Policy-based Orchestration of NFV Services in Software

advertisement
Policy-based Orchestration of
NFV Services in SoftwareDefined Networks
Kostas Giotis, Yiannos Kryftis, Vasilis Maglaris
Network Management & Optimal Design Laboratory (NETMODE)
School of Electrical & Computer Engineering
National Technical University of Athens
1st IEEE Conference on Network Softwarization (NetSoft 2015)
April 15th, 2015
London, UK
Trends in Telcos Industry
 Telco networks demonstrate:



Significant growth of traffic volumes
Increased data rates
Plethora of diverse network services
 SDN and NFV architectures promise:



Increased business agility (speed up services
deployment)
Decreased operational costs
Decoupling of services from the physical substrate
SDN and NFV overlook
SDN Protocols
 Multiple SDN protocols (OF,
ForCES, Cisco OpFlex)

OF is still dominant
 Delivers:



Network programmability
Decouple Data & Control
Plane
Listen & Handle Network
Events
NFV Architectures
 No standardized protocols

All approaches are based on
the ETSI specification
 Delivers:



Agile placement of
networking services
Service-driven virtual
Networks
Optimized usage of COTS
Hardware devices
Delivery of agile services through
SDN and NFV synergies
Motivation
 Formulate a baseline
architecture to facilitate
policy-driven dynamic
methods for:



management of SDN
resources
lifecycle management of VNFs
and the associated data
orchestration of multiple
diverse VNFs to deliver
Business Applications as NFV
Services (i.e. Service Chains)
Design Principles
 Modular design that decouples:




Hardware elements
VNFs
Business (NFV) Services
Orchestration
 Information Model to uniformly
describe network resources and
functions
 Instantiate and Manage NFV
Services, governed by policies
Architectural
Components
 Physical Infrastructure


Nodes
Controllers
 VNF Pool


Diverse VNFs
“Templates”
 NFV Services


Business Applications
Service Chains
 NFV Orchestrator


Mgmt Functions
Information Model
This schema permits:
• Selection of VNFs from a VNF Pool
• Use Policy-Engines to manipulate VNFs
• Combine Diverse VNFs to deliver NFV
Services
Architectural
Components
 Physical Infrastructure


Nodes
Controllers
 VNF Pool


Diverse VNFs
“Templates”
 NFV Services


Business Applications
Service Chains
 NFV Orchestrator


Mgmt Functions
Information Model
Policy
Engine:consist
Uniquely-identified
Use
abstracted
physical
substrate
resources
for:
NFV
Services
of one
orobjects:
more
VNFs, and:
Policy-based
management
ofApplications
substrate
Managed
Programmable
in an
Network
abstracted
Functions
manner
templates
• Deliver
tailor-made
Business
Agnosticwith
Isolated
instances
to the
actualVNFs
substrate
• resources
Interact
Diverse
•• VNF
Lifecycle
Management
Implement
Forwarding
Graphs (VNF-FGs)
• Orchestration of NFV Services
Policy-based NFV Orchestrator
 The management environment is divided in three layers



The lower layer concerns policy based management for OF substrate
resources, providing management enforcement methods on MOs
representing them
The middle layer deals with VNF lifecycle management. All VNF
components are represented as MOs and their methods may include
policy-based management actions to be executed on lower layer MOs
The higher layer provides policy-based Orchestration of NFV Services.
Each NFV Service extends the Managed Object Class and it includes
the methods for capturing and creating events, and performing
management actions on VNF components in the pool, based on highlevel policies
Types of Policies
 Event-Condition-Action(ECA) Policies: They enforce control and
management actions upon certain events within the managed
environment, possibly causing reconfiguration of the system
 Authorization Policies: They define what actions Users with specific Roles
can perform on Target MOs
 Role Assignment Policies: They are used to define different classes of
Users, receiving different access privileges and usage priority on specific
services provided by VNFs
Graphical overview of the classes in the
Ontology
The Policy Engine residing in the NFV Orchestrator stands for the
management environment that encompasses a collection of Managed
Objects (MOs) in hierarchical order, representing:




Policies (i.e. Event-Condition-Action (ECA), authorization, role assignment)
OF resources (i.e. Controller, Switch, Link, Port)
VNF components and
NFV services
Ponder2 Policy Framework
 For the development of VNF
Orchestrator’s policy engine, the
Ponder2 policy framework was
selected:
 It supports all aforementioned
policy types and it uses userextensible management
objects


It was extended to represent
the substrate resources, and
the NFV Services as Managed
Objects able to be managed
by the policies
Conflict Resolution
Prototype VNFs
Monitoring VNF
 Instruct for the acquisition of
flow statistics


Statistics are initially collected
at the Controller
Flow-stats request/reply event
 Capable to interface with
different types of monitoring
data managers

E.g. sFlow Collector
Network Embedder VNF
 Map virtual paths to the
physical substrate


Upon User request
Create e2e virtual links
 Clients are considered to be
large scale customers


e.g. content or alternate
providers
Do not require significant
number of identifiers (we
user VLANs)
NFV Service:
Role-based Traffic
 Monitoring and N.E. VNFs are
Engineering
chained to create RbTE instances as
a Business Application
 Client receives different type and
quality of services
 2 client tiers in prototype, regarding
traffic routing:


Tier 1: path with least utilized links (best
effort)
Tier 2: Shortest path – high priority
Case Study
Traffic Engineering for CDN Caching Nodes
 CDN Providers deploy
Caching Nodes inside
the premises of other
operators
 CDN Providers are
treated as clients
Virtual Link 1
Virtual Link 2
Virtual Link 3
CDN
Cache
Node B
CDN
Cache
Node A
Switch 1
Switch 2
s
bp
1G
EP-2
1G
bp
s
WAN
EP-1
 An Operator might
host multiple Caching
Nodes of different CDN
providers
10
0M
bp
s
Telecom
Operator
Switch 4
s
bp
0M
10
Switch 3
EP-3
Home
User A
Experimental Results
 Proof-of-concept
demonstration

Indicative Role-based
services functionality
 Future Work:


Avoid path switching for
Tier 1 clients when the
link is not saturated
Integrate a virtualization
layer through a network
hypervisor (e.g.
OpenVirtex) for isolated,
Policy-based Control
Plane management.
THANK YOU!
Kostas Giotis
coyiotis@netmode.ntua.gr
Download