CSED702Y: Software Defined Networking 5/62 Software-based OpenFlow Switches (2/3) OpenvSwitch Architecture POSTECH CSED702Y: Software Defined Networking 6/62 Software-based OpenFlow Switches (3/3) OpenFlow Software Switch An OpenFlow compatible user-space software switch implementation The original code is based on the Stanford 1.0 reference switch Initially developed by Ericsson Research Lab The implementation is feature-complete, and passes the available oftest 1.1 test case • Compatible with most of OpenFlow controllers which support OF 1.1 CPqD version supports OpenFlow up to v1.3 Components • • • • POSTECH ofdatapath: the switch implementation ofprotocol: a secure channel for connecting the switch to the controller oflib: a library for converting to/from 1.1 wire format dpctl: a tool for configuring the switch from the console CSED702Y: Software Defined Networking 7/62 Hybrid OpenFlow Switch (1/3) Problems of Software-based Switch Cannot fully utilize the hardware resources • E.g., OVS only exploits single CPU core Tightly coupled with the OS kernel • Increase the management complexity Low performance • Massive RX interrupts handling for NIC device • Shared data access between threads competition makes bottleneck Hybrid OpenFlow Switch Separate the roles of virtual switch into two parties • Hardware: pure packet processing • Software: switch abstraction (e.g., flow table) Data Plane Development Kit (DPDK) • A set of libraries and drivers for fast packet processing • Incorporate with x86 CPU • Fast network I/O in user space POSTECH CSED702Y: Software Defined Networking 8/62 Hybrid OpenFlow Switch (2/3) Features of Hybrid OpenFlow Switch Polling-based packet handling Core assignment • Assign the polling task to a dedicated CPU core less context switching Reduction of # of access in I/O and memory Lockless-queue, batch processing Hybrid Switch with Intel DPDK Pure Software-based Switch packet handling vswitch vswitch Polling-base packet handling User space memory Socket API 2. system call (read) DPDK Library User-mode I/O & HAL 3. system call (write) Kernel space skb_buf Ethernet Driver API Ethernet Driver API POSTECH Write 4. DMA 1. Interrupt & DMA NIC 1. Read packet buffer Driver NIC packet buffer CSED702Y: Software Defined Networking 9/62 Hybrid OpenFlow Switch (3/3) Packet Processing using Multi Core CPUs Exploit many core CPUs Decouple I/O processing and flow processing Explicit thread assignment to CPU core Ring buffer NIC RX buffer NIC 1 RX NIC 2 RX NIC 3 RX NIC 4 RX I/O RX CPU0 I/O RX CPU1 Flow lookup packet processing CPU2 Flow lookup packet processing CPU3 Flow lookup packet processing CPU4 Flow lookup packet processing CPU5 POSTECH NIC TX buffer Ring buffer CSED702Y: Software Defined Networking I/O TX CPU6 I/O TX CPU7 NIC 1 TX NIC 2 TX NIC 3 TX NIC 4 TX 10/62 Introduction to OpenFlow Controller (1/2) Problem Statement New functions require new hardware • E.g., VNTag, TrustSec No support for network-wide control or high-level abstractions Distributed control reduces the controllability Management, No Controllability Network Management System (NMS) Monitor: collect network-wide statistics using CLI, SNMP, NetConf interfaces Control: No real control of packet/flow forwarding No much thing to do with monitored data… Distributed Control: … Control … Datapath F1 Switch 1 POSTECH … Fn Per-box control Config/Mgmt ≠ fine-grained control HW Functions: Inflexible Proprietary Expensive Switch n CSED702Y: Software Defined Networking 11/62 Introduction to OpenFlow Controller (2/2) Solution Need a Network Operating System (NOS), provide a uniform and centralized programmatic interface to the entire network NOS does not manage the network itself, instead it provides a programmatic interface Application Programming Interface (API) Network Operating System (NOS) External Controller Controllability: … … Datapath F1 Switch 1 POSTECH Control Fully remove to external controller Centralized control F2 F3 … Fn Switch n CSED702Y: Software Defined Networking 12/62 Pedigree Chart of OpenFlow Controllers NOX Classic: C++/Python NOX: C++ Scalability Comparison Cisco Controller (Proprietary) Trema Full-stack OpenFlow Framework in Ruby and C (Proprietary) ETRI Controller POSTECH Big Network Controller (Proprietary) CSED702Y: Software Defined Networking 13/62 POSTECH CSED702Y: Software Defined Networking 14/62 History of NOX History Started from SANE project and applied to Ethane in 2006 Ethane project was announced via SIGCOMM in 2007 Announced the OpenFlow spec 0.1.0 in Nov. 2007, spec 0.8.0 in May, 2008 NOX was initially developed by Nicira side-by-side with OpenFlow, and open sourced as the first OpenFlow controller in 2008 NOX was further developed by CPqD to support OpenFlow 1.3 in Nov. 2012 SANE Ethane NOX-Classic/NOX NOX-Classic (CPqD) SANE … SANE Network As a File System Policy Compiler Host Tracking Host Tracking Host Tracking Host Tracking Routing Routing Routing Routing Topology Topology Topology Topology OpenFlow v -2.0 OpenFlow v -1.0 OpenFlow v 1.0 OpenFlow v 1.3 POSTECH Ethane CSED702Y: Software Defined Networking Ethane … 15/62 NOX Classic vs NOX (1/2) NOX Versions Version Name NOX Classic (new) NOX Branch Name Version No. Release Date OF Spec GUI Zaku 0.9.0 2010-09-15 v1.0 Support Destiny 0.9.1 2012-07-20 v1.0 Support CPqD ver. N/A 2012-11-10 v1.3 Not support Verity 0.9.2 2012-05-11 v1.0 Not support NOX-Classic Original NOX (now, officially deprecated) C++ based SDN controller, applications can be developed using Python • Use SWIG to integrate Python with C++ Sample apps written in C++ Sample apps written in Python and C++ using SWIG lib Sample apps written in Python POSTECH CSED702Y: Software Defined Networking 16/62 NOX Classic vs NOX (2/2) NOX New NOX, separated from NOX-classic branch Only support C++ for application development Fewer default applications than NOX-classic Enhanced performance and better source readability • Written on top of Boost library No graphic user interface NOX-Classic Code Snippet POSTECH NOX Code Snippet CSED702Y: Software Defined Networking 17/62 POX Overview POX Versions Controller Name POX Branch Name Version No. Release Date OF Spec GUI Angler 0.0.0 2012 Fall v1.0 Support Betta 0.1.0 2013 Spring v1.0 Support Carp 0.2.0 2013 Fall v1.0 Support Dart 0.3.0 2014 Summer v1.0 Support POX NOX’s younger sibling implemented using Python For the rapid development and prototyping of network control software Support all OS (e.g., Linux, Mac, Windows) Can bundle with install-free PyPy runtime Performs well compared to NOX-classic Python • Note that NOX-classic does not support PyPy runtime Used for research and education purpose POSTECH CSED702Y: Software Defined Networking 18/62 NOX/POX Overview (1/4) Components Topology Discovery VLAN Tagging … Scan Detection Network Application Services New functions as software services Northbound API Northbound API Provide interface to network applications Not yet standardized Controller NOX Controller – Network OS Provide system-wide abstractions Turn networking into a software problem Southbound API Standardized OpenFlow protocol Controller, switch interoperability … OpenFlow Enabled Switches New functions as software services … POSTECH CSED702Y: Software Defined Networking 19/62 NOX/POX Overview (2/4) Granularity Choosing granularity involves trading off scalability against flexibility Observation: provides adequate information and changes slowly • Includes switch-level topology, does not include the current state of network traffic Control: scale to large networks, while providing flexible control Per-packet control Per-flow control Prefix-based routing control Coarser grained control Highest performance Finer grained control Lowest performance Switch Abstraction Switch instructions should be independent of the particular HW and support the flow-level control granularity Solution: adopt OpenFlow switch abstraction POSTECH CSED702Y: Software Defined Networking 20/62 NOX/POX Overview (3/4) Operation Observation: construct the network view • Use DNS, DHCP, LLDP and flow-initiation Control: determine whether to forward traffic, and to which route • Access control, routing and failover applications Network view generation Reactive routing Flow Table IDX SRC DST SRC P DST P 153 sw. A sw. B p2 p1 SRC DST ACT … … … … … h. A h. B p1 357 sw. B sw. A P1 p2 NOX Controller … PACKET_IN FLOW_MOD NOX Controller PACKET_OUT with LLDP PACKET_OUT with LLDP Host A OpenFlow Switch PACKET_IN Packet header Host C p2 p1 with LLDP SRC: Host A p2 p1 DST: Host B LLDP OpenFlow OpenFlow Switch B Switch A CSED702Y: Software Defined Networking POSTECH p1 p2 Host B 21/62 NOX/POX Overview (4/4) Scaling Packet level parallelization • Millions of arrival packets per second • Packets are handled by individual switches Flow level parallelization • Flow initialization rate is high but lower than packet arrival rate • Flow initialization is handled by individual controller Periodic synchronization • Network view changes slowly enough that can be maintained centrally Public Release A PoC of OpenFlow controller Follow GPL license Many network applications Source: Comparing OpenFlow Controller Paradigms Scalability: Reactive and Proactive. International Conference on Advanced Information Networking and Applications POSTECH CSED702Y: Software Defined Networking 22/62 NOX/POX Architecture Components Common L3_ learning L2_Multi Spanning_ tree Web Services Topology Discovery OpenRoads MAC_ blocker Packet_ dump Routing Host Tracking L2_ learning Authenticator Core Component API Cooperative Threading Event Harness OpenFlow API Asynchronous I/O Socket I/O POSTECH CSED702Y: Software Defined Networking File I/O 23/62 POSTECH CSED702Y: Software Defined Networking 24/62 Introduction to Floodlight Floodlight A completely open, free, OpenFlow controller developed by Big Switch Network Currently supports OpenFlow up to v1.0 Research and commercial friendly Easy to build, run, and develop Toolchain Rich set of build and debugging tools POSTECH Community of OpenFlow experts, access to commercial upgrades, and frequent testing CSED702Y: Software Defined Networking 25/62 Floodlight Overview (1/2) Floodlight Architecture Circuit Pusher (python) OpenStackQuantum Plugin (python) Your Applications … REST Applications REST API (Implement Restlet Routable Interface) Module Applications Floodlight Controller VNF PortDown Reconciliation Forwarding Hub Learning Switch Java API Firewall StaticFlow EntryPusher Module Manager Thread Pool Device Manager Topology Service Link Discovery Jython Sever Flow Cache Web UI Unit Tests Storage Memory NoSQL OpenFlow Services Switches POSTECH Packet Streamer Controller Memory PerfMon CSED702Y: Software Defined Networking Trace Counter Store 26/62 Floodlight Overview (2/2) Application Modules Forwarding: default reactive packet forwarding application Static Flow Entry Pusher • Install specific flow entry (match + action) to a specific switch Firewall • An application to apply ACL rules to allow/deny traffic based on specified match Port Down Reconciliation: reconcile flows across a network Virtual Network Filter (VNF) • Simple MAC-based network isolation application Core REST APIs Static Flow Pusher REST API • Allow the user to proactively insert/delete/list the flows to OpenFlow switch Firewall REST API • Allow the user to insert/delete/list rules for firewall POSTECH CSED702Y: Software Defined Networking 27/62 Floodlight Programming Model IFloodlightModule Java module that runs as part of Floodlight Consumes services and events exported by other modules • • • • OpenFlow (e.g., Packet-in, Packet-out…) Switch add / remove Device add / remove / move Link discovery External Application External Application Ifloodlight Module Communicates with Floodlight via REST • Static Flow Pusher REST Northbound APIs Floodlight Controller • Add flow, delete flow, list flows, removeAll flows • Normalized network state vSwitch • List hosts, list links, list switches, getStats, getCounters vSwitch • Maybe your applications? vSwitch vSwitch POSTECH CSED702Y: Software Defined Networking 28/62 Module Description TopologyManager LinkDiscovery FloodlightProvider Forwarding Maintains state of links in network Uses LLDP message Basic reactive packet forwarding module DeviceManager Manage the end-host (device) location information (mac, IP …) StorageSource DB style storage for Topology and LinkDiscovery data RestServer Implements via Restlets (restlet.org) REST API modules must implement RestletRoutable StaticFlowPusher POSTECH Maintains the topology information for the controller Receives information from LinkDiscovery module Supports the insertion and removal of static flows CSED702Y: Software Defined Networking 29/62 POSTECH CSED702Y: Software Defined Networking 30/62 Introduction to Ryu 流 Flow POSTECH 龍 Oriental Dragion, A god of water CSED702Y: Software Defined Networking 31/62 Introduction to Ryu Ryu A platform for building OpenFlow applications Manage “flow” control to enable intelligent networking Features • Generality: vendor-neutral, support open interface • Agile: not the all-purpose big monolithic “controller”, but the framework for SDN app dev. Developed & Maintained By Supportability • OpenFlow protocol – OF 1.0, OF 1.2, OF 1.3 and OF-CONFIG 1.1 • Other protocol: NetCONF, SNMP, OVSDB • Apps/libs – topology view, firewall, OpenFlow Restful, etc. • Integration with other project – OpenStack, HA with Zookeeper, IDS with snort License: Apache 2.0 POSTECH CSED702Y: Software Defined Networking 32/62 Ryu Architecture Follow Standard SDN Architecture SDN apps SDN apps SDN apps Well defined API (REST, RPC...) Ryu built-in app (Tenant Isolation, Topology Discovery, Firewall …) Ryu App Ryu App ... Event dispatcher libraries OpenFlow Parser/serializer Protocol support (OVSDB, VRRP, ...) Ryu SDN framework OpenFlow switch POSTECH OpenFlow switch Application layer Control layer Open protocols (OpenFlow, OF-config, NETConfig, OVSDB) Network device CSED702Y: Software Defined Networking 33/62 Ryu Implementation (1/2) Event Driven Event source/dispatcher/sink • Source • Call methods of the event dispatcher to generate events • Sink • Subclass of class RyuApp • Avoid race condition Event sink • Dispatcher • Decouples event sources/sinks • Dispatches events based on class of event • Knows which methods are interested in which event by methods attributes RyuApp RyuApp queue RyuApp RyuApp queue Event source Event Event dispatcher Event source Event Events are read only because it is shared with many RyuApps POSTECH dispatch RyuApp RyuApp queue Determine which RyuApp to deliver based on class of event CSED702Y: Software Defined Networking 34/62 Ryu Implementation (2/2) Connection to OpenFlow Switch Receiving loop and sending loop Sending thread: Serialize and send OF packets OFP message Event sink Receiving thread: Generates OFPEvents RyuApp RyuApp Event Send queue queue Ryu OpenFlow switch POSTECH CSED702Y: Software Defined Networking 35/62 POSTECH CSED702Y: Software Defined Networking 36/62 OpenDaylight Scope and Projects OpenDaylight Scope POSTECH CSED702Y: Software Defined Networking 37/62 OpenDaylight Scope and Projects OpenDaylight Projects 15 projects currently in bootstrap or incubation Project Description Originator Controller Modular, extensible, scalable, and multi-protocol SDN controller based on OSGi Cisco YANG Tools Java-based NETCONF and YANG tooling for OpenDaylight projects Cisco OpenFlow Protocol Library OF 1.3 protocol library implementation Pantheon OpenFlow Plugin Integration of OpenFlow protocol library in controller SAL Ericsson, IBM, Cisco Defense4All DDoS detection and mitigation framework Radware OVSDB OVSDB configuration and management protocol support Univ. of Kent ucky LISP Flow Mapping LISP plugin, LISP mapping service ConteXtrea m POSTECH CSED702Y: Software Defined Networking 38/62 OpenDaylight Scope and Projects Project Framework POSTECH CSED702Y: Software Defined Networking 39/62 OpenDaylight Controller Features of OpenDaylight Controller Built using Java OSGi Framework – Equinox • Provides Modularity & Extensibility • Bundle Life-cycle management • In-Service-Software Upgrade (ISSU) & multi-version support Service Abstraction Layer (SAL) • Provides Multi-Protocol Southbound support • Abstracts/hides southbound protocol specifics from the applications High availability & horizontal scaling using clustering Releases Hydrogen • Initial release, support OpenFlow 1.0 and 1.3 Helium • Current stable release, plan to support OpenFlow 1.5 Lithium • The next release (6/25/2015 SR1 8/13 9/24) • New project IoT Data Management (IoTDM) POSTECH CSED702Y: Software Defined Networking 40/62 Hydrogen Architecture VTN Coordinator Management GUI/CLI DDoS Protection Network Applications Orchestration & Services OpenStack Neutron OpenDaylight APIs (REST) Base Network Service Functions Topology Mgr Stats Mgr Switch Mgr Host Tracker Shortest Path Forwarding Affinity Service Network Config LISP Service OpenStack Service VTN Manager Controller Platform DOVE Mgr Service Abstraction Layer (SAL) (plug-in mgr., capability abstractions, flow programming, inventory, …) OpenFlow 1.0 1.3 OpenFlow Enabled Devices NETCONF OVSDB OVSDB enabled devices Main difference from other OpenFlow-centric controller platforms SNMP BGP-LS PCEP LISP Devices with Proprietary control plane Southbound Interfaces & Protocol Plugins Data Plane Elements (Virtual Switches, Physical Device Interfaces) VTN: Virtual Tenant Network DOVE: Distributed Overlay Virtual Ethernet DDoS: Distributed Denial Of Service LISP: Locator/Identifier Separation Protocol OVSDB: Open vSwitch DataBase Protocol BGP: Border Gateway Protocol PCEP: Path Computation Element Communication Protocol SNMP: Simple Network Management Protocol 41 POSTECH CSED702Y: Software Defined Networking 41/62 Helium Architecture VTN Coordinator Dlux UI DDoS Protection Network Applications Orchestration & Services SDNi Wrapper OpenStack Neutron AAA – AuthN filter OpenDaylight APIs (REST) Base Network Service Functions Topology Mgr Stats Mgr Switch Mgr Host Tracker OpenFlow 1.3 VTN Mgr OVSDB Neutron Open Contrail GBP Service SFC LISP Service L2 switch AAA DOCSIS SNBI service SDNI aggreg Controller Platform Service Abstraction Layer (SAL) (plug-in mgr., capability abstractions, flow programming, inventory, …) GBP renderer 1.0 Flow Rules Mgr OpenStack Service TTP OVSDB NETCONF OpenFlow Enabled Devices PCMM/ COPS SNBI SNMP OVSDB enabled devices Main difference from other OpenFlow-centric controller platforms BGP-LS PCEP LISP OPEN CONTRAIL Devices with Proprietary control plane Southbound Interfaces & Protocol Plugins Data Plane Elements (Virtual Switches, Physical Device Interfaces) VTN: Virtual Tenant Network DDoS: Distributed Denial Of Service LISP: Locator/Identifier Separation Protocol OVSDB: Open vSwitch DataBase Protocol BGP: Border Gateway Protocol PCEP: Path Computation Element Communication Protocol PCMM: Packet Cable MultiMedia SNMP: Simple Network Management Protocol 42 POSTECH CSED702Y: Software Defined Networking 42/62 OpenDaylight Controller Plugin Build Process POSTECH CSED702Y: Software Defined Networking 43/62 OpenDaylight Controller Hydrogen OpenFlow Plugin Architecture POSTECH CSED702Y: Software Defined Networking 44/62 Model-Driven SAL (1/2) Model-Driven Service Abstraction Layer (SAL) POSTECH CSED702Y: Software Defined Networking 45/62 Model-Driven SAL (2/2) Model-Driven Service Abstraction Layer (SAL) Yang tools – supporting for model-driven SAL Provides tooling to build Java bindings in yang from yang models API-Driven SAL POSTECH Model-Driven SAL CSED702Y: Software Defined Networking 46/62 POSTECH CSED702Y: Software Defined Networking 47/62 SDN Evolution and ON.LAB Non-profit, carrier and vendor neutral Provide technical shepherding, core team Build community Many organizations supports Platform Development And Beyond Demonstrations Deployments Invention 2007 – Creation of SDN Concept POSTECH 2007 – Ethane 2008 – OpenFlow 2009 – FlowVisor, Mininet, NOX 2010 – Beacon 2009 – Stanford 2010 – GENI started and grew to 20 universities 2013 – 20 more camp uses to be added 2012 –Define SDN research agenda for the coming years 2008-2011 – SIGCOMM 2011 – Open Networking Summit, Interop CSED702Y: Software Defined Networking 48/62 Introduction ONOS: Open Network Operating System SDN OS for service provider networks Key features • Scalability, high availability & performance • Northbound & southbound abstraction • Modularity • Various usage purposes, customization and development History Founded – 2012 ONOS Prototype 1 – 2013 ONOS Prototype 2 – 2013 (scalability, high availability) (performance) ONOS VERSION 1 – Open sourced on Dec 5th, 2014 POSTECH CSED702Y: Software Defined Networking 49/62 Key Performance Requirements Requirements for Supporting Service Provider Networks High throughput • 500K ~ 1M paths setups / second, 3-6M network state operations / second High volume • 500GB ~ 1TB of network state data POSTECH CSED702Y: Software Defined Networking 50/62 ONOS Tiers and Distributed Architecture Distributed Architecture Six tiered architecture Each ONOS instance is equipped with the same software stack instance 1 Northbound Abstraction • Network graph • Application intents Core • Distributed • Protocol independent Southbound Abstraction • Generalized OpenFlow • Pluggable & extensive Adapters • Multiple southbound protocol enabling layer Protocols • Self-defined protocols using generalized SDN functions POSTECH instance 2 instance 3 CSED702Y: Software Defined Networking instance 4 51/62 ONOS Graph API Network Graph (Eventually consistent) consistent) In-memory Network Graph (eventually ONOS Graph Abstraction Titan Graph DB Indexing Cassandra RAMCloud Distributed Key-Value Store Ultra-low latency distributed data store in DRAM Scale-out Instance 1 Instance 2 OpenFlow Manager+ OpenFlow Manager+ Instance 3 OpenFlow Manager+ Hazelcast Zookeeper Control Application Event Notifications Distributed Network Graph/State Control Application (Strongly Consistent) Applications Distributed Coordination Registry ONOS Architecture (Prototype 2) Host + Floodlight Host Drivers Host POSTECH CSED702Y: Software Defined Networking 52/62 ONOS Scale-Out Network Graph Global network view Distributed Network OS Instance 1 Instance 2 Instance 3 Data plane An instance is responsible for maintaining a part of network graph Control capacity can grow with network size or application need POSTECH CSED702Y: Software Defined Networking 53/62 ONOS Control Plane Failover Distributed Registry Master Master Switch SwitchAA==ONOS NONE1 Switch A = ONOS 2 Candidates = ONOS 2, Candidates = ONOS 3 ONOS 3 Distributed Network OS Host Master Master Master Switch SwitchAA==ONOS NONE1 Switch A = ONOS 2 Candidates Candidates==ONOS ONOS2, Candidates = ONOS 3 2,ONOS ONOS33 Instance 1 A Instance 2 Instance 3 E C B Master Master Switch SwitchAA==ONOS NONE1 Switch A = ONOS 2 Candidates = ONOS ONOS 2, 2, Candidates = ONOS 3 ONOS 3 D F Host Host POSTECH CSED702Y: Software Defined Networking 54/62 ONOS Distributed Core Distributed Core Responsible for all state management concerns Organized as a collection of “STORES” • E.g., topology, links, link resources and etc. State management choices (ACID vs. BASE) • ACID (Atomicity, Consistency, Isolation, Durability) • BASE (Basically Available, Soft state, Eventually consistency) State and Properties State Properties Network Topology Eventually consistent, low latency access Flow Rules, Flow Stats Eventually consistent, shardable, soft state Switch – Controller Mapping Distributed Locks Strongly consistent, slow changing Application Intents Resource Allocations Strongly consistent, durable POSTECH CSED702Y: Software Defined Networking 55/62 Network Topology State Global Network View for NB Applications State inventory of devices, hosts and links Goal: closely track the state of physical network Fully replicated fro scale and low latency access Causal consistency using logical timestamps (logical clock systems) Logical clock system (logical local time, logical global time) logical local time ↓ event sequence # <1,1> <2,1> <4,1> <2,2> <3,1> logical global time ↓ mastership term <mastership term #, seq #> POSTECH CSED702Y: Software Defined Networking 56/62 Other States States of Flow Rules and Flow Stats Switch specific state • Flow rules switch specific match-action pairs • Flow stats flow specific traffic stats Partitioned with current switch master serving as the authoritative copy • Can be fully replicated for quick failover Soft state • Inconsistencies are reconciled by refreshing from source States of Other Elements Switch to controller mapping, application intents, resource allocations Require strong consistency Possible solutions • Hazelcast based solution • Used in ONOS version 1.0 • Has some shortcoming on supporting for durability • Use of Raft consensus algorithm • Provides all the desired consistency and durability properties POSTECH CSED702Y: Software Defined Networking 57/62 Application and Intent Framework Intent Framework Programming abstraction • Intents • Compilers • Installers Execution framework • Intent service • Intent store Intents Provide a high-level interface that focuses on what should be done rather than how it is specifically programmed Abstract network complexity from applications Extend easily to produce more complex functionality through combinations of other intents POSTECH CSED702Y: Software Defined Networking 58/62 Intent Example Compiler & Installer Compiler: produce more specific Intents given the environment • E.g., find the corresponding paths between two hosts Installer: transform Intents into device commands Host to Host Intent Compilation Path Intent Path Intent Installation Flow Rule Batch Flow Rule Batch Flow Rule Batch POSTECH CSED702Y: Software Defined Networking Flow Rule Batch 59/62 Intent Framework Design Intent Framework Translates intents into device instructions (state, policy) Reacts to changing network conditions Extends dynamically to add, modify functionality (compilers, installers) POSTECH CSED702Y: Software Defined Networking 60/62 Representing Networks Network Graph Graph has basic network objects like switch, port, device and links Application computes path by traversing the links from SRC to DST Application writes each flow entry for the path Flow entry flow Flow path inport flow Flow entry outport switch switch port switch on port port port link port switch port host POSTECH on host CSED702Y: Software Defined Networking 61/62 Adapter Layer Design Consideration of Adapter ONOS supports multiple southbound protocols Adapters provide descriptions of data plane elements to the core Adapters hide protocol complexity from ONOS Device Subsystem Responsible for discovering and tracking the devices Enable operators and apps to control the devices Core model relies on the Device and Port model objects POSTECH DeviceManager OFDeviceProvider Device OpenFlowSwitch DeviceId/ElementId Dpid Port OFPortDesc MastershipRole RoleState CSED702Y: Software Defined Networking 62/62 Q&A POSTECH CSED702Y: Software Defined Networking 63/62 Comparisons on OpenFlow Controllers Remarks Back Python controllers do not support multi-threading, no scalability Beacon shows the best scalability Scalability discrepancy due to following two reasons: • Algorithm of distributing incoming messages between threads • Mechanism or the libraries used for network interaction Source: Shalimov, Alexander, et al. "Advanced study of SDN/OpenFlow controllers." Proceedings of the 9th Central & Eastern European Software Engineering Conference in Russia. ACM, 2013. POSTECH CSED702Y: Software Defined Networking 64/62
